Cloud analytics and security automation with Ansible

Abstract

The demand for instant and temporary resources in the IT departments of companies, has seen an increased over the years. This need has meant that companies do not invest in having their servers, services and applications in what is called “on premise” and more and more companies are using public clouds to host and maintain their infrastructure. Today, we hear the word of Start-up almost in every conversation and news regarding entrepreneurship or job scouting. Creating a company has become easier with the existence of clouds services or IaaS, where now any small company doesn’t need to rely solely on pure iron investment to build their IT infrastructure, now they can pay for what they are using and need at a certain moment, without the need to invest larges amount of money upfront. This fact coupled with the existence of new automation tools have created the perfect environment for automation cloud deployments and DevOps methodology. When it comes to DevOps, automation provides the means to develop and deploy faster while maintaining or even improving quality. It does this not by replacing the need for human labor but by amplifying the performance of individuals by taking over the many dull, repetitive tasks that occupy their time. It also helps by reducing the friction that arises when key, interrelated tasks are not orchestrated properly. During this project I will explain a possible architecture that could be used for a Start-up to even a full-fledged company since all the components can easily be scalable to meet the needs of the growing company. How is this going to be scalable? Well, the first thing of the bat is that we will be deploying all the services in AWS cloud, this will help us with the scalability issue regarding “iron”, then with the correct topology, we will be able to scale it logically. The cloud architecture that I will be explaining could be a perfect valid architecture for a SaaS company, where they will offer a service to the public internet. This means that as a company we will want to secure this resource and also monitor it for future problems or statistics. We will be using some free open source applications and some proprietary applications, that for a commercial release, we should buy the needed license to be fully compliant. This cloud architecture as mention before, will be composed of a service, a monitoring system, and a security tool to protect the resources that are open to the public internet. This doesn’t mean that we will be only installing three applications, since we will be needing many more in order to make our cloud infrastructure sealed to the outside world, with only a few points of entry. All of this will be deployed and configured using an automation tool called Ansible. This is an open source tool that does not require any agent on the client side making it an easy tool that only needs an SSH connection to the instances.