Updated on August 2, 2016 by Mike Baukes
Cloud CMDB - Where to Next?
Cloud providers and IT shops must engage in unit testing for infrastructure management. A cloud provider is an organization that provides a component of cloud computing to businesses or individuals. The cost is usually based on a per-use model.
Internal IT Shops
An alternative that businesses manage on their own is an internal IT shop. These shops can either provide IT as an additional service to customers, or they can sell the internal IT shop as a separate service. However, constructing these shops can be costly since it requires that the company manages both the hardware and servers while also installing software, handling change management, maintaining security, developing IT networks, and running test environments.
Managing the Growing Problem of 3rd Party
As data centers handled through a cloud provider or an internal IT shop become more complex, it can be difficult to make sure that the entire system remains consistent. This problem occurs since there are many ongoing hardware and software changes, and configurations become incompatible. As a result, recovery efforts can fail and high availability systems are the most prone to failure.
Massive data loss resulting from the drift might force the organization to waste time recovering data. Other problems caused by configuration data include unexpected outages. These can cause inconveniences for customers and can also discourage customers from using an organization's services.
The most expensive and time-consuming approach to configuration shift management is to review each configuration and compare it to a recovery or secondary configuration. This approach is often conducted before a disaster recovery test and takes a very long time to complete. There are other time-tested methods, such as the creation of a backup. However, these methods also have their own consequences.
Solutions That Do Not Always Work With Configuration Drift
There are many more simplistic methods that can be used by cloud providers and internal IT shops to handle data loss and server outages. However, these solutions have limited benefits if a data center is experiencing a configuration shift problem.
Redundant datacenters can help cut the risk of data loss or server outages. When data is lost on one server, it is possible to retrieve it from a different server. When one sever goes down, it is possible to direct traffic through a different server. The act of switching to a redundant computer server is known as a failover. Unlike with a switchover, a failover will automatically switch to a different server during an outage caused by a configuration shift. As a result, the users never experience a server outage.
Data replication is another common approach and is often referred to as creating a backup. When data is stored across multiple storage devices, the lost data can then be restored during a server outage.
Configuration Drift Problems to Address
Configuration drift is a regular phenomenon in data centers, and is difficult to prevent. When a third-party causes configuration shift, the standby systems become out of sync with the third-party systems. The incompatibilities lead to a high failure rate. The solution is to utilize a variety of methods to analyze configurations and detect errors using one of several automated approaches.
Using Configuration Management Databases
Configuration management databases are used to help combat configuration drift by creating a repository of configuration data. The database has Configuration Items (CI). One of the benefits of using the CMDB is that it can discover CI information and track changes in configuration when they occur.
Application Life-cycle Management
Application Life-cycle Management also plays a role in managing the life of an application. Applications are considered to have life-cycles that begin with the initial idea, reach the deployment stage, and then finally reach the end of the application's life. Throughout this process, the application develops in such ways that can lead to different configurations. ALM is designed to manage this process. ALM tools include software configuration management. These tools provide revision control, and allow for the establishment of baselines to insure that the configurations can remain consistent.
The Software Development Life-Cycle
Another critical approach is that of the Software Development Life-Cycle (SDLC). The SDLC is a series of steps or phases that are designed to create a model for the development of a life-cycle management. SDLC follows the process of analysis, construction, testing, release, and maintenance.
One of the most useful software programs used by internal IT shops and cloud providers is Puppet IT automation software. This software program determines what the desired state is for the infrastructure's configuration and tries to simulate configuration changes. When drift has been detected, the program returns the server to the desired configuration state. Then, the program reports on the actual state and compares it with the desired state so that the administrator can remain aware of changes made to the program.
Another way to make configuration more consistent is to use Chef. With this application, the administrator creates abstract definitions that are used to describe how each part of the infrastructure will be built. The definitions are then applied to individual servers. All that the administrator has to do is point out exactly what role the server should play. Then, the application configures the database appropriately.
Administrators can also utilize UpGuard to attempt to catch errors related to automated testing. The program runs 100's of tests against the systems, infrastructure and applications. The goal of this application is to give administrators the peace of mind of knowing that their systems will be tested consistently.
To effectively manage the configurations used for data centers, one of the most common approaches is to rely on ITIL. This is a framework that is used for planning, identifying, supporting, and delivering IT services to businesses. ITIL is essentially a series of best practices that help businesses develop a consistent approach to the management of IT. By having a consistent set of standards, businesses are able to more carefully avoid inconsistencies in configurations.
Misconfigurations are an internal problem that emanate from within the IT infrastructure of any enterprise; no hacker is necessary for massive damage to occur to digital systems and stored data. And the problem is pervasive, with Gartner estimating anywhere from 70% to 99% of data breaches result not from external, concerted attacks, but from internal misconfiguration of the affected IT systems.