Sergey Nivens - Fotolia


Cloud configuration management services prevent reformats

IT organizations with configuration management set up for on-premises workloads can add public cloud without changing much, or they can make use of native services from cloud vendors.

Many IT organizations automate infrastructure configuration as part of DevOps or simply for more responsive app support. For organizations that plan to move to the cloud, as well, there's good news.

IT teams can combine configuration modernization with cloud adoption. Amazon Web Services (AWS), Microsoft Azure and other mainstream cloud service providers cater to the patterns, practices and configuration management tools, such as Puppet and Red Hat Ansible, that many IT teams already use. They also offer cloud configuration management services.

Configuration management in a hybrid cloud

Most organizations keep some infrastructure on premises while they migrate, or deploy new workloads, to the cloud. In this scenario, a hybrid cloud topology bridges the gap between on premises and the cloud.

In hybrid cloud, a network enables communication between the on-premises data center and the cloud host. Both Azure and AWS have virtual private clouds and other services to enable these connections; users have the option to build a site-to-site virtual private network or to set up a dedicated, high-speed connection.

Don't overthink hybrid cloud configuration management -- treat the public cloud as another data center. As long as the network enables communication between the on-premises environment and the cloud resources, you can continue to use the existing configuration management tools.

Servers in a hybrid cloud are all part of the same environment. For those systems that run in the cloud, preconfigure machine images with the software agents that they will need, or install agents on the fly as you bring new systems online. As long as the network allows the traffic, cloud-based servers can communicate with existing configuration management services that also work for on-premises deployments.

Administrators should emphasize correct resource placement in hybrid cloud.

Administrators should emphasize correct resource placement in hybrid cloud. Many configuration management products support both push and pull models. In a pull model, servers check in with a configuration master node for instructions on what to do. In a hybrid cloud model, put master nodes both on premises and in the cloud so that there's always one nearby for servers to access. This setup also protects against connectivity issues if the network goes down.

For push-based configuration management tools, set up network connectivity to the servers so that the tool can send instructions to managed servers from anywhere inside the network.

Proprietary cloud configuration management tools

Each public cloud vendor offers a set of configuration management services.

Cloud vendors develop configuration management products for native deployments, but some also serve for hybrid deployments. For example, AWS and Azure offer the following configuration management services for cross-premises scenarios:

Amazon Elastic Compute Cloud Simple Systems Manager. Initially, AWS built this service to support Linux servers running on cloud-based VMs. Now, the service manages both Linux and Windows servers in the cloud and on premises.

Systems Manager is an agent-based service where agents live on each server, in any location, and the user oversees all the servers from a central console in AWS. Instructions trigger on demand or via a schedule and tell the servers to run shell scripts or invoke another configuration management tool, such as Puppet, Chef, Red Hat Ansible or Microsoft Windows PowerShell.

Azure Automation Desired State Configuration (DSC). Under the hood, PowerShell DSC drives Azure's cloud configuration management service. A user can configure both Azure VMs and on-premises servers to pull DSC configurations from the Azure Automation service.

DSC configurations are similar to those in other configuration management tools; you can liken them to Puppet manifests, Chef recipes and Ansible playbooks. Azure Automation DSC works with both Windows and Linux servers.

While a less common scenario, reverse migrations are also achievable with cloud configuration management tools: The AWS or Azure customer can pull workloads off the public cloud and into an owned data center. 

Dig Deeper on Configuration Management and DevOps