Share this
Ansible Automation: See How One Senior Engineer Used Ansible to Scale His Team
by Adam Carpenter on Mar 11, 2021 1:00:00 PM
For many, Ansible is the answer they’ve been waiting for: It provides automation that empowers a single admin to do the work of a whole team—deploying, updating, provisioning, configuring, and orchestrating all with custom-designed settings. For others, Ansible—or its advantages over OEM-specific network management tools—is still a mystery.
To clear things up, we dug in with an experienced, senior network engineer with over 18 years of experience working in enterprise-level environments. Here’s what we learned.
Convenient, Flexible, and Familiar
Because Ansible is agentless and open source, it can “easily fit into most network environments without exhausting operational or capital budgets. For engineers that are exposed to the command line and Linux, the structure and interactions feel very familiar.”
Playbooks: Usability Combined with Versatility
Playbooks, written in YAML, give instructions to the managed nodes being controlled by the control node. Users often don’t have to write their own playbooks because “many of which are prepared by vendors.”
However, if you want, you can dig in and make your own. “The playbooks I have written were used for parallel discovery over hundreds of routers and switches. The results were then used to generate needed configuration changes to better align them with our best practices.”
Comfortable, Yet Different
Familiarity with Linux “is a big plus, as Ansible is written by RedHat and often used via the command line.” However, even for seasoned Linux users, Ansible introduces a different mindset: “There is a paradigm shift in how one looks at configuring a network – going from scripting to declarative statements and understanding idempotency.” Idempotency involves running the same functions repeatedly without negatively impacting the system.
Even though Ansible is renowned for its usability, it’s best to take a step-by-step approach:
“When I was introduced to Ansible, it was by a veteran who stated, “Ansible is best-learned bit by bit: learn to crawl, then walk, then run!” Ansible is flexible and one can start with existing knowledge and build off that. If you can configure a device via SSH, you can replicate that in Ansible easily using the same syntax, so I found the risk low. From there, the user will learn more complex functions and can alter code to better fit into API driven playbooks instead of SSH/CLI driven playbooks.”
Dry-Running Architectures Reduces Risk
Because Ansible enables you to perform tests of your ideas before rolling them out, an element of risk is reduced: “Ansible gives you the ability to dry-run your playbooks (scripts) without applying them to devices which helps. Once the playbooks are validated, if you are lucky enough to have a test lab, that is the place to start.”
However, those without a testing environment can still mitigate risk by introducing the automation in phases. “If you do not have a test environment (most of us!), then start with a small subset and validate. Once you are comfortable that the code matches your intent, expand out to the larger set of devices.”
Even though “most of what you do in a live environment can be tested in a lab, virtual or physical,” that’s not always the case. “Discovery of an existing environment, for example, needs to be done live and can’t be done ahead of time.”
Cisco DNA vs. Ansible: Ansible Provides More Flexibility
While Cisco DNA is a potentially powerful network management option, the fact that users have to commit to Cisco’s products presents challenges.
“Vendor lock-in is always scary, especially if the terms of licensure extend years into the future. Some risks of DNA, for example, are cost and not using the platform to its fullest capability – you want the Civic but can only get the Mercedes. Since Ansible is open source, it can be implemented without licensing or lock-in. Once one knows Ansible fits the environment, licensing and support can be purchased later. DNA licensing models do not allow for such flexibility.”
It is amazing what 18 years of experience can teach you. To dive in more, check out our ebook focusing on Ansible, network automation, SD-WAN, and more within various industries.
Pros and Cons of Using Open-Source Tools
Pros of Open-Source
- Zero software costs (it is all free).
- A big learning curve (although this would be considered a con, the benefits of having staff trained in a network automation tool may benefit future endeavors).
- Customizable capabilities tailored to specific environments.
- Multi-platform integration.
Cons of Open-Source
- Increased deployment time (usually not user-friendly).
- Lacks solid support teams.
- Command-line interfaces require extensive input of commands.
- Lacks reporting capabilities.
Integrated Security With Smart Network Capabilities
At PivIT, we want to ensure you get the best value for money and the information you need to make the right decision. Whether you decide to commit to a Cisco product or go the Ansible route, we are here to help through the entire journey.
Contact PivIT for further advice on network automation options. Our focus is to examine your CAPEX/OPEX limitations and present you with options to free up your budget and achieve your goals.
Share this
- IT Hardware Solutions (47)
- OneCall (42)
- Ways to Save (32)
- Maintenance (29)
- EXTEND (17)
- IT Trends (17)
- TPM (14)
- Upgrading Network (14)
- Servers (11)
- Field Services (8)
- Smart Hands (8)
- Maintenance Renewal (6)
- Network Servers (6)
- Storage (6)
- Cloud Solutions (5)
- IT Logistics (5)
- Sparing Integrity Program (5)
- Events (4)
- Network Management (4)
- Network Security (4)
- Asset Management (3)
- Cisco (3)
- Network Outages (3)
- OEMs (3)
- SD-WAN (3)
- 2020 (2)
- Ansible (2)
- Budgets (2)
- Cost of Downtime (2)
- Cybersecurity (2)
- Firewall (2)
- Internet (2)
- Lead Time (2)
- Network Accessories (2)
- Network Automation (2)
- OneHUB Demo (2)
- PivIT Global Team (2)
- Remote Configuration (2)
- Responsible IT (2)
- Social Impact (2)
- Software Defined Networking (2)
- Wireless (2)
- Back To Basics (1)
- Broadband (1)
- Buybacks (1)
- COVID-19 Coronavirus (1)
- Cisco Catalyst (1)
- Cisco DNA (1)
- Cisco Security (1)
- Cisco Servers (1)
- Cisco Telephony (1)
- Community Outreach (1)
- Company News (1)
- Compatible Optics (1)
- Customer Update (1)
- Edge Switches (1)
- Foster Care Appreciation (1)
- Gartner (1)
- LAN Networks (1)
- Network Protocols (1)
- OEM Comparison (1)
- Optics (1)
- Partnerships (1)
- REM (1)
- Research (1)
- Security (1)
- Server Comparisons (1)
- Telephony (1)
- Virtual Labs (1)
- cisco live (1)
- March 2024 (3)
- February 2024 (2)
- January 2024 (4)
- December 2023 (6)
- November 2023 (7)
- October 2023 (8)
- September 2023 (5)
- August 2023 (5)
- July 2023 (9)
- June 2023 (11)
- May 2023 (4)
- March 2023 (4)
- February 2023 (7)
- January 2023 (11)
- December 2022 (5)
- November 2022 (6)
- October 2022 (1)
- September 2021 (1)
- August 2021 (1)
- April 2021 (1)
- March 2021 (1)
- February 2021 (2)
- January 2021 (2)
- October 2020 (1)
- May 2020 (1)
- March 2020 (2)
- February 2020 (1)
- January 2020 (2)
- May 2019 (2)
- April 2019 (1)
No Comments Yet
Let us know what you think