Defining the server life cycle in IT automation

By: Pedro Soares

While IT automation is common in today’s digital age, how much are you really using just to keep servers and virtual images updated? While many solutions address only parts of the life cycle, most systems will be online for a while. It’s important to automate the way they’re kept compliant, the way changes are applied and any decommissioning. In a perfect scenario, an automated and approved change with no interactive login would update all systems. This method could also rebuild on every change to ensure adherence to a compliant master image.

However, even with this strategy, the majority of systems in production will be online for days, months or even years. It’s vital to prevent deviations that impact the risk level each system can cope with. Therefore, a management solution must make sure:

  • All systems are compliant.
  • Compliance is checked and deviations corrected automatically.
  • A catalog of pre-approved changes is executed automatically.
  • Decommission ensures appropriate disposal of data and assets.

Building systems

Standardization is the first step to building systems. To cope with this level of IT automation, set up a strong catalog and a clear set of parameters that establish what it means for a system to be compliant. To automate the whole data center, you must know the number of configuration possibilities and make sure that number isn’t too big.

Be sure to factor in master configuration updates, including new fixes, as well as entirely new configurations like a fresh operating system, middleware or topology. Any new configurations must include a set of parameters required for compliance.

Checking for compliance

To ensure all defined parameters are met, run a compliance check continuously for all online systems. And when deviations are found, make sure to automate the process to mitigate the gap as much as possible. If a system has too many gaps, this could be a symptom of something wrong with the checking mechanism or process. In this case, make sure to immediately flag and escalate it.

Automating change

To perform recurring changes within certain limits without human intervention, you can also automate and pre-approve some compliance gaps. Make sure to conduct this IT automation on proven processes. When done correctly, this will reduce not only the change time but also the possibility of incidents, ultimately reducing risk. These changes will enhance the original catalog as additional services that can be requested.

Removing a system

Just as all builds must follow a process to ensure the system is ready for production, removing a system must also follow a strict path. Always update all configuration and asset management repositories to reflect the system removal. Critical systems should also receive some level of dependency checking. When physical assets are involved, make sure to handle them according to depreciation rules by either disassembling them or making them available for use. If an asset is based on virtual capacity, return the freed amounts to the available pool. And don’t forget to apply the appropriate data deletion mechanism according to the classification level in the system.

For more on this, follow me on Twitter @pgspsoares.

Topics: , ,

About The Author

Pedro Soares

Executive Architect, IBM

Pedro Soares is an Executive Architect working for IBM Global Technology Services. He's been creating IT solutions for more than 20 years, and mostly for IBM. Started as a Systems Engineer on Operating Systems and then moved to a more Network oriented perspective, then IT Systems Management, a bit of Security, and for the last... Read more