Updated on April 27, 2017 by UpGuard
Ansible is a newish CM tool and orchestration engine developed and released in 2012 by its eponymous company (previously called AnsibleWorks). Unlike several other CM apps, Ansible does not utilize a master-and-minions setup – this is the main difference between it and the other big boys in the CM arena Puppet, Chef, CFEngine and Salt.
Ansible Tower is a web-based interface for managing Ansible. One of the top items in Ansible users’ wishlists was an easy-to-use UI for managing quick deployments and monitoring one’s configurations. Ansible management came up with Ansible Tower in response.
Ansible was originally developed in 2012 because of the perceived inadequacies of the leading CM tools, mainly Chef and Puppet. These were:
Dependence on Ruby: Since it’s more common to have Python libraries installed as default on Linux distros, Ansible’s creators decided to develop it in Python. But they took it even further – Ansible modules work over JSON and can therefore be written in any programming language. So no requirement to learn Ruby at all.
Overhead caused by agents: Ansible is almost unique among CM tools in using an agentless architecture. Instead it only relies on the tried and tested SSH to idempotently deploy modules to all nodes.
Modules are temporarily stored in the nodes and communicate with the controlling machine through a JSON protocol over the standard output. When Ansible is not managing nodes, it does not consume resources because no daemons or programs are executing for Ansible in the background.
However, the light weight afforded by an agentless setup also means that Ansible is not as flexible or powerful as agent-based CM’s.
Difficult to learn: Puppet and Chef use Ruby-derived languages to create commands and modules using their CLI’s. On the other hand Ansible modules and packages, called playbooks, are relatively easy to learn; they use a simpler YAML-derived syntax.
Ansible is currently available for Linux/Unix-like operating systems and Windows. It is an open-source product distributed under the GNU GPL.
About Ansible Tower
One of the major gripes from Ansible users is that it didn’t have a proper GUI. And that’s putting it mildly--the GUI was so bad that in the early days it wasn’t even properly synced to the CLI, meaning that the CLI and GUI could give you 2 different query results about the state of a certain node. This was an especially critical issue because good UI is important for occasional and new users to get comfortable and familiar with an application, before diving into the complexities of the CLI and playbook creation. Ansible itself was (and still is) rather new, so most of its users were by definition new users.
Ansible Tower, previously called the AWX project, is the fix to this problem. It is a comprehensive web-based UI for Ansible, containing the most important Ansible features, especially those that render better as graphical rather than text-based output, such as real-time node monitoring.
Ansible Tower is the easy-to-use UI and dashboard and REST API for Ansible. Centralize your Ansible infrastructure from a modern UI, featuring role-based access control, job scheduling, and graphical inventory management. Tower's REST API and CLI make it easy to embed Tower into existing tools and processes. Tower now includes real-time output of playbook runs, an all-new dashboard and expanded out-of-the-box cloud support.
Some of the important features of Ansible Tower are listed below. The full feature list is available off the Ansible website.
Role-based access control: you can set up teams and users in various roles. These can integrate with your existing LDAP or AD environment.
Job scheduling: schedule your jobs and set repetition options
Portal mode: this is a simplified view of automation jobs for newbies and less experienced Ansible users. This is an excellent feature as it truly lowers the entry barriers to starting to use Ansible.
Fully documented REST API: allows you to integrate Asible into your existing toolset and environment
Tower Dashboard: use this to quickly view a summary of your entire environment. Simplifies things for sysadmins while sipping their coffee.
Cloud integration: Tower is compatible with the major cloud environments: Amazon EC2, Rackspace, Azure.
In short, Ansible Tower is a remarkably useful add-on to Ansible, able to do much of what can be done on the CLI. It will complement, not replace, the main application by automating and presenting some of the main tasks graphically – especially the monitoring-dashboard types of tasks. As a major bonus, it also greatly helps to reduce the intimidation factor for those new to Ansible by presenting a much easier to understand visual tool. But for playbook creation, Ansible’s CLI is still your best option.
Misconfigurations are an internal problem that emanate from within the IT infrastructure of any enterprise; no hacker is necessary for massive damage to occur to digital systems and stored data. And the problem is pervasive, with Gartner estimating anywhere from 70% to 99% of data breaches result not from external, concerted attacks, but from internal misconfiguration of the affected IT systems.