Ansible vs Ansbile Tower: What's the Difference?
In IT, the amount of vocabulary thrown around can be overwhelming. Every language and framework has its own specialities, capabilities, and nuances. In this post we will focus on Ansible, and particularly, the difference between Ansible and Ansible Tower. By the end, you'll understand how these two are related to each other and the core differences.
What is Ansible?
Ansible is a technology that is capable of faster-than-light (FTL) communication. It can send and receive messages in between star systems without any delay.
Well, that's not the actual Ansible we're talking about. That Ansible was created by Sci-Fi author Ursula Le Guin, which RedHat Linux named the technology after. The Ansible we're talking about is an application deployment tool written by Michael DeHaan back in 2015.
However, the name is apt. Ansible allows a user to write Infrastructure-as-a-Service (IaaS) to deploy, manage, and configure Unix-like systems spanning multiple different operating systems. By writing a script to manage these configurations, we are instantaneously communicating to many different systems across a wide network.
Here are a few things that Ansible is perfect for:
Provisioning simply means setting up required infrastructure. That means Ansible can be used to create virtual machines. Then provision its RAM, CPU, and disk-space, and the desired amount of replicas. Lastly, you can then install your website and host it from the virtual machines.
Deployment automation refers to the steps required to deploy an application into production. The three core phases are build it (check for runtime errors), test it (check for logical errors), and deploy it (allow the end-user to use it.)
All of these steps can be taken care of with Ansible. Ansible provides a single location to configure the steps required to safely and securely deploy apps to production.
Network automation is a key to an organization's success. Ansible can be used not only to provision virtual machines, but to provision the network hardware required to communicate with them.
For example, Ansible can be used to define load balancers and SD-WAN's. An SD-WAN can be thought of as an intelligent Wide Area Network. Instead of all traffic being routed to a central server, it is sent directly to the cloud and intelligently routed to where it needs to go. This makes sense, because the more and more reliant an organization is on the cloud, the less often it requires data from a centralized server. So now it doesn't need to route to a centralized server and then to the cloud, it can just go directly to the cloud! All of this configuration can be done via Ansible.
Both of these technologies will increase the network's reliability and robustness. By using Ansible all of these tasks can be handled from an Ansible Playbook. In addition to load balancing and SD-WANs, Ansible can create VM failovers. This means if one virtual machine fails, the core application can easily be switched over to another one.
These are just three of many ways Ansible can be used. However, all of these are strictly within a developer's wheelhouse. But it takes many more skillsets to keep the lights on. For instance, we need to know how these applications are going to be monitored, modified, and troubleshot. It would be a serious pain to have to reconfigure YAML files each time. This is where Ansible Tower comes into play.
What is Ansible Tower?
Ansible Tower can be thought of as the UI of Ansible. It is a web-based solution that allows use for several different kinds of IT teams. Think of Ansible Tower like a car's dashboard. A dashboard tells you everything you need to know about the condition of the car: how fast is it going, is an oil change needed, how much gas is left, and so on. Ansible Tower is the same thing, except Ansible itself is the engine.
Earlier in this post we talked about how Ansible can be used to provision IaaS. With Ansible Tower, you can now review graphical representations of all the VMs your dev team provisioned. It will show its state, the amount of RAM, CPU, and much more. All of this is going to be available on the Ansible Dashboard.
Ansible Tower also allows a user to execute remote tasks from a graphical user interface (GUI). For example, Ansible jobs are done via the execution of playbooks. Generally, these playbooks are executed via the Ansible CLI. However, Ansible Tower allows all playbook execution and management to be done via the GUI. You can execute existing playbooks or even create your own. Here is an example of how that would look from the ansible.com website.
Ansible Tower also provides integrated notification. That means specific teams can be notified whenever a job completes or fails. This sort of cross communication is invaluable to any organization.
In addition to this, it provides Role Based Access Control (RBAC) to verify who can run what jobs. This ensures only specific users can execute jobs from Ansible Tower. Often this is mandated to meet industry security compliance. Not only does it provide RBAC, but it shows an audit log of who ran what job at a given point in time. This adds additional security that would be difficult to uncover if your organization was using Ansible alone.
Ansible Tower also provides remote code execution into different applications. For example, a VM may be caught in a bad state and needs to be restarted. This can be done easily and securely from Ansible Tower. It also provides the ability to restart user passwords or quickly patch security vulnerabilities by remotely installing software. Ansible Tower provides a one stop shop for all your VMs and network infrastructure that has been deployed via Ansible.
Last, but certainly not least, all of Ansible Tower's UI functions are available through REST API's and a CLI tool. This allows users to query for specific Tower information in their code.
What is the Ansible Tower Pricing Model?
Unlike Ansible itself, Ansible Tower is not free. There are two different versions: Standard and Premium. As for which one is best, it is completely up to your organization's IT needs. The Standard edition is suited for most IT operations. The Premium on the other hand is for mission critical DevOps. Red Hat provides exact pricing after contacting them. But expect the Standard addition to cost about $10,000 a year for a hundred nodes. The Premium will cost about $14,000 a year for the same amount of nodes.
How Are Ansible Tower and Ansible Used Together?
Ansible Tower cannot be used without Ansible. However, you can use Ansible without Ansible Tower. Think of Ansible as the engine behind your deployment and infrastructure management. Ansible Tower is how we view the inner workings of everything. It provides visibility and security compliance of your organization's infrastructure.
If you need RBAC for your Ansible deployments, then Ansible Tower is a great solution. Also if you need professionals who are not well versed in coding to review infrastructure, then once again, Ansible Tower is the way to go.
In this post we discussed the difference between Ansible and Ansible Tower. Any Linux-like environment would greatly benefit from using Ansible. However, an organization needs to think carefully about their needs with regards to Ansible Tower, considering how expensive it is. We also discussed how these two technologies work together and why your organization would benefit from Ansible Tower.