Ansible for WSO2 deployments

Source: https://enterprise-architecture.mytechmag.com/how-enterprise-networking-is-evolving-in-recent-times-and-why-is-it-so-important-for-businesses-1288.html

Greeting to everyone! Hope you are doing well. In the post, I am going to discuss how to design and manage your deployments with Ansible. Here are some extracts that we are going to cover.

• What’s Ansible?
• Why Ansible?
• Keywords in Ansible deployments
• How does Ansible work?
• WSO2 Ansible flow?
• WSO2 APIM Ansible deployment
• Define Pack Location
• WSO2 updates flow
• Persisting Artifacts
• Load Balancing
• WSO2 Ansible resources

✏️ What’s Ansible?

Ansible is a radically simple IT automation engine that automates Cloud provisioning, Configuration management, Application deployment, Intra-service orchestration, Updates on workstations and servers, and finally Nearly anything a systems administrator does on a weekly or daily basis.

✏️ Why Ansible?

Ansible is easy to use with a low learning curve. Due to that, this is considered as a simple language. Also, the Ansible is designed with agent-less architecture unlikely the Puppet and it is using SSH for communications. In addition to that it is declarative(no need to specify the procedure by the programmer)[1] and idempotent(can be applied multiple times without changing the result).

Due to the above facts, we can use Ansible to minimize human errors by automating system administration and to minimize the automation cost when expanding your business while having centralized control over a large system.

✏️ Keywords in Ansible deployments

🏌 Playbook : Configuration file written in YAML that provides instructions for what needs to be done in order to bring a Host-node into the desired state.

🏌 Inventory : Provides the list of the hosts in details where the modules need to be run.

🏌 Management Node : Controls the entire execution of the Playbook by making ssh connection, and executes the modules on the host machines.

🏌 Host Node : Controlled nodes through the Ansible playbook by Management node.

🏌 Group : Separation of set of host nodes depending on common points.

🏌Ansible Modules : The modules are discrete units of code that can be used from the command line or in a playbook task. Ansible ships with several modules that are called module library[2].

✏️ How does Ansible works?

Ansible works by connecting to host nodes and pushing out small programs called as ansible modules. Then it executes these modules over SSH by default and collects return values. Then remove them(modules) when finished with expected return values.

✏️ WSO2 Ansible flow

The inventory includes the Group variables and Host node variables. The specific roles and their tasks with templates are included in the role configurations. Also, the respective files that were used in the above-mentioned configurations are separately defined under the files section.
In addition to that, the additional tasks are defined under the common tasks. So the playbook will use all of the above configurations accordingly as per the defined modules.

✏️ WSO2 APIM(3.2.0) Ansible deployment

For ease of understanding, I have designed a complete flow diagram in two parts.

✏️ Define Pack Location

In APIM-3.2.0 Ansible flow, two approaches to provide the APIM packs,

✋ Local : Place the APIM pack into the ‘<HOME>/files/packs’ directory.

pack_location: local

✋ Remote : Place the APIM pack into a remote location in the host machine.

pack_location: remote
remote_pack: “/mnt/wso2am-3.2.0.zip”

✏️ WSO2 updates flow

🍀 WSO2 provides a script(‘<HOME>/scripts/update.sh’) to update the APIM pack via WSO2 Updates[3].

🍀 Single command to update the APIM server.

./update.sh -p <profile-name>

Example command for APIM all in one node.

./update.sh -p apim

🍀 After a successful update, the updated pack will be placed in the ‘<HOME>/files/packs’ directory by replacing the existing pack

Available update profiles:

• apim
• apim-km
• apim-publisher
• apim-gateway
• apim-tm
• apim-devportal
• apim-analytics
• apim-analytics-dashboard
• apim-analytics-worker

✏️ Persisting Artifacts

It is required to share the persistent and runtime artifacts among the servers as below.

⏳ All the APIM nodes

‘<wso2am-3.2.0>/repository/tenants’

⏳ GW nodes -

‘<wso2am-3.2.0>/repository/deployment/server/synapse-configs’
‘<wso2am-3.2.0>/repository/resources/security/client-truststore.jks’

⏳ Traffic-Manager nodes

‘<wso2am-3.2.0>/repository/deployment/server/executionplans’

⏳APIM-Analytics-worker nodes

‘<wso2am-analytics-3.2.0>/wso2/worker/deployment/siddhi-files’

This needs to be performed by a separate automation flow(like NFS) and does not include in current Ansible resources.

✏️ Load Balancing

Current Ansible resources, do not include the Load-Balancer configuration steps as the suitable Load balancer selection is up to the developer depending on their usages.

Sample Nginx configurations are available in documentation[4].

✏️ WSO2 Ansible resources

The sample WSO2 Ansible resources can be found from the below links.

• APIM : https://github.com/wso2/ansible-apim/tree/3.2.x
• IS : https://github.com/wso2/ansible-is
• EI : https://github.com/wso2/ansible-ei

Hope you find the blog post useful!! 😃 😎

References

[1] - https://www.quora.com/Is-Ansible-procedural-or-declarative
[2] - https://docs.ansible.com/ansible/2.8/modules/modules_by_category.html
[3] - https://wso2.com/updates/
[4] - https://apim.docs.wso2.com/en/latest/install-and-setup/setup/setting-up-proxy-server-and-the-load-balancer/configuring-the-proxy-server-and-the-load-balancer/