How a Bank Built an Automated Operations Platform with Ansible and Open‑Source Tools

1 Automated Operations Background

Rapid IT development has increased system complexity and operational workload, making manual processes and traditional management insufficient. Automation is essential for realizing DevOps and AIOps concepts, especially in banking where dual‑mode architectures require stable and agile automation solutions.

Cost reduction through higher efficiency and fewer human errors.

Productivity boost by freeing staff from repetitive tasks.

High availability via automated fail‑over and recovery mechanisms.

Reliability improvement by eliminating manual mistakes.

Performance optimization through faster, more efficient workflows.

Based on these benefits, a bank explored and implemented an automated operations platform.

2 Automated Operations Platform Design

2.1 Requirements Analysis

Build a management platform integrating automated deployment, batch changes, resource management, and asset discovery.

One‑stop batch deployment for physical servers and OSes (HP‑UX, Linux, Windows).

Automated deployment on OpenStack and VMWare.

Batch installation and management of Windows security patches.

Batch OS‑level changes (patches, configuration, software).

Automatic discovery of OS‑level asset information.

Automated inspection functions.

Integration with workflow and configuration platforms for unified resource management.

Semi‑self‑service deployment and change driven by work orders.

2.2 System Architecture

Overall Design Concept

The platform connects resource, tool, platform, and application layers. It leverages private‑cloud (VMware, OpenStack) and physical bare‑metal resources, with containers gradually added to the resource layer.

Overall Application Logic Architecture

The architecture consists of resource, tool, platform, and application layers. Physical servers dominate in finance, so automated bare‑metal deployment remains critical.

Tool layer choices include Cobbler for X86 servers, Ux‑ignite for HP‑UX, and Ansible or API‑based methods for virtual platforms.

Workflow, monitoring, and configuration platforms are integrated to provide semi‑self‑service environment delivery, batch changes, automated discovery, inspection, and resource governance.

Key Implementation Solutions

Physical server deployment uses Cobbler with DHCP and PXE boot. VLANs isolate pre‑installation zones, and DHCP relays direct requests to the Cobbler server. After OS installation, servers are moved to production networks.

Major Tools Overview

Cobbler is a boot server that provides PXE‑based network installation for physical and virtual machines, managing DHCP, DNS, and package repositories.

Ignite‑UX is HP‑UX’s management tool for network‑booted installation via image backup and recovery.

WSUS is Microsoft’s free internal patch distribution system that centralizes Windows updates, reducing external bandwidth usage.

Ansible is a Python‑based automation engine offering agent‑less, module‑rich, API‑driven orchestration across Linux, Windows, virtualization, and cloud platforms.

3 Ansible Applications

3.1 Ansible Features

Ansible is described as a “radically simple IT automation engine.” It offers a large collection of built‑in modules (over 1,000 in version 2.3) covering system, virtualization, commercial software, and application layers.

3.2 Technical Capabilities

Ansible on Linux

Excellent coverage of most automation scenarios, agent‑less operation, good stability, but performance may require tuning for large‑scale deployments.

Ansible on HPUX

Limited support; only a subset of Linux modules work, and many system‑level modules are unavailable, making direct use impractical.

Ansible on Windows

Uses PowerShell scripts via the pywinrm library; requires PowerShell 3.0 and .NET 3.5 (Windows Server 2008 needs upgrade). Supports common tasks and Windows hot‑fix installation, though WSUS is preferred for patch management.

Ansible on OpenStack

Acts as an orchestration tool using modules like

os_server

and

os_volume

to provision instances, attach storage, and perform post‑deployment configuration, enabling semi‑self‑service delivery.

Summary of Ansible Technical Capabilities

Advantages : smooth learning curve, agent‑less deployment, rich module ecosystem, strong community support.

Disadvantages : relatively weaker performance, limited HPUX/Windows Server 2008 support, issues with Chinese character handling, modest logging, and weak rollback mechanisms.

3.3 Application Scenarios

Batch Changes

Used for mass agent installation, user provisioning, configuration updates (e.g., Zabbix, ELK), requiring thorough testing and version‑controlled playbooks.

Software Installation

Automates deployment of middleware such as MySQL, Oracle, JBoss, with parameterized configurations.

Environment Delivery

Leverages Ansible on virtual platforms (OpenStack, VMWare) to provision VMs, attach storage, and install software, delivering environments through a semi‑self‑service workflow.

Host Information Auto‑Discovery

Utilizes the

facts

module to collect host metadata (hostname, IP, CPU, MEM, OS version) and feeds it into a CMDB for accurate configuration management.

Other Scenarios

Application release and change management, integration with Jenkins for CI/CD pipelines, and other DevOps workflows.