Swisscom automates IT with Red Hat Ansible Automation

To stay competitive in the challenging network infrastructure market, Swisscom needed a tool for enterprise-wide IT and network automation. With help from Red Hat, a trusted vendor, the service provider used Red Hat Ansible Automation Platform to automate management of around 15,000 components, including servers, firewalls, network devices, and storage devices. Ansible’s self-service provisioning and role-based access capabilities also help Swisscom’s teams focus on more valuable development projects and accelerate response times for resource requests.
 

BENEFITS

• Anticipated saving approximately 3,000 hours per year in manual operating system tasks
• Implemented self-service capabilities for IT tasks, simplifying and accelerating common tasks
• Improved collaboration with standardized playbooks and monthly sync meetings

IMPROVING I.T. MANAGEMENT EFFICIENCY

Swisscom, Switzerland’s largest telecommunications company and one of its leading IT companies, provides network infrastructure and related services to residential and business customers for the telecommunications, IT, media, and entertainment industries. To continue to successfully operate in highly competitive markets, Swisscom constantly seeks ways to reduce costs, work more efficiently, and speed response times.

As part of these ongoing efforts, the company sought to automate its IT processes, systems, and components. “We have a lot of different network platforms across different datacenters, but we didn’t have a central automation solution,” said Bojan Nikolic, head of IT service delivery at Swisscom. “Our approach was based on scripts, using different closed-source tools for different platforms, and we were looking for something more centralized.”

AUTOMATING WITH A TRUSTED PARTNER

To find a solution, Swisscom turned to long-time vendor Red Hat. Swisscom had successfully used Red Hat software in its IT environment for many years, including Red Hat Enterprise Linux, Red Hat Enterprise Linux for SAP Solutions, Red Hat OpenStack^® Platform, and Red Hat OpenShift^® Container Platform. With help from Red Hat Consulting, the service provider completed a proof of concept (POC) for Red Hat Ansible Automation Platform, a centralized API and user interface for enterprise-wide automation.

“We chose Ansible partly because it’s easy to use and learn. You can make very fast progress compared to other configuration management tools,” said Nikolic. “We also liked that it has a large and rich API we can use to integrate with other tools. We have several use cases, especially in regards to self-service capabilities, where the API will be very helpful. Another factor in our decision was that Ansible is agentless, so we don’t need to deploy and maintain agents on each endpoint.”

Swisscom deployed Ansible Automation Platform for automation and orchestration across multiple environments with different network configurations. After production implementation is complete, 5 teams of

80 users will use Ansible to automate management of about 15,000 components, such as servers, firewalls, network devices, and storage devices. “Our team that manages Red Hat Enterprise Linux servers for internal and enterprise customers now uses Ansible to manage several thousand servers, such as those supporting our Bluewin email service. We’re mainly automating the operating system itself, as well as security patching, new server provisioning, and other post-installation actions,” said Nikolic.

SPEEDING WORK WITH MORE EFFICIENT PROCESSES

ANTICIPATED TIME SAVINGS

Swisscom anticipates that the automation capabilities provided by Red Hat Ansible Automation Platform will save an estimated average of 3,000 hours of operations management time per year. Automating manual tasks will free its engineers to focus on developing new, innovative projects instead of repetitive work, generating further time savings.

In addition, streamlining routine manual tasks helps Swisscom scale its products and services to meet changing demand with the same amount of staff. Request response times are significantly faster, with time to deploy reduced from hours to minutes.

“With our current deployment, we can save many operation hours and invest the time of our engineers in more valuable tasks,” said Nikolic. “For networking, we have a lot of different zones. Ansible helps us with the group instances feature, so we can deploy small satellites and reach all of our servers from one dashboard.”

ROLE-BASED, SELF-SERVICE ACCESS

One of the key features of Red Hat Ansible Automation Platform for Swisscom is role-based access. This capability—not available in the community version of Ansible—lets employees in a broad range of jobs complete tasks and actions, instead of waiting for access permission to be granted manually.

For example, Swisscom’s operating system team previously had to coordinate maintenance and patching with the Bluewin Mail application team, causing delays. Ansible can import playbooks from both teams, with permissions defined by role-based access. As a result, the Bluewin application team can complete relevant operating system tasks themselves, such as patching or rebooting servers.

“Self-service is one of our most important goals. We want to enable our partners, customers, and colleagues to carry out tasks that they usually cannot access independently, using Ansible role-based access mode or the API,” said Nikolic. “Users will not have to wait on an operating system engineer but will be able to do the work themselves.”

MORE EFFECTIVE COLLABORATION

With unified automation and orchestration through Ansible Automation Platform, Swisscom’s various teams can now better collaborate on shared projects. “We can combine, centralize, and share our Ansible Playbooks with the application and database teams, for example, improving quality and standardization. For example, an applications expert doesn’t have to write an operating system patch playbook, something that’s outside their area of expertise, resulting in fewer errors and therefore fewer outages,” said Nikolic.

Ansible also lets Swisscom’s teams define specific inventories for running playbooks and give access to other teams or employees to run processes on servers, without requiring local server access. As a result, teams can focus on their core work, and tasks are completed more accurately. Swisscom’s teams have also established an internal Ansible community that meets regularly to share their experiences with Ansible and coordinate how it is used—including preventing license duplication through transparency on how the automation platform is used.

FINDING NEW WAYS TO AUTOMATE

With Red Hat Ansible Automation Platform in use by multiple teams, Swisscom is constantly discovering new use cases. The service provider plans to use Ansible to manage its email anti-abuse system, automate firewalls, and orchestrate complex application deployments. In addition, Swisscom is planning to use Ansible to automate and orchestrate its Oracle Exadata databases.

“Our backlog is filled with ideas for automating tasks across several teams. For example, we want to establish more effective collaboration between teams and improve end-to-end quality, from our operating system to our customer-facing service,” said Nikolic. “We’re very pleased with the progress of the project with Ansible and we’re ecstatic to have a central solution for automation.”

ABOUT SWISSCOM

Swisscom, Switzerland’s leading telecommunications company and one of its leading IT companies, is headquartered in Ittigen, close to the capital city Bern. Swisscom’s international activities are concentrated mainly in Italy, where its subsidiary Fastweb is one of the biggest broadband providers. About 20,000 employees generated sales of CHF 5.8 billion in the first half of 2018. Swisscom is one of the most sustainable companies in Switzerland and Europe.