BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Configuration management (CM) is a governance and systems engineering process for ensuring consistency among physical and logical assets in an operational environment. The configuration management process seeks to identify and track individual configuration items (CIs), documenting functional capabilities, and interdependencies. Administrators, technicians, and software developers can use configuration management tools to verify the effect a change to one configuration item has on other systems.
Configuration management is one of the operational processes identified in the IT Infrastructure Library (ITIL) service management framework, although an enterprise need not adopt the ITIL framework to perform configuration management. Configuration management is referred to as Service Asset and Configuration Management in ITIL V3.
For a configuration management system to operate, it needs some form of mechanism in which to store the information it governs. Originally, this was called the configuration management database (CMDB); ITIL V3 introduced the concept of a configuration management system (CMS) to replace the CMDB. The CMDB promotes a concept of a singular monolithic repository, while the CMS provides a conceptualized system of CMDBs that act together to support the needs of this governance process. Both demonstrate advantages over a static configuration management spreadsheet or a text file that requires significant manual upkeep and cannot integrate base workflows and best practices.
Every service management tool is deployed with a supporting data repository. Without the governance process of configuration management validating its contents, the repository is simply an operational database with unverified data, not a CMDB or CMS. Automated configuration audit and verification components entitle a repository to be leveraged as an authorized gold source of assets. A manual audit is also possible. Special configuration management software is available, such as BMC Software's Atrium and Hewlett Packard Enterprise's Universal Configuration Management Database.
A configuration management process and its supporting repository, CMDB or CMS, face the challenge of overlapping and contradicting data from sources across the enterprise. The configuration management plan must include a way to merge and reconcile CIs to present a single point of reference or sole source of truth.
Key benefits of configuration management
A configuration management tool can improve the organization's change-impact analysis, reducing the outages caused by production changes. Without configuration management in place, it is nearly impossible to understand the impact of any changes to an environment.
Configuration management combines valid service models, CI interdependency mapping and correlations made between CIs and requests for changes to help restore services faster during an outage.
An organization may achieve improved service delivery, as measured by mean time to repair and mean time between failures. Other metrics can improve, such as time spent searching for data, data quality, and accurate reporting on the IT estate.
A configuration management system provides audit and compliance support in historical operational accounting of devices and their utilization and modifications.
There are several potential business benefits to consider in a configuration management plan. Lower operational costs result from better understanding the total cost of ownership for the current IT service model. Organizational security improves when the company can detect unauthorized changes. The correlation between CIs and operational processes -- and how these support business services or affect key performance indicators -- can enable more informed business decisions.
Change and asset management
Change management and configuration management are complementary but not identical processes. Change management seeks to govern and ensure only authorized modifications are made to an item while mitigating risk and impact to the whole. Change management is implemented via an established business process, such as a change advisory board reviewing requests for change. Configuration management deals with the identification, maintenance, reporting on and verification of items and their interrelationships.
The most in-depth utilization of the configuration management process is considered to be within the military and engineering establishment as part of its comprehensive change management lifecycle. These environments demand the level of scrutiny, audit, and verification that configuration management offers. This is especially the case when integrated with information security processes.
Configuration management also differs from asset management in that it does not seek to manage the financial accounting aspects of the CI. Asset and configuration management share a common core of data about items and devices, used for different objectives and goals. A CI could be an asset but does not have to be. The same is true for an asset: It may or may not be a CI.
Configuration and asset management govern the items under different lifecycles. For example, asset management manages a server from procurement through the disposal. Configuration management is only aware of this server while it is associated with a given service or services. If the service is discontinued, asset management will continue to govern the server's financial relevance, while configuration management will no longer have active reference to it. The configuration management system will maintain a historical reference to the CI and the service it supported, however. A server could be provisioned over its lifetime to support several different services, where each implementation of the same physical server would be viewed as a new CI to the configuration management process.
Software configuration management
Configuration management is also used in software development and deployment, where it is called software or unified configuration management (SCM or UCM). Developers and others involved in the project can use SCM to keep track of artifacts, including source code, documentation, problems, changes requested, and changes made. Software configuration management provides structure to development steps, such as establishing baselines and reporting on the status of development processes.
Programmers using software configuration management after the idea evolves into a functioning software system, both to monitor new releases and to deploy the software configuration to additional hosts. In this way, software configuration management intersects with broader configuration management, occupying CIs such as physical servers and OS instances.
Ansible, Chef, and Puppet all equally integrate with the AWS API. It can be built with CloudFormation as a better way to organize configurations and environments, using templates that can be utilized to manage AWS resources. Ansible is a simple IT automation platform, used for websites, documentation and community. Chef uses “recipes” written in Ruby to keep an up to date infrastructure and compliances. Different toolsets adhere to a wide variety of technical skills. Puppet performs administrative tasks based on universal specifications. Adding users, installing packages, and updating server configurations are all possible with Puppet.
Configuration management in DevOps
- Culture - brings people and processes together
- Automation – creates a fabric for DevOps
- Lean - encourages the concept of continuous improvement
- Measurement – allows for improvements
- Sharing – enables feedback in the CAMS loop cycle
Configuration management is crucial in the DevOps model to enhance and support continuous integration. The proper use and implementation of configuration management can guarantee control, accuracy, traceability, restorability, consistency, efficiency and versioning. It can also even allow changes to system management.
Potential drawbacks to configuration management
There are several possible challenges presented with the use of configuration management, including:
- Process integration is imperative for checks and balances of data relating to change or problem incidents.
- Multiple tools are necessary for proper integration.
- Production applications and desktop activity require broad audience participation.
- Initial designs will need to be revisited and revised regularly for proper scoping of situational business needs.
Configuration management requires data sharing validations across departments, and groups that are poorly operated could become ineffective or inefficient.
Watch the video below for a comparison between leading software configuration management tools: