The Art of Automation Tools — Helm, Operators, Ansible, Terraform

In modernization journey, everyone expect Automation in every single task. Today Cloud platform is coming up with number of Out of box services to help each & every aspect of Automation — Infrastructure as a Service (IaaS), Platform as a Service (PaaS), Software as a Service (SaaS), Container as a Service (CaaS) with another similar Acronym used for Configuration as a Service (CaaS) and most important is Infrastructure as Code (IaC). It is definite that Automation is very important or mission critical for future Cloud strategy.

Primarily focus is going with every Configuration piece automated and have reusable configuration for different run-times. Following are few Automation tools that works as Configuration as a Service (CaaS) in the form of Infrastructure as Code (IaC) and very popular for various aspects of automation:

1. Helm — A powerful configuration tool used for both workload and application configuration management. Some of the specifics are:

• Used as a package manager automates the process of installing, configuring, upgrading, and removing defined workload for k8s. Two key basic resources of k8s are part of default Helm Chart — Deployment & Services.
• Used to automate the installation, configuration and upgrade and removing of Applications. The App and its Configuration are package in a so-called Chart.
• Helm run as a CLI client for k8s and Chart is the application package. Chart maintain version as separate release and used for run-time change of application.

• Helm had major shift from server-side architecture (Helm v2) to client-side architecture (Helm v3). Tiller was the server-side component that managed Helm Charts and later it moved to a client-side model where all operations are perform via the Helm 3 CLI while relying on k8s RBAC for authorization and security features.

Benefits of Helm

o Deploy all the resources with a single command, specially used for k8s.

o Use variables to deploy same App with new parameters for different purpose.

o To upgrade to a new version of your chart with simple update to file.

o To automate software installation & upgrade. Ex — Database software, Apache web server, and integration software packed under IBM Cloud Pak.

o Used for dependency management in single place within Chart.

Helm Chart in Cloud Platform — {IBM Cloud Pak : an Example Use case}

o IBM Cloud Paks include pre-configured Helm charts which assemble all of the k8s resource definitions, related to a piece of IBM software and install into a target k8s cluster (called a release).

o Provide easy customization, deployment, rolled out or rolled back and maintenance using IBM’s k8s platforms, on-premises or in the cloud.

o Maintain various types of Secret key in Helm chart. Example — Registry secret, TLS secret etc.

2. Operators — These are pieces of software ease the operational complexity of running another piece of software. By building application specific knowledge and best practices about deploying and managing a software product directly into an operator, a software provider can capture domain specific expertise about operating the product, giving end-users powerful automated run time and life cycle management capabilities without requiring that same level of expertise from the end user. Some of the Specific are:

• The purpose of operators are to build application specific configuration for installation, configuration, scalable, reconfiguration, update, backup, restore.
• Kube operator Piece of software running in pod in cluster.
• Operator framework comes with Software Development Kit, life cycle manager, metering tool.
• Operators capabilities are much wider than other tools.

Benefits of Operators

o Help to consider application specific Single object for various options to handle everything starting from Pod, container, persistent volume, services & other resources.

o Operators keep flexible and powerful custom k8s resource definitions that can be used for deploying and managing containerized workloads in a k8s environment.

Operators in Cloud Platform — {IBM Cloud: an Example Use case}

o For an application needs an etcd database, just install the etcd operator and create an etcd Cluster custom resource. The etcd operator then takes care of deploying and managing the etcd cluster for the application, including day 2 operations such as backing up and restoring.

3. Ansible — It is all about configuration automation and making an administrator’s life easier by keeping sequence of instructions (play) into one place (Playbook). So rather than chaining ad-hoc commands together, you can set up a Playbook to run multiple commands at once. Ansible Automation gives teams the ability to do orchestration, configuration management, application deployment, provisioning, security and continuous delivery across the many domains of IT. Some of the specifics are:

• Each play starts by designating a target, which may be a host or group of hosts.
• Designed to install and manage software on existing servers.
• Able to declare the precise configuration results and then produce them by getting Ansible to read a playbook is Ansible’ s magic wand. Following shows example for AWS configuration.

Benefits of Ansible

o Ansible provides the Asynchronous feature to allow an operation to run asynchronously such that the status may be checked. This can prevent interruption from SSH timeouts for long running operations.

o Used as Enterprise framework for various configuration management topics. Below picture depict various use cases for Ansible and has over 450+ ready-made module contributed by Red Hat. With Ansible, following can be automated:

Ansible in Cloud Platform — {AWS & Red Hat: an Example Use cases}

o Ansible module to create all resources on AWS and tag all nodes with the functionality to be use on Openshift cluster.

o Red Hat Ansible Automation Platform can manage Infrastructure as Code (IaC) with standardized virtual infrastructure provisioning in all clouds with common, repeatable, and scalable processes and automation. Ansible Tower is an enterprise framework for controlling, securing and managing your Ansible automation with the UI and Restful API.

Terraform — It is primarily used as Provisioning tool and run as Infrastructure as Code (IaC) software. It allows users to define infrastructure components in a high-level configuration language, from which it can create an execution plan to build the infrastructure in a service provider such as IBM Cloud, AWS, Google, Azure as well as OpenStack & VMWare. Some of the Specific are:

• Provides Terraform templates to provision various infrastructures.
• Use to provide script to automate cloud instance creation and configuration.
• Terraform generates an execution plan describing what it will do to reach the desired state, and then executes it to build the described infrastructure.
• The infrastructure Terraform can manage includes low-level components such as compute instances, storage, and networking, as well as high-level components such as DNS entries, SaaS features, etc.

Benefits

o Handle the Server Orchestration, not merely configuration.

o Build Immutable infrastructure to avoid affecting existing instance of server.

o Using Declarative tool (template) with simple base code to meet desired state of various clouds.

o Follow Client-only architecture by using Cloud provider’s API for provisioning the infrastructure, which removes the need for additional security checks, running a separate configuration management server and multiple software agents.

Terraform in Cloud Platform — {IBM Cloud : an Example Use case}

o Provision the infrastructure on IBM Cloud — compute, storage, network, load balancers & IAM resources on IBM Cloud Infrastructure.

o Deploy OpenShift Container Platform on IBM Cloud.

o Setup users and authentication roles for OpenShift cluster.

Happy Automating to All !!!