Configuration management (CM) is a governance and systems engineering process for ensuring consistency among physical and logical assets in an operational environment. The configuration management process seeks to identify and track individual configuration items (CIs), documenting functional capabilities and interdependencies. Administrators, technicians and software developers can use configuration management tools to verify the effect a change to one configuration item has on other systems.
Configuration management is one of the operational processes identified in the IT Infrastructure Library (ITIL) service management framework, although an enterprise need not adopt the ITIL framework to perform configuration management. Configuration management is referred to as Service Asset and Configuration Management in ITIL V3.
For a configuration management system to operate, it needs some form of mechanism in which to store the information it governs. Originally, this was called the configuration management database (CMDB); ITIL V3 introduced the concept of a configuration management system (CMS) to replace the CMDB. The CMDB promotes a concept of a singular monolithic repository, while the CMS provides a conceptualized system of CMDBs that act together to support the needs of this governance process. Both demonstrate advantages over a static configuration management spreadsheet or text file that requires significant manual upkeep and cannot integrate base workflows and best practices.
Every service management tool is deployed with a supporting data repository. Without the governance process of configuration management validating its contents, the repository is simply an operational database with unverified data, not a CMDB or CMS. Automated configuration audit and verification components entitle a repository to be leveraged as an authorized gold source of assets. A manual audit is also possible. Special configuration management software is available, such as BMC Software's Atrium and Hewlett Packard Enterprise's Universal Configuration Management Database.
A configuration management process and its supporting repository, CMDB or CMS, face the challenge of overlapping and contradicting data from sources across the enterprise. The configuration management plan must include a way to merge and reconcile CIs to present a single point of reference or single source of truth.
Key benefits of configuration management
A configuration management tool can improve the organization's change-impact analysis, reducing the outages caused by production changes.
Configuration management combines valid service models, CI interdependency mapping and correlations made between CIs and requests for changes to help restore services faster during an outage.
An organization may achieve improved service delivery, as measured by mean time to repair and mean time between failures. Other metrics can improve, such as time spent searching for data, data quality and accurate reporting on the IT estate.
A configuration management system provides audit and compliance support in historical operational accounting of devices and their utilization and modifications.
There are several potential business benefits to consider in a configuration management plan. Lower operational costs result from better understanding the total cost of ownership for the current IT service model. Organizational security improves when the company can detect unauthorized changes. The correlation between CIs and operational processes -- and how these support business services or affect key performance indicators -- can enable more informed business decisions.
Change and asset management
Change management and configuration management are complementary, but not identical processes. Change management seeks to govern and ensure only authorized modifications are made to an item, while mitigating risk and impact to the whole. Change management is implemented via an established business process, such as a change advisory board reviewing requests for change. Configuration management deals with the identification, maintenance, reporting on and verification of items and their interrelationships.
The most in-depth utilization of the configuration management process is considered to be within the military and engineering establishment as part of its comprehensive change management lifecycle. These environments demand the level of scrutiny, audit and verification that configuration management offers. This is especially the case when integrated with information security processes.
Configuration management also differs from asset management in that it does not seek to manage financial accounting aspects of the CI. Asset and configuration management share a common core of data about items and devices, used for different objectives and goals. A CI could be an asset, but does not have to be. The same is true for an asset: It may or may not be a CI.
Configuration and asset management govern the items under different lifecycles. For example, asset management manages a server from procurement through disposal. Configuration management is only aware of this server while it is associated with a given service or services. If the service is discontinued, asset management will continue to govern the server's financial relevance, while configuration management will no longer have active reference to it. The configuration management system will maintain historical reference to the CI and the service it supported, however. A server could be provisioned over its lifetime to support several different services, where each implementation of the exact same physical server would be viewed as a new CI to the configuration management process.
Software configuration management
Configuration management is also used in software development and deployment, where it is called software or unified configuration management (SCM or UCM). Developers and others involved in the project can use SCM to keep track of artifacts, including source code, documentation, problems, changes requested and changes made. Software configuration management provides structure to development steps, such as establishing baselines and reporting on the status of development processes.
Programmers using software configuration management after the idea evolves into a functioning software system, both to monitor new releases and to deploy the software configuration to additional hosts. In this way, software configuration management intersects with broader configuration management, occupying CIs such as physical servers and OS instances.
Software configuration management tools, such as Chef and Puppet, can be used in concert with version-control tools for source code management, such as Apache Subversion and Git.