Re: Request for discussion: configuration management taxonomy
Gulfie <gulfie <at> grotto-group.com>
2007-08-29 18:21:29 GMT
On Wed, Aug 29, 2007 at 03:47:21PM +0200, Thomas Delaet wrote:
> I've created a website for comparing configuration management tools.
> Currently it contains:
> * A taxonomy description for configuration management tools
> * The application of the proposed taxonomy to a set of ten tools (Bcfg2,
> Bladelogic, Cfengine, Firmato, Lcfg, Microsoft SMS, Netdirector, Opsware,
> Puppet and Tivoli)
> Things on my todo-list
> * A nice table to compare the current set of evaluated tools.
> * An overview of the state of the art, based on the taxonomy categories
> * A gap analysis
> I'm interested in comments on the taxonomy itself, errors/additions in the
> tools evaluations, new tool evaluations and any other suggestions. If people
> are interested in this, I'm willing to maintain this website or consider
> merging it with other initiatives.
I have two cents for you.... okay maybe three.
Page 0 :
'Configuration management' or CM, is an overloaded term that has many
meanings to many people. Ether include the other peoples definitions, or pick a
different name. Maybe, come up with a cryptonym, how about ConMan? er', okay
maybe not that. Software Config management is highly related, argueably
subsumable by this discussion, it needs to be addressed. Content Management
systems are also related and should also be addressed. Or a better line needs to
be drawn in the sand.
page 2 :
number of different kinds of things
continents, machines, networks, links, hops, disk,
Raw size. Physical diameter, Network diameter.
Time. Is this a setup and run thing like kickstart, or a long term
full life-cycle management thing.
If you scope down to palm tops, do you scope up to the backup
generators or the power grid?
From a Software QA perspective small level testing is a solved
problem. It just costs vast amount to do right, so no one does. The interesting
bugs are all coming from article interaction and changeling system assumptions.
Some people keep configuration information in databases. Be they
relational, ldap, or chubby. Some devices don't have disks. Routers, switches,
etc. Then there is the question of are you talking about configurations, state, or
system bits (binaries and such).
The term 'Network Architecture' is dangerous, overloaded, and
unspecified. Are you talking generic intersystem design, where every managed
device is a node, or are you talking routers and switches? After time the implicit
definition is worked out, but it takes a few paragraphs. And others will disagree
if it is not defined.
There are many conflating (conflating is my new favorite word),
distinct ideas that should not be. Physical network infrastructure , logical
control flow, and logical network infrastructure.
For example, most ethernet/IP networks are physically meshes but
get turned into and used as trees, or sometimes graphs with asymmetric routing.
Keeping these two ideas separate allows you to do all number of redundancy
Likewise the Logical control flow of a system may be unrelated to
its' physical manifestation. For example DNS. Logically it's rooted at . yet
physically it's not hierarchical at all.
Resistance to damage. No large network is ever fully functional.
How does a system deal with nodes which are not connected at some reconfiguration
time. Laptops are a good example.
Resistance to failure. What is the and is there a back out plan?
Is user data conserved across that backout plan?
Revision control? Can you get back 3 generations of changes ago?
Does the system include backups? Backups of User data?
Can Independent changes occur at the same time? What is the locking
strategy? If two admin decide to change things on the same machine, what happens?
Failure? Delay? Ordering?
How does the system deal with user initiated change? For some this
will mean users telling admins' what they'd like, in other it will be allowing and
supporting users to add (possibly conflicting software). In some, say for example
call centers, the answer is of course 'no'.
Granulatrity of dependancy tracking. Binary dependancies (A
requires B) or softer fuzzy dependancies ( if the primary dns server goes down, all
machines will _work_ but will be in some degraded level of performance).
Cost. Both in $, and in soul.
Other systems you should mention, and characterize in your table.
Or possibly another table.
Apples CM system
Microsofts live update
Take your pick of Linux distro udpates.
Radmind (is that still around?)
Git (The change management system is neat).