I am the section manager for the open system section in a county. We provide support for Red Hat Enterprise Linux, the IBM AIX platform, and, of course, Ansible Tower.
Ansible Tower was brought in to automate a lot of endpoint security software. We have an entire process where we bring up virtual machines on the x86 environment. Every time we brought up a Linux or Windows virtual machine, all the endpoint software needed to be installed after the fact by the necessary groups. That was taking a long time. If we have ten machines pop up today, going to all ten machines and installing five different endpoint security tools takes a while. Ansible helped in adding Ansible playbooks into the workflow. Now, when someone clicks and says that I want a Linux machine and provides all the information, then in the end, it spins up the machine automatically and uses Ansible Playbooks to install all the necessary pieces of software. It then gives a login and the necessary passwords for the customer to log in and start working. We now know that every time we deploy, all our endpoint security products are installed and ready to go.
The benefit is in terms of time-saving. There is more time for our team to worry about and take care of other engineering work than worrying about installing endpoints. Also, our Oracle database team is working on Ansible Playbooks to automate patching, which takes a long time to plan and do, especially in the production workloads. We are working very closely with that group.
We also work with the backup group to see how we can automate the day-to-day mundane processes. All these aspects bring us a lot of value. We are saving time, and we can also restructure and understand our necessity to have extra people on the team. We can cut down costs on that. We can reorganize ourselves to focus on much better technology, such as AI and things like that, instead of wasting time doing manual processes.
It has helped us achieve our mission. It helps to reduce the workforce and manage the time of our existing workforce. They can be more involved in new technologies such as AI. Understanding them takes time. They save a lot of time with automation.
We use other Red Hat products. We use OpenShift. When containers started taking off, which was about six to seven years ago, the government sector did not want to go into the cloud and use AWS containers. However, in our county, the customers were demanding that. They were saying that their applications are modernizing and we need to provide them with a container environment. That is when we decided to go for it. Because we were already Red Hat customers and we have been running Red Hat Enterprise Linux since 4.x, we decided to go for OpenShift. It was the same platform, and they were offering manageable containers. That is how we brought in the container platform. It is rock-solid. We had it on-prem. We have moved it to AWS, and it is great. The new thing is OpenShift Container Platform Plus which comes with a slew of additional tools. These tools help us provide the necessary application infrastructure for containers for customers.
We have Red Hat Enterprise Linux and OCP running in AWS.
It takes away a lot of work. For example, if you have five security products to install, you install the first one, test it, and make sure it works. You then install the second one, the third one, and the fourth one, and then something happens. Something breaks. All that is taken away because we have foolproof systems built into our playbooks. There is also a continuous workflow from the start until the end.
With Ansible Tower, the automation methodology is simple. There is ease of learning. It definitely reduces the training required to learn how to automate things for technical folks. It is much easier than writing bash scripts. This reduced training affects our operations or business. For example, if security folks come and say that they need to write a bash script that will go into their workflow to install, uninstall, and upgrade agents, that is a lot easier to do with Ansible Playbooks.
It helps to bring teams together. Black lines between the operations, security, and other teams are going away. Those lines are becoming more gray and light gray. There are DevOps and SecOps, and even finance is becoming FinOps. It definitely helps teams come together, and then we try our best to guide the teams, whether it is the Oracle team or security team, so that eventually they will learn to do their own playbooks. We can always be the guardrails.
It increases productivity, saves time, and even saves the cost of people working after hours trying to get these things going. It is all in the workflow.
It has definitely helped to reduce the time we spend on low-value or repetitive tasks. There is a huge difference. About 20% of my staff's time is saved. They do not have to worry about things. Once you set it, you can forget it unless there is a change or there is something different. For example, the security group comes and says that they have stopped using the Cisco product. They are using some other vendor's endpoint security. In such a case, all we have to do is change those variables, and we are done. Previously, we had to go back, use the Windows uninstall program and reinstall. This is much easier.
The most valuable feature is that it is easy to build playbooks. The learning curve is not that steep. That is one thing. The other valuable feature is all the pieces of logs and things like that where you can go and find out if something went wrong. Those are the key features.
Also, we use the OpenShift Container Platform, so it blends in very well if you want to deploy containers or namespaces. Automatic DNS, creation of DNS, collation of namespaces, and other similar things can be automated with Ansible.
We are very satisfied with what we have. From a management point of view, whatever makes it easier for my team to help customers write their own playbooks would be something very beneficial. Everything is going as a service. Creating playbooks can become much more consumer-oriented so that customers do not need to contact us to write their own playbooks. It would be great to have something that can help us do that with a few clicks like all these new languages that are there today. We used to use a lot of bash scripts to do automation, but you need to be a Unix administrator for years to even figure that out. What Ansible is providing is somewhat user-friendly, but I would extend that to be even more user-friendly for customers so that they do not have to contact a technical team to write their playbooks.
We started using it about two years ago.
It is very stable. I have not had any issues since we brought it up. I have a non-production environment and a production environment. Non-production is just for our guys to play around with. It is not as big as the production environment.
Adding resources and satisfying customer demands is easy. We have no problems with scaling out.
Their support is fantastic. I would rate them a nine out of ten because the whole team was changed after IBM bought them. The new guys are getting used to it. Whenever I call them, they are very responsive. It was sad to see the team that we were used to for six or seven years being let go. I do not know why.
We did not use a similar solution previously. We used bash scripts.
The entire Ansible solution is on-prem. The team did not have any challenges deploying it. My team has been dabbling with Red Hat since Red Hat Enterprise Linux 4.x. It was just another Red Hat box for them. It was not a major issue for them to bring up the necessary infrastructure.
It was all done in-house.
In terms of the reduction in costs, we started using it only two years ago. I have to recoup my infrastructure cost for setting up Ansible Tower. We are charging our customers. Previously, we had bash scripts. There was not a cost, but now, I have to recoup the cost of Ansible Tower licensing. Its licensing is expensive. Currently, when it comes to a customer using Ansible Tower, there is a slight additional cost, but as more customers come to use my infrastructure for Ansible Tower for automation, it will become cheaper and cheaper.
Ansible Tower is pretty expensive.
We did not evaluate other products. This was the go-to product because we were already a Red Hat shop.
Overall, I would rate it a ten out of ten. There probably is not any other easier solution to automation right now, at least for my environment because we are a Red Hat shop.
