Automate Application Configuration and Policy Deployment with Ansible
On October 3rd I’ll be presenting a live webinar in which I’ll show how to automate application configuration and policy deployment with Ansible. Register now.
Applications deployment is more than just loading the application onto some compute resources and starting it up. Applications require infrastructure, networking, and policy to govern how that application interacts with other resources. A development team might only ever focus on the application and the resources the application needs to consume and what the application provides. That’s fine, in fact it is probably a very standard model for a development team to assume that the required resources for the application are able to be retrieved by the application. As well, the development team will assume that the resources created by the application will be able to be delivered to the users.
The ability for the application to operate, communicate, migrate, be secure, and so on… Well, that’s application policy. Application policy defines things like what VLANs the application needs, what other services the application can communicate with, (e.g. databases, messages queues, web servers). Also something to consider are the ports the application communicates on. Application policy can dictate that the application can listen to these ports but needs to respond only on another port. Application policy can become very large, defining policy for load balancers, firewalls, internal communications vs. external communications. Deploying an application’s policy across all the infrastructure and services the application requires could be a fairly large task, time consuming and potentially prone to errors.
Why not Automate
Automation sounds good, you can ensure that all the policies for ports, queues, firewalls, databases, web servers, load balancers, etc. are correctly constructed and applied. Automation for application resources and policies with products like the Cisco Unified Computing System (UCS), Nexus 9000 switches, and Cisco Application Centric Infrastructure (ACI) is completely achievable with their APIs.
There are several SDKs for those APIs, in languages like Python and PowerShell and Go. Actually, you don’t even need the SDKs you could program directly to each product’s API. However, each of these APIs is a bit different than the others. The APIs authenticate and manage sessions differently. The APIs query and configure differently. The APIs encode their data differently. Each API is great and provides fantastic product functionality coverage. However, using them together could be a little frustrating.
Automation Alone is not DevOps
Running a script can automate a process but that is only part of what DevOps is. DevOps is a big and varied topic with just as many big and varied definitions. Putting some scripts together in a connected process and adding in a bit of source control with a dash of logging and team communication, now that’s DevOps!
On October 3rd I’ll be presenting a live webinar, in which I’ll show how to Automate Application Configuration and Policy Deployment with Ansible.
The webinar will cover several phases of how the components of this DevOps style came together, with each phase building upon the prior one. Starting with the “Walk” phase I’ll show how to query your resources, next in the “Run” phase I’ll look at applying configuration and finally in the “Fly” phase I’ll add in the DevOps components and practices.
The components/products in the webinar are:
- Cisco ACI
- Cisco Nexus
- Cisco UCS
- Github for source control and webhooks
- Python based webhook listener using Flask