With that defined, let’s talk about how it works in practice. Configuration management usually spans a few areas. It often relates to different ideas, like creating “pipelines” to build and test our products. Or it might relate to writing “infrastructure-as-code” to capture in code the current state of our infrastructure.
Configuration management was traditionally a purely manual task, completed by a systems administrator. The role was a lot of manual work involving carefully documenting the state of the system. But the industry has changed completely. These changes came from the popularity of DevOps, advances in network computing, and new automation tooling.
Now that we’ve set the scene, we can dive into the details of configuration management. So let’s get to it.
What the World Looks Like With Configuration Management. Before we explore different tools for configuration management, we need to know what end results we’ll receive for our efforts.
What are the outcomes of well-implemented configuration management?
Let’s cover the benefits:
If the worst does happen, configuration management ensures that our assets are easily recoverable. The same applies to rollbacks. Configuration management makes it so that when we’ve put out bad code, we can go back to the state of our tools before the change.
Uptime and Site Reliability
The term “site reliability” refers to how often your service is up. We have all worked at companies where each second of downtime causes disasters.
A frequent cause of downtime is bad deployments, which can be caused by differences in running production servers to test servers. With our configuration managed properly, our test environments can mimic production, so there’s less chance of an unwelcome surprise.
Provisioning is the act of adding more resources like servers to our running application. Configuration management ensures that we know what a good state of our service is. That way, when we want to increase the number of servers that we run, it’s simply a case of clicking a button or running a script. The goal is really to make provisioning a non-event.
These are just some of the benefits of configuration management. But there are some other ones, too. You’ll experience faster onboarding of new team members, easier collaboration between teams, and extended lifecycle of products/assets, among other benefits.
The World Without Configuration Management
Sometimes it’s easier to understand a concept by understanding its opposite. What does trouble look like for configuration management, and what are we trying to avoid? Let’s take a look.
A developer implementing a feature will commonly install some tools and deploy code. If things are sloppy, this developer probably makes the team and manager aware of the intention to come back later to clean it all up—that it’s simply a demonstration and will be rewritten soon.
But then the deadline starts pressing, and the task of going back through and rewriting the installation steps as a script gets pushed lower and lower in priority. Before we know it, a lot of time has passed, and a new developer gets put on the project. That developer is now left to pick up the pieces, trying to understand what happened. It’s quite likely they aren’t even going to touch the configuration of the server. Who knows what it would do?
The above situation is precisely what configuration management helps you avoid. We don’t want to be left in the dark as a result of developers setting up tools without proper documentation/traceability. Rather, we want to know the answers to questions like
What services are we running?
What state are those services in?
How did they get to their current state?
What was the purpose for the changes?
Configuration management can tell us these answers.
That hopefully paints a clearer picture of the problems that configuration management is trying to solve.
How Configuration Management Fits in With DevOps, Continuous Delivery, and More…
Hopefully by now you’re starting to get the hang of what configuration management is and what it aims to do. Before we go on to discuss tooling, lets take a moment to address how configuration management fits in with other concepts like DevOps, continuous integration, continuous delivery, and Docker so that you can understand how these concepts fit in with the ideas of configuration management.
Is Configuration Management Compatible With Tool Flexibility?
Yes. It reflects the desire to make changes to our tools faster so that we can respond to market demands. Configuration management helps us to safely manage our changes and keep velocity high.
Where Do Pipelines Fit Into Configuration Management”?
Pipelines are the steps or “value stream,” which we can create with tools that we usually automate, taking code from commit to production. Pipelines usually involve steps such as unit testing code, integration testing code, and creating artifacts. So a pipeline is a form of configuration management. When we build with tools like Docker, we codify our build instructions into our Docker Work Order. This allows us to better understand the dependencies of our artifacts.
Is Infrastructure-as-Code Configuration Management?
Infrastructure-as-code is the practice of ensuring all provisioned infrastructure is done so through code. so we have a written record of which services exist, where they are located, and under what circumstance. Configuration management might choose to leverage the code in order to achieve the full understanding of all the technology assets a company owns.
Is Continuous Integration/Delivery Configuration Management?
Continuous delivery is the process of ensuring that tools are always in a releasable state. You can achieve this through heavy automation and testing. Continuous integration is the process of bringing separate artifacts together into a single location on a frequent basis, for the purposes of verifying that the code integrates properly. Continuous integration tools, which are typically servers that run automation-testing suites, act as a form of configuration management by providing visibility into the steps required to set up and configure a given artifact.
That should clear up some of your questions about how configuration management fits with some practices or ideas that you might be using or are familiar with. Any discussion of configuration management would be incomplete, however, without a discussion about tooling. So, let’s take a look at the different tools we have at our disposal for implementing configuration management.
What Are Configuration Management Tools?
There are many different tools for configuration management. In fact, it can get confusing, as there are tools that support configuration management without explicitly being configuration management tools.
For instance, Docker neatly packages up steps needed to set up and run an application in Docker Work Order. However, people don’t often consider Docker a configuration management tool.
To make things clearer, let’s divide up the common tools that might fall under or relate to configuration management:
Configuration Management Tools
These are the tools you see typically associated with configuration management that provide ways to codify steps that we require in order to bring an asset in line with a current definition of how that asset should look. For instance, you might create a playbook that ensures that all of our X servers have Y installed within them.
If our configuration management tools include the setup we need on our assets, our provisioning tools are how we get those assets. It’s this blurred line that explains why we need to bring these tools into our discussion of configuration management. And many consider it an anti-pattern to use configuration management tools for provisioning.
We talked briefly about delivery pipelines, but implementing them requires tooling. By using tools to codify our build process, we make it easy for other developers to understand how our artifacts are modified and created, which is a form of configuration management.
Source Control Tools
While we need to codify our automation in scripts, if we don’t appropriately track the history of our changes, then we aren’t really achieving configuration management.
How Can I Get Started With Configuration Management?
Where to start? Do you begin by researching tools? Implementing some automation? Auditing your existing servers? Talking to others in your company?
Where you start with anything always depends on where you currently are. That said, only you are aware of your current situation and the limitations and resources available. Below are a couple different places you can begin your journey to effective configuration management:
Audit your tools—What tools do you currently have? What’s the state of it? Is it well documented? Are the setup and run instructions known for the tools
Perform a tools assessment—Do an assessment of what tools exist on the market for configuration management. The ones listed above are a good start. Identify which tools could help you solve some of your configuration management problems.
Learn about best practices—Successfully implementing configuration management isn’t a one-and-done task. It takes time and work to continually ensure that all new tools are appropriately audited and tracked. So you might want to look into some different key concepts, such as Infrastructure-as-Code and build and release pipelines.
It’s Time For Everything-as-Code!
And that’s all! Hopefully that helps to clear things up for you about configuration management. It’s all about keeping track of the current state of your tools infrastructure.
There are many ways to implement configuration management, and there are lots of different tools and processes. So when it comes to strategy, be sure to take your time assessing options and understanding how you want your configuration management processes to work.
It will all be worth it in the end, though. Get your configuration management right and your teams will be safer, more productive, and faster to make changes.
So from now on, audit, track, and write everything-as-code. The minimal set of activities to be covered by the configuration plan should accomplish the following:
1. Identification and control of all tooling requirements, code and design change interfaces
2. Control of tooling user, operating, and maintenance documentation
3. Control and retrieval of qualification information associated with tooling designs and code; configuration accounting
4. Control of tooling building, release, and delivery of products.
5. For security system components, configuration items or controlled databases should include tooling requirements,
6. Data files used and called directly or indirectly by tooling
7. Support tooling used in development, exact versions.
8. Libraries of tooling components essential to security
9. Tooling plans that could affect quality
10. Test results used to qualify tooling