Making the Path to AWS Easier with Ansible Configuration Management

By Flux7 Labs
February 11, 2016


One of the key benefits of cloud computing is the opportunity to replace up-front capital infrastructure expenses with low variable costs that scale with your business. And, while it is easy to quickly spin up hundreds or thousands of new servers in minutes with Amazon Web Services (AWS), it’s much more difficult to ensure that those new machines are configured appropriately. Enter the marriage of configuration management tools and AWS.

While most of you are likely familiar with first and second generation configuration management tools, you may be missing out on Ansible. A radically simple agentless configuration management and orchestration engine, Ansible makes apps and systems effortless to deploy. Why? Because Ansible focuses on simplicity and low learning curve, without sacrificing security and reliability. Let’s look at a few key ways the Ansible approach helps achieve multiple goals in AWS:

  • DevOps:
    Ansible’s focus on simplicity, flexibility and reusability allows both developers and IT staff to master it quickly. The foundation of DevOps is the ability of Dev and Ops to collaborate effectively to address issues without invoking a series of tickets and other time-consuming processes that burden the business. Ansible directly supports DevOps by giving both teams an easy-to-use tool they can use to collaborate in a natural fashion, thus streamlining the DevOps promise to bring solutions to market faster, giving the business the ability to focus less on execution and more on strategy.

  • Security:
    While great for school kids, snowflakes are an unwelcome guest in your AWS environment. Ensuring security requires three elements: (1) avoid manual setup because a manually done setup is hard to audit and hence more prone to having an unintended hole, (2) updates are regular and not manual because controls can get accidentally removed in the process, and (3) the updates and software upgrades are regular, which implicitly requires the upgrade processes to be easy. Ansible helps with all three requirements. If a setup is provisioned using Ansible, relevant policies can be baked in the Ansible configuration files. Rather than manual upgrades, an upgrade becomes an upgrade to an Ansible config file, which can be deployed with confidence that it will not have unintended consequences. Thus, Ansible is a good example of a tool where Developers, Ops and Security all benefit at the same time.

  • Operational Efficiency:
    Ansible uses a very simple language (YAML, in the form of Ansible playbooks, which we’ll discuss more in a future post) that can be used to define, deploy and manage a wide variety of AWS services. Even the most complicated of AWS environments can be easily explained in Ansible playbooks that allow you to describe your automation jobs in a way that approaches plain English. The result: your team can work faster and spend more time on strategic work, while new team members can hit the ground running.

Ansible’s consistency, repeatability and predictability is a boon to organizations looking to maximize AWS efficiency and efficacy. It not only speeds the deployment process, but does so in a flexible, easy-to-learn way that paves the path for Dev and Ops collaboration: DevOps success. To learn more about our partnership with Ansible and how we at Flux7 use it as part of our unique blend of tools and services to build self-healing, scalable and stable environments that meet your organization’s needs, check out our earlier blog post on the topic.