Configuration Management

You are currently browsing the archive for the Configuration Management category.

Open source configuration automation update

August 18, 2009 in Cloud Computing, Configuration Management, Data Center Automation by jc | No comments

A while back I listed the open source configuration automation projects: bcfg2, cfengine, puppet and lcfg. Since then, three major things happened:

The puppet community has split

There was a split in the puppet community and a new project saw life as a result: Chef. Chef is describing itself as :

Chef is a systems integration framework, built to bring the benefits of configuration management to your entire infrastructure. With Chef, you can:

  • Manage your servers by writing code, not by running commands. (via Cookbooks)
  • Integrate tightly with your applications, databases, LDAP directories, and more. (via Libraries)
  • Easily configure applications that require knowledge about your entire infrastructure (”What systems are running my application?” “What is the current master database server?”)

More details about the Chef differentiators can be found here.

In a future post, I’ll explore in more details the challenges around configuration automation, and the procedural approach.

Reductive Labs received funding

Reductive Labs, the company responsible for Puppet, has received  $2 Million in funding. Puppet has been gaining traction against cfengine, but it will be interesting to see how Reductive Labs uses its funding, and how the new Chef solution is impacting this progression.

Cloud Computing brought configuration automation in the spotlight

One of the cornerstones of Cloud Computing is the automation of the infrastructure configuration. Either because you want to build a highly automated infrastructure supporting cloud users, or you are putting your application in the cloud. In both cases, infrastructure and applications configuration has to be captured, maintained and automatically provisioned. This will enable rapid scale out, fail over, or in general deployment and redeployment of the managed components.

Survey of Configuration Management Tools

September 14, 2007 in Configuration Management by jc | No comments

A while back, I tried to list the various open source configuration management tools. I just found an interesting report written by student of the Catholic University of Leuven. In this report Thomas Delaet and Wouter Joosen are reviewing BladeLogic, IBM Tivoli, Opsware, Microsoft SMS and open source projects like Bcfg2, cfengine, LCFG and puppet.

The authors are proposing an interesting taxonomy to evaluate the tools:

1. Abstraction Level: The language used by a configuration management solution can be classified at different levels of abstraction, ranging from high-level end-to-end requirements, to low-level bit-configurations.

2. Specification Language: In this section, we discuss four specification language criteria dealing with usability, domain coverage of a configuration management solution, the grouping mechanism and specifications at multiple abstraction levels.

3. Consistency: In this section, we discuss three criteria that ensure consistency in a computer infrastructure: modeling dependencies, conflict management and workflow management.

4. Distributed Management: Distributed management deals with federated management and distributes translation of configuration specifications.

The conclusion summarize the capabilities of the tools in a nice table.

open source configuration automation

January 3, 2007 in Configuration Management by admin | No comments

While looking at some open source projects in the area of configuration management and automation, I stumbled upon several projects and links, which I think might be useful to the community.

Bcfg2, developed in the Argonne National Laboratory. Licensed under 2-clause BSD-style license

Bcfg2 allows you to describe and deploy complex configurations across pools of GNU/Linux and Unix systems, leading to a consistent, reproducible, and verifiable description of your environment. Bcfg2’s visualization and reporting tools aid in your day-to-day administrative tasks. Its unique analysis features help you cope with the ever-increasing complexity of your networks.

Cfengine developed by Mark Burgess from the Oslo University College, Norway. Licensed under GPL2

It is used to implement policy-based configuration management on open systems (Unix-like environments), through the interpretation of it’s own declarative language.

The program focuses on a few key areas that scripts tend to mishandle. From a single configuration files (or set of files) you specify, using classes, your network configuration; cfengine then parses the file and carries out the instructions, warning you about errors (or fixing them) as it goes.

You can think of cfengine as a very high level language, higher than Perl or shell: a single command can result in many hundreds of operations being performed on multiple hosts. You can also use it as a net-wide front end for ‘cron.’

Puppet developed by Luke Kanies, who founded Reductive Labs. Licensed under GPL

Puppet lets you centrally manage every important aspect of your system using a cross-platform specification language that manages all the separate elements normally aggregated in different files, like users, cron jobs, and hosts, along with obviously discrete elements like packages, services, and files.

LCFG developed by Paul Anderson from the University of Edinburg. Licensed under GPL.

LCFG is a system for automatically installing and managing the configuration of large numbers of Unix systems. It is particularly suitable for sites with very diverse and rapidly changing configurations.

For a discussion of the merit of each, see this post on The Changelog.

For some more information on the Large Scale System Configuration Workgroup, see the lssconf website.

Or the following article: Automating Network Administration, by Luke A. Kanies.

OneCMDB : Open Source CMDB

January 2, 2007 in Configuration Management, ITIL by jc | No comments

In September 2006 Lokomo Systems announced the release of an open source CMDB called OneCMDB.

This is a very good start, but I would point to several issues, at first glance:

  • The model used seems to be developed in house, without any link to DMTF CIM : Why re-invent a model which already exists elsewhere ?
  • The reconciliation of discovered data with existing data seems not existent.
  • The security model seems inexistent (or I did not find it): no role based access.

I don’t want to be too harsh, but one thing I discovered when I joined BMC is that a CMDB is more than just a persistence store for an object model. It’s actually very complex, specifically the reconciliation and federation of various information sources. The CMDB is a virtually centralized repository for information residing in many, many different locations.

Another key ITIL recommendation for the CMDB, is that all modifications of the CMDB should be performed under change management control. Therefore, configuration management and change management are really tied at the hip.

I’ll try to play with this open source CMDB and explain in a bit more details the need for reconciliation, and integration with change management in some upcoming posts.

Anyway, thanks to Lokomo for releasing their sources under GPL.

CA acquired Cendura in September

October 10, 2006 in Configuration Management, Data Centers by jc | No comments

Last month, CA acquired Cendura to complement its CMDB offering. This comes after a string of consolidations

in the discovery space (see my previous post about Applications and Asset discovery landscape).

It will be interesting to watch how CA integrates Cendura’s Cohesion with its own Sonar technology :

Sonar watches and analyzes traffic on the network, and understands more than 1,700 protocols and information sources. It builds accurate maps and keeps those maps updated as resource allocations change.

Also, Cohesion is coming with an impressive set of rules that could be applied to ensure the compliance of configurations

with best practices. Integrating these rules on top of a CMDB could provide an interesting way of performing

configuration management (configuration audit) or even problem management (root cause analysis).

CA is expecting to integrate Cendura’s technology within 120 days. Lets see.

CA to release Configuration Management Database r11

June 29, 2006 in Configuration Management, ITIL by jc | No comments

CA announced today new tools as part of an offering called Service Management Accelerator.

By providing a common view of relationships and dependencies across the enterprise, CA CMDB simplifies and automates IT change and configuration management and ensures the availability of critical business processes. It delivers fast time-to-value by providing more than 70 relationship types, 140 pre-defined CI classes and 200 reports and queries out-of-the-box. With CA CMDB at the core, enterprise IT organizations can automate and integrate both ITIL Service Delivery and ITIL Service Support.

Interesting to see how it compares to other CMDBs.

EMC acquires nLayers

June 7, 2006 in Configuration Management, Data Centers, ITIL by jc | No comments

EMC just announced that it has acquired nLayers, a vendor of IT infrastructure a management tool used to discover applications, servers, and devices, and to map relationships between them.

It was named CMDB leader in a recent Forrester CMDB wave report, even though I don’t think that they really qualify as a CMDB. nLayers insight has the following features :

  • Discover and Map
  • Change Tracking
  • visualize and analyze

Which indicate that their configuration database is populated from the discovered configuration, and not from approved change requests. It is therefore impossible to know if what is observed is the correct configuration, or is the result of an out of band modification. The nLayers solution is complementary to a real CMDB, under change control, if it is interfaced with a correlation engine, and an audit process which drive either :

  • reverting the observed state to comply with the CMDB state
  • update the CMDB state after creation of a change request.

Also, it is likely that because the information is discovered, the information about the CI cannot be changed to include user defined fields, or define custom relationships between CIs (which could not map to any discovered relation).

For example, nLayers Insight could not meet the mandatory criteria required for certification by Pink Elephant for Configuration Management (and they are not in the certified toolset list)