Automation: The key to modern software-defined infrastructure
The heart of any good modern IT infrastructure is code that makes the software-defined systems in your data center, public clouds and edge devices consistent, repeatable and faster to deploy and recover. But modern automation is more than just a few bash scripts. At its best, it’s a layered approach to managing systems that’s at the core of any nimble DevOps environment, and SUSE solutions take advantage of this approach to help keep your systems humming.
Today’s automation tools, including Salt, Ansible, Chef, Chocolatey and Puppet, allow you to define complicated actions in an imperative way. That is, you script what you want — such as firewall rules, users, installed packages and the like — and the automation tool figures out how to make it happen, regardless of the platform. This is especially useful with complex deployments, such as Ceph, or in environments with different flavors of Linux or Windows, or system architectures with different dependencies and daemons.
With automation, you can define a server type, say, a web host, and the automation figures out how to deploy it. Want Apache running? Automation tools recognize things like daemon differences under the covers and just make it so.
In its most basic form in Salt, this might look something like this:
apache2: pkg.installed apache2 Service: service.running: - name: apache2 - enable: True - require: - pkg: apache2
That’s certainly much easier than installing individual packages, manually editing configuration files, and enabling and starting daemons. In its simplest form, these basic YAML commands ensure everything you want (and nothing you don’t) is applied to a system and kept that way over time.
This approach is also highly repeatable. By applying the same code to two or 1,000 servers, you’ll quickly have Apache running on any number of systems, no matter where they are. They’ll all be identical, and if you want to make changes, you need only edit a single file and reapply it to your servers.
Collaboration is built in
Aside from the speed with which you can do deployments, scripted automation like this is ideal for DevOps teams looking to improve workflows and ensure important business rules are enforced.
For example, networking teams can weigh in along with sysadmins and developers, and they can all prescribe their requirements before deployments happen. All their requirements can be easily scripted and reviewed, and no one has to guess about the configuration of deployed systems after the fact.
For example, you can, as a team, ensure the correct firewall ports are open, data is stored in a certain way, or only certain users have rights. That means there are fewer surprises, and if changes are needed, they can be easily reviewed by your team and applied everywhere you need them.
Moving beyond the basics
More advanced uses of automation make use of these same principles, but combine them into sophisticated solutions. Take SUSE Enterprise Storage, a Ceph solution that builds in object, block and file system gateways, OSDs, and the Ceph Dashboard quickly and easily. By taking advantage of Salt automation, SUSE Enterprise Storage — and all its complicated moving parts — can be reliably deployed (and redeployed) in about 30 minutes.
For example, here’s a snippet of a running Salt automation stage that’s applying all the services needed for a Ceph cluster:
But speed isn’t the only advantage. The Salt scripts that deploy SUSE Enterprise Storage help ensure a successful deployment because they all but remove manual configurations and human error. At the same time, the scripts are easily modified to adjust your deployment to suit the needs. Adding new storage nodes, for example, is as simple as reapplying a script, or made even simpler by having any machine with a certain hostname prefix become automatically added to your storage cluster the moment it comes online.
Day 2 management
The other key advantage of automation is keeping all your systems just the way you want them after they’re deployed. If you have a dozen machines, you can patch them manually, but if you have hundreds or even thousands, manual processes just won’t do. It’s monotonous, costly and fraught with error.
This sort of monitoring and management at scale is a core feature of SUSE Manager, which allows you and your team to use Salt- or simple ssh-based automation to keep your systems up to date. It allows you to see real-time notifications of changes and patches, and allows you to mitigate them with a few commands, even if you have a mixed-Linux environment.
Instead of manually adding the latest security patches, SUSE Manager can apply them everywhere you want — and nowhere you don’t. Automation makes it happen, abstracting away OS and architecture differences and just ensuring your systems are exactly the way you want them.
Here, you can see SUSE Manager automatically showing you the patches available for a particular system. Applying patches is as simple as selecting what you want and clicking the “Apply Patches” button. Salt (or remote ssh) makes it happen on one system or a group of many systems:
Automation makes SUSE Manager able to perform a wide range of tasks on any number of systems without you ever having to open a shell. Customizing the actions is straightforward, too. The result is sophisticated, repeatable system management with a minimum of manual intervention. That saves time and money, and lets you spend your days on all the less mundane tasks on your list.