Why is configuration management important?
Software configuration management is a fundamental process for maintaining consistency. Get the most out of it with Ansible.
What is software configuration management?
Software Configuration Management, or SCM, is a systems engineering process for establishing and maintaining the consistency of a product or service. IT service management uses this process for tracking and controlling changes in the software.
SCM practices include revision control and establishing baselines. When set up properly, Software Configuration Management specifies what was changed and who changed it if anything goes wrong. SCM can then tell us how to replicate this configuration across many hosts.
Configuration management ensures the consistency of all systems in the infrastructure that is maintained, which is achieved by using a configuration file. With the configuration file, you can affect many servers by just changing up a few lines of code. Think of a general ruling that can be sent over to multiple servers or nodes.
Thanks to using a unified configuration file, a team can script all of their updates and changes with a single source of truth. In this sense, configuration management tracks different designs and technical specifications and allows fitting replacement parts into a system.
There are five main elements of configuration management:
- Version control
- Baseline & release information
- Audits & Reviews
- Documented processes
- Build, integrate and deploy scripts
Why is configuration management relevant? It lets you seamlessly control systems in a unified, automated, and audited way. As such, configuration management allows for:
- Identification of configuration, configuration items, and baselines
- Implementation of a controlled change process
- Configuration status accounting and auditing
- General management of builds, processes, and environments
- Defect tracking and traceability to the primary source
- Teamwork and collaboration
We can think about Configuration Management in the abstract, but the best way to know more about it is to look into a tool that does the job. Below, we will describe Ansible and the benefits it provides for SCM.
What is Ansible?
An ansible is a fictional device capable of near-instantaneous and faster-than-light communication created in 1966 by Ursula K. Le Guin. What? That’s not it? Oh, I’m sorry, I must have mixed up my notes.
Ansible is open-source software for configuration management and application-deployment tool that enables infrastructure as code. We’ve talked about it before in our open-source automation tools guide, and we maintain our love for it.
Ansible is used to automate IT tasks, so more on the Operations side of DevOps. Let's consider there are ten servers where an app is running, and every server needs to be updated. We have two options: we could go into each server individually and manually update it or, as the lazy but savvy apes we are, automate the hell out of it. Here is where Ansible enters the field.
When looking into repetitive tasks like updates, backups, system reboots, assigning groups, creating users, and assigning permissions, Ansible can be a lifesaver thanks to some of its features. Ansible is a mass SSH deployment language that is very easy to approach and allows you to simplify automation using a simple language called YAML.
YAML used to stand for “Yet Another Markup Language” and now, confusingly, stands for “YAML Ain’t Markup Language” (Don’t shoot the messenger, I don’t fully understand it myself). What I know for sure is that Ansible uses YAML and doesn’t require learning any particular language. Why is that? Because YAML was meant to be read by both computers and humans, making it easy to understand and pretty straightforward.
What can you do with Ansible then?
- Execute tasks from your own machine remotely instead of accessing each server.
- Configure, install, and deploy by setting up all the steps in a single YAML file instead of manual and shell scripts.
- Re-use the same file multiple times and for different environments.
- Work more reliably and less prone to human errors.
Ansible is then a more efficient and less time-consuming path to configuration management through automation and orchestration, but how does it work?
How does Ansible work?
Ansible is a declarative language—what you want as a result instead of the steps to get there—that works with modules (love modular things, it’s the Lego heritage, you know?) that do the work by dividing processes to the minimum possible tasks. As you might recall from our previous article, that’s the basis of automation. Take that repetitive task you don’t want to do anymore, chop it into pieces, and automate them all the way.
Modules work from the primary server and are pushed to the target servers outside of it. There, they do their job and get removed. By being so granular, they do specific tasks and are cataloged by them. There is even a module index in Ansible’s official documentation.
Thanks to Ansible working with a set of modules in an organized manner, there are many added benefits:
- It supports all infrastructure, from operating systems to cloud providers.
- It is agentless, meaning there is no need to install anything on the servers.
- Ansible allows an IT specialist to manage a whole fleet of servers remotely.
- There is no deployment effort at the beginning and no upgrade effort in the long run.
How to manage complex configurations with Ansible
You might be wondering how to handle complex configurations with Ansible. If it’s all modules and pushing updates to the servers, does that mean each module has to be treated separately? Luckily, no.
Using Ansible Playbooks, you can arrange multiple modules together and in a specific sequence. These sequential modules are grouped into tasks with their corresponding description. After creating a playbook, you can execute these modules sequentially, facilitating longer processes at the push of a button.
That means that one playbook equals one or more plays. The playbook describes how and in which order the modules are run. Including at what time, where (on which machines), and what modules should be executed. In that sense, Ansible orchestrates the module execution, and that’s not the same as automation.
Extra considerations for Ansible
Redhat owns Ansible, and even if the tool is free and open source, there is a paid extra: Ansible Tower, which provides a dashboard with a graphical user interface. There, you can centrally store automation tasks that work across teams and configure permissions, manage your inventory, and keep track of which jobs have run and their health status.
There are some alternatives to Ansible. As a configuration management tool, it’s not the only one, but it’s the easiest. The other two tools are Puppet and Chef. While Ansible uses YAML, the others use Ruby, which requires additional coding knowledge. Ansible is an agentless tool, while the others require installation. That also comes with the need for managing updates on target systems.
Finally, these automation tools make sense for complex environments where multiple servers run simultaneously. They prevent human error and dreary time-consuming work. They are a fundamental component of the DevOps toolkit and should be part of any team working on complex projects.
IT automation is not going away anytime soon. Nowadays, building, testing, and deployment automation might be taken for granted, but the amount of time, work, and money saved is tremendous. By setting up a server remotely, you can keep consistent environments creating the most efficient workflow.
At Awkbit, we know that configuration management is needed everywhere, whether to configure infrastructure, do OS patches, run services, or install things on multiple virtual machines. At the same time, we value automation and orchestration as they allow our favorite humans to use their time in more creative ways.
Are you ready to leave tedious tasks behind and focus on the humane part of your business?