DevOps has many moving parts. One aspect is that of Configuration Management. The IEEE 828-2012 – IEEE Standard for Configuration Management in Systems and Software Engineering is now due to be updated. Management of configuration metadata is just as important in automated systems as it is in manual systems. The greater the system complexity the larger the number of items to be tracked. The move the microservices and serverless compounds the problem. How do we show compliance with legal and regulatory requirement in fast moving environments. The use of CM in a DevOps pipeline and the speed at which changes occur has certainly impacted our environment. Flexibility of CM and access to CM information is essential. An automated system for configuration management will play a key role in solving this problem.

Keeping track of over 1000 Components is not easy

Whilst the core components of repositories, baselines and database management systems remain uncontested the process for interacting with the system may change. Other changes to consider is what we store and why. Often the relationships between data is just as important as the data itself. The timeliness of the data also provides information on why the system produced the results it did. Perhaps we have also failed to consider the implications of security. When gathering information we should consider the impact of security on the CM system as we do not wish to expose information unnecessarily. Similarly we wish to consider the impact of CM on security. Can use use the information from the CM process to ascertain what the state of our system should be or what went wrong.

There is lots to consider at this early stage including how have our processes changed since the standard was last updated? How do these changes impact our CM practices? How has CM evolved as a result of DevOps practices? When thinking of your own CM system consider:

  • Inclusion of all relevant stakeholders
  • Skill set of staff involved in the process
  • How to accurately establish the current configuration
  • Process to control or change your existing configuration
  • Auditing of the configuration
  • Auditing of the CM process and components of the CM system
  • Process to reconcile differences in the system to the desired state
  • Reconciliation between systems under separate control
  • Transformation of information to communicate with regulatory or other systems
  • Security
  • Performance impact on the system

There are many tools to assist with this. Much of them are based on state based programming but again this depends on the skills and ability of the person configuring the program. This if course is where many systems either fall down or become insecure. This project is ably led by Bob Aiello – expect great things. If you want to find out more about configuration management contact info@craobhtechnology.com.