Defining the server life cycle in IT automation
While IT automation is common in today’s digital age, how much are you really using just to keep servers and virtual images updated? While many solutions address only parts of the life cycle, most systems will be online for a while. It’s important to automate the way they’re kept compliant, the way changes are applied and any decommissioning. In a perfect scenario, an automated and approved change with no interactive login would update all systems. This method could also rebuild on every change to ensure adherence to a compliant master image.
However, even with this strategy, the majority of systems in production will be online for days, months or even years. It’s vital to prevent deviations that impact the risk level each system can cope with. Therefore, a management solution must make sure:
- All systems are compliant.
- Compliance is checked and deviations corrected automatically.
- A catalog of pre-approved changes is executed automatically.
- Decommission ensures appropriate disposal of data and assets.
Standardization is the first step to building systems. To cope with this level of IT automation, set up a strong catalog and a clear set of parameters that establish what it means for a system to be compliant. To automate the whole data center, you must know the number of configuration possibilities and make sure that number isn’t too big.
Be sure to factor in master configuration updates, including new fixes, as well as entirely new configurations like a fresh operating system, middleware or topology. Any new configurations must include a set of parameters required for compliance.
Checking for compliance
To ensure all defined parameters are met, run a compliance check continuously for all online systems. And when deviations are found, make sure to automate the process to mitigate the gap as much as possible. If a system has too many gaps, this could be a symptom of something wrong with the checking mechanism or process. In this case, make sure to immediately flag and escalate it.
To perform recurring changes within certain limits without human intervention, you can also automate and pre-approve some compliance gaps. Make sure to conduct this IT automation on proven processes. When done correctly, this will reduce not only the change time but also the possibility of incidents, ultimately reducing risk. These changes will enhance the original catalog as additional services that can be requested.
Removing a system
Just as all builds must follow a process to ensure the system is ready for production, removing a system must also follow a strict path. Always update all configuration and asset management repositories to reflect the system removal. Critical systems should also receive some level of dependency checking. When physical assets are involved, make sure to handle them according to depreciation rules by either disassembling them or making them available for use. If an asset is based on virtual capacity, return the freed amounts to the available pool. And don’t forget to apply the appropriate data deletion mechanism according to the classification level in the system.
For more on this, follow me on Twitter @pgspsoares.