Skip navigation


13 posts
Share This:

I am very pleased to announce that BSA 8.9 Service Pack 2 is now available.


Here are some highlights of the release:

1>     Compliance Support:

    1. DISA STIG content update for Windows 2016
    2. DISA STIG content update for RH 7

2>     Patch Analysis support for AIX Multibos

Users can now perform patch analysis on the standby instance of the Base Operating System (BOS) which is maintained in the same root volume group as the active BOS object.

3>     Patching support for AIX on an Alternate Disk or Multiple Boot Operating System

Some versions of AIX have the capability of maintaining multiple instances of Base Operating Systems (BOS). The additional instance of the BOS can be maintained in the same root volume group (multibos) or on a separate disk on a separate root volume group (alternate disk). The user can boot any one instance of the BOS which is called the active instance. The instance that has not been booted remains as a stand by instance. BMC Server Automation supports installation, maintenance, and technology-level updates on the stand by BOS instance without affecting system files on the active BOS.

4>     Export Health Dashboard

Users can now export the entire Health Dashboard in HTML format.

5>     Deprecation on Red Hat Network download option

Red Hat transitioned from its Red Hat Network hosted interface to a new Red Hat Subscription Management interface. To enable customer to seamlessly continue patching on Red Enterprise Linux, we have deprecated RHN download option. All patching on RHEL targets must be performed using the CDN download option (its selected by default when creating patch catalog).

6>     Message to review he number of target servers

To prevent any unplanned outages in your data centre, BSA now allows you to review the number of servers targeted by a job.

7>     Database cleanup and BLCLI enhancements

Share This:

Join Peter Leav, President & CEO - BMC, as he discusses how to accelerate digital transformation in your organization. You also wouldn't want to miss Bill Berutti, President - Enterprise Solutions at BMC touch on how BMC’s recent portfolio innovations can fast-track high-priority initiatives essential to your digital business.Exchange NYC.jpg


When - October 12, 2017

Where - The Times Center, 242 West 41st Street, New York


Gain new insights about digital business, get up-to-date information about the latest BMC products and services, network with your peers, BMC partners, and BMC experts.


Here are a few reasons to attend this one-day, no cost global conference:

  • Visionary keynote speakers
  • Comprehensive product information: Hear from our product experts Anthony Bryce and Jon Thomas
  • Grow your network: Build professional relationships with industry peers, partners, and BMC experts in our technology showcase, in between sessions, during lunch and the evening reception, along with impromptu hallway conversations.


Register Now



TrueSight Network Automation TrueSight Server Automation Bladelogic Database Automation TrueSight Vulnerability Mgmt Cloud Lifecycle Mgmt North East User Group

Share This:

I am very pleased to announce that BSA 8.9 Service Pack 1 is now available.


Here are some highlights of the release:

1> Support for TLS 1.2

BMC Server Automation now supports version 1.2 of the Transport Layer Security (TLS) protocol for session layer security across the various communications legs between BMC Server Automation components.

After installing or upgrading to BMC Server Automation 8.9.01, TLS version 1.2 is the default protocol for communication between the Application Servers and the RSCD Agents.

2> Windows 2016 Support:

Support for Microsoft Windows Server 2016 was added in the following components and functionalities in BMC Server Automation:

  • Unified Product Installer (UPI)
  • Application Server
  • Patch management
  • Bare-metal provisioning

    Virtualization for the following types of virtual servers:

  • VMware vSphere, vCenter Server 5.5, 6.0, and 6.5
  • Microsoft Hyper-V 3.0. SCVMM 2012 R2

3> Support for Native YUM:

BMC Server Automation now supports the use of native YUM as the patching tool for deploying patches to target Linux servers. Prior to this release of BMC Server Automation, native YUM was supported only on Red Hat Enterprise Linux version 7, and it is now supported on the following types and versions of Linux servers:

  • RHEL 5 and 6
  • OEL 5, 6, and 7

4> RHEL patch analysis optimizations for include and exclude:

BMC Server Automation can automatically select the appropriate rpm version or versions while including or excluding an rpm package in an RHEL patch analysis job. To enable this version optimization, select the By Package Name Only option while including or excluding patches.

5> Database cleanup enhancement:

During online database cleanup, various cleanup-related log messages are saved in the DBM_RUN_LOG table. This table is now cleaned up as well during subsequent cleanups of historical data (any cleanup mode that runs the Delete cleanupHistoricalData command) or cleanups of the database (any cleanup mode that runs the Delete cleanupDatabase command). Log messages from the last 4 cleanup runs of each object type are retained.

6> n-3 direct upgrade:

Support for direct upgrade from 8.6.x to 8.9 Service Pack 1 has been added to make upgrade process simpler and faster.


New Support:

Platform Support

Patching Support

Compliance Support

  • Red Hat 6-7.x support for zSeries
  • Red Hat 7.x Little Endian
  • SUSE 11 and 12 for zSeries
  • Windows 2016
  • VMware vCenter 6.5
  • Oracle Enterprise Linux 7.x
  • CentOS 7


  • IBM AIX 7.2
  • Red Hat 6-7.x for zSeries
  • SuSE 11 and 12 for zSeries
  • Microsoft Windows 2016
  • Oracle Enterprise Linux 7.x


  • CIS Microsoft Windows Server 2008 R2
  • CIS Red Hat Enterprise Linux 7
  • CIS Red Hat Enterprise Linux 6
  • DISA STIG for Windows 2016 (early drop released)



More details on What’s New here:

Share This:

A couple of critical broken authentication vulnerabilities were disclosed to BMC by ERNW Gmbh (an independent research company) and they will be disclosed publicly at the Troopers 2016 conference in Heidelberg on March 16th, 2016. These vulnerabilities allow remote unauthorized access to Linux/Unix RSCD agents using the agents’ RPC API. Windows agents are not affected. For more-detailed information, please see the following Flash Notification.


The security of our solutions is of the utmost importance to BMC. Once we were made aware of the issue, we investigated, developed a fix, and began the process of notifying customers.


As part of the notification process, BMC has published a Knowledge Article with patching information as well as general recommendations for reducing the likelihood of successful exploitation. We strongly recommend that BSA customers follow the instructions within the article. Should you have questions or need assistance, please contact BMC Customer Support.

Share This:

In recent years cybercrime has gone from an array of independent hackers to a global industrialized operation that utilizes collaboration, worldwide coordination and advanced criminal techniques to evade detection. One would expect this increased organization and sophistication would improve the speed at which “hackers hack.” And you would be correct: according to a recently released report, the time between an exploit announcement and the first attack is typically just 7.5 days, down from just under 10 days in 2008.


Your organization is likely already struggling with meeting internal and regulatory requirements for patch times. In addition, vulnerabilities and their risk to the organization are increasing each day, as hackers are now able to weaponize new vulnerabilities faster than ever.


It turns out that more than 80% [1] of attacks target known vulnerabilities and that 79% [2] of vulnerabilities have fixes available on the day of disclosure. So why is it taking so long for enterprises to remediate vulnerabilties in a timely manner once they are detected?


The issue in most enterprises is that there is a gap between the team that is responsible for compliance (the IT Security team), and the team that remediates the issues that are discovered (the IT Operations team), i.e., the “SecOps Gap.” The Security and Operations teams must better collaborate to accelerate vulnerability resolution and lower the costs of audit and remediation while simultaneously increasing security.


Closing the SecOps Gap

To close the SecOps Gap, enterprises need to implement end-to-end automation of discovery, audit, remediation, and governance. This enables them to fix problems fast, reduce risk, improve enforcement, and free IT personnel to focus on achieving the strategic goals of the business.


Qualys and BMC have joined forces to close the SecOps Gap by integrating their respective technologies in the SecOps Portal.



How the SecOps Portal Integrates BMC and Qualys

The SecOps Portal (Figure 1) allows enterprises that have deployed BMC’s BladeLogic Server Automation (BSA), Atrium Orchestrator and Remedy AR to import vulnerability scans from Qualys Vulnerability Management (VM). If the SecOps Portal user doesn’t have login credentials to the Qualys Cloud Platform, they can provide a vulnerability scan in an XML output file. If the user has Qualys login credentials, the vulnerability data can be directly imported via the Qualys API (Figure 2).


Figure 1: SecOps Portal


Figure 2: A user importing a Qualys vulnerability scan via the API.



The user can then view a whole variety of summary data for the imported vulnerability scan, including:


  • Hosts Scanned, Hosts Managed, Total Vulnerabilities and Out-of-the-Box Remediation (Figure 3)
  • Top 10 Vulnerable Servers (Figure 4)
  • Potential vs. Confirmed Vulnerabilities, Vulnerabilities by Severity (Figure 5)
  • Managed vs. Unmanaged Servers, Severities by Operating Systems (Figure 6)


Figure 3: Hosts Scanned, Hosts Managed, Total Vulnerabilities and Out-of-the-Box Remediation


Figure 4: Top 10 Vulnerable Servers


Figure 5: Potential vs. Confirmed Vulnerabilities, Vulnerabilities by Severity


Figure 6: Managed vs. Unmanaged Servers, Severities by Operating Systems



The user can also view the Assets that have been identified in BladeLogic, Qualys, or both (Figure 7).


Figure 7: Assets within BladeLogic, Qualys, or both



Now the Remediation screen (Figure 8) is where the magic begins to happen. Here BladeLogic has analyzed the Qualys vulnerability information and determined what the appropriate patches/remediations are. The user has the option to view this data through a variety of filters (e.g., IPAddress, HostName, Operating System, Remediation Type, Severity, etc.).


Figure 8: SecOps Portal Remediation screen



The user then may choose all the vulnerabilities that BladeLogic has determined it is able to remediate (Figure 9).


Figure 9: SecOps Portal user choosing all vulnerabilities that can be remediated by BladeLogic



This will ready a remediation job to be deployed (Figure 10).


Figure 10: Remediation job about to be deployed



The job is given a group name, is scheduled, and the BladeLogic administrator is notified (Figure 11).


Figure 11: Assigning a group name, scheduling the job and notifying the BladeLogic administrator



This is how the request appears in Remedy AR (Figure 12).


Figure 12: SecOps remediation request as it appears in Remedy AR



The Remedy AR administrator approves the request and it then appears in BladeLogic Server Automation (BSA) Console (Figure 13).


Figure 13: Remediation job in BSA after approval by Remedy AR administrator



The job executes and then appears as completed in Remedy AR (Figure 14).


Figure 14: SecOps remediation job now shown as complete in Remedy AR



So there you have it, SecOps gap closed! The time from detecting a vulnerability to remediating it becomes nearly instantaneous. There’s no need for security or operations personnel to manually create trouble tickets, which is extremely time-consuming and highly susceptible to manual entry errors.


Learn More

SecOps Portal and Intelligent Compliance
Qualys Cloud Platform


[1] F-Secure: Companies Risking Their Assets with Outdated Software

[2] Secunia Research: The Secunia Vulnerability Report 2014

Share This:

What challenges or problems server automation tools solves?


Server automation software performs a variety of server management tasks that would otherwise require the direct or manual attention of IT professionals. Some of the repetitive tasks performed include: inventory, configure, compare, provision, snapshot, audit, deploy, break-fix, patch, regulatory standards scan, remediate, update, roll back, reporting, VM sprawl management if necessary and track performance over time.


Why use server automation tools in Datacenters?


From the owner of the Server Automation tools perspective, Cost Reduction and Cost Avoidance can be two business reasons for adopting server automation tools in Datacenter as these tools help organization to do more with less.


Below are few key reasons for using server automation tools:


  • Growing Volume of  Servers to be managed - With increased levels of virtualization adoption, server management demands are overwhelming enterprise datacenter managers and throwing labor to solve the issue is not feasible.
  • Time Factor - The biggest issue with server management is the time burden. Each aspect of server management demands an IT administrator's time and attention --   and every server multiplies time required. IT talent is so consumed  performing a host of relatively simple tasks "fighting fires"    that they are` not able to focus on strategic  projects. Additionally with increased adoption of agile methodology by many IT organizations, time factor available for managing severs is   constantly shrinking putting additional pressure on IT datacenter managers.
  • High Chance for Human Errors - Even an expert IT administrator can make mistakes is a fact of life. For example, a busy administrator might forget a server's configuration -- easy to do with dozens or hundreds of different systems -- and omit an important patch. Human errors cause poor workload performance or compromise security and compliance on servers.
  • Improving Consistency is the only way to manage- Server automation software automates highly interdependent complex tasks which otherwise would take expert to perform via scripts and if passed on to  junior administrator  can results in many variations and inconsistencies. Use of Server automation tools increases consistency, eliminates variations between administration styles, and minimizes errors and omissions.  Companies can better control provisioning, security and compliance and have better level of governance if they use server automation tools to perform server management tasks.


Ultimately use of Server Automation tools help valuable IT staff become free to focus on evaluating new technologies, improving data center architecture and working on projects that add value to the business and move from reactive fire fighting mode to proactive planning and execution mode.

Share This:

Role of Infrastructure Automation Tools (Provision, Configure and Orchestrate) in the world of Cloud Computing


With advent of cloud computing businesses are getting a taste of agility from public cloud service providers.  Demand for IT services is increasing at faster pace.  While deploying new servers has become much easier in the cloud, managing application instances and making sure everything stays compliant, patched and updated remains a major challenge. This has created an operational climate in which many IT departments are often overwhelmed by the scale of their cloud setups.  IT  realizes that Configuration Automation is the only solution for making efficient updates and configuration changes across the entire cloud landscape.



InfraAutomation tools.jpg


Cloud computing requires behavioral changes to the way IT operates and delivers the business services. What we hear a lot from IT heads of many advanced users of cloud computing is that cloud solves many traditional IT problems but  it  creates plenty of new issues that organizations have to deal with.


As per IDC worldwide spending on public cloud services (such as Amazon Web Services) will grow to nearly $100 billion in 2016 and spending on the private cloud market ($12.3 billion worldwide last year) will grow to more than $22 billion by 2017.  As per Cisco Global Cloud Index forecasts, there is ever increasing transition of workloads from traditional data centers to cloud data centers and by 2017 nearly two-thirds of all workloads will be processed in cloud data centers. This trend indicates that over time more and more production workloads will be running in Public and Private Clouds.


Provisioning may be the need of hour to get started with Cloud Journey for many organization but to stay on track and reap the true end to end benefits of cloud computing will require managing across private and public cloud environments. This goal only would be possible if IT Automation tools can address such lofty needs.  Key message is mature enterprise customers very rarely deploy just a VM.  They are already thinking about the end to end model e.g. configuration management, billing, compliance, monitoring, patch management etc. Not many vendors have a good story to sell about end to end management in a hybrid cloud model as they are relying on very basic configuration automation and process orchestration tools.


I would like to end the blog  with couple of  generic examples showcasing what customers are already doing or planning on doing with  BladeLogic Automation tools for  their cloud workloads.



  • A Global IT outsourcer is using BladeLogic Automation tool in their Cloud Command Center to patch servers running in one of the popular public cloud.
  • A Large Publishing house plans to use BladeLogic tools to install applications and run compliance against their public cloud VMs.
Share This:

If you are running a sizable infrastructure automation initiative to manage your Data Center server assets then having  visibility  and ability  to track the progress of your Infrastructure automation journey  is critical for overall success. As an organization one should have milestones which helps organization track operational efficiency gains and  use of automation tool in meeting the  organizational security and regulations compliance needs .

Tracking progress of Infrastructure Automation initiative is not only critical to determine current level of ROI but also helps identify areas of operations where use of automation tools can aid value to make  organization more agile and aligned with business priorities.  Let’s discuss few KPIs measures that owner of Infrastructure Automation Initiative should leverage as they are on board with their infrastructure automation journey.




  • Tracking servers in the Data Center – This KPI tracks the scope of automation initiative.  Tracking overall server numbers including growing Vs shrinking stats helps understand if owner  to focus on what matters and identify  if is a need to extend  automation to cover most if not all server assets.
  • Tracking composition of Physical Vs Virtual Servers by OS and OS versions – This KPI helps understand strategic OS vendors,  versions being used,  standardization opportunities across business units  and identification if there are any OS vendor contractual arrangements  which better serves the organization.
  • Virtualization genealogy - Tracking virtualization genealogy information is critical to control virtualization sprawl.
  • Hypervisors used - Tracking  hypervisor platforms and inventory of them helps with standardization and usage pattern across business units.
  • Identification of EOL OS and App Versions -  Tracking inventory details for your servers and apps is a typical starting point for robust asset management. Tracking inventory of Server OS and App versions helps identify  OSs and commercial/open source app versions which are currently EOL. This information helps identify lack of vendor support and security risks exposures to the organization.
  • IT Team needs quantification -  IT team who is using infrastructure automation tools wants to track bare metal provisioning as well as virtual machine provisioning activities have been carried out and details of how long it has taken to see if they are benefiting from use of automation tools. They should see improvement to the tune of activities taking minutes and hrs Vs days and weeks.
  • Capturing Server Configuration Details - Leveraging automation tools for capturing each and every server configuration information across server landscape for Disaster Recovery purpose helps organization prepare for adverse event.
  • Track infrastructure operational tasks performed by automation tools -  Understanding operational tasks done using automation tools prepares organization for identifying areas which are well suited for such tools and where to focus limited resources.  Initial and on going successes achieved due to focused effort helps organization become mature and help it better in grain automation tools to be part of their operational processes.
  • Server to Admin Ratio -  Ability to track servers to admin ratios over time helps determine automation tool in helping do more with few resources or less skilled resources. It is the key measure of ROI.
  • Determining Access Level -  Having details of per infrastructure user level access including access at server assets and permissions granted provides organization with a view of who and what level of access users have . It is also critical for organization to understand roles used and permissions are available at the role level. This information provides a centralized view of access control across Data Center and identify weak spots or potential security weaknesses.
  • Maturity of Automation -  Use of automation tools in the Data Center  needs to be policy driven to exercise right level of governance. Understanding of  number of patch, security and regulatory compliance and audit policies that are used to manage the infrastructure showcases organization intent to enforce the internal and external policies and how mature/serious organization is about use of infrastructure automation tools.
  • Level of Effort spent Vs success achieved using automation tools -  Jobs level visibility detailing out of different types of job runs, how long  and overall status of those jobs allows administrators determine effectiveness of automation tools for infrastructure management.
  • Meeting organization security considerations -  Organization’s security team cares for full visibility into how often operations team is running patch scans. Security team wants  periodic feeds  showcasing per server level status of missing and installed patches as well as compliance achieved  against regulations as well as identification of known exceptions.  Auditors need details and historical reporting  for certain automation activities to track SOX and other forms of operational compliance.
  • Patching Level visibility -Having  visibility into  latest server status across all applicable patch catalogs, trend of patch compliance% over time, correlating peaks and valleys with when OS patch vendor is releasing patches and when security team has agreed to push patches to servers in the  Data Center showcases the time lag between availability and application of the patches.
  • Commands Executed -  Having visibility into which commands have been run on the servers helps security team detect abnormal activities.
  • Compliance Details over time - Security team periodically wants IT team to generate Compliance details report showcasing per rule level status of the compliance scan, remediation done and wants to continuously monitor the operational environment for any lapses to take corrective actions.



There are many more KPI metrics  beyond  what we have covered above which are needed to run an effective infrastructure automation initiative and seeing the value in action. Good news is that Reporting engine for BladeLogic Server Automation is designed from ground up to provide such KPI metrics easing the burden of IT system administrators and Data Center IT managers responsible for Infrastructure Management.

Share This:

Situation today is that most of today’s business processes are supported by IT and as a result much of the internal and  regulatory compliance burden falls on IT to achieve the level of compliance required in an effective, efficient, and sustainable manner. Internal organizational policies and external regulations requires IT operations groups to provide evidence of the integrity of their companies' IT environments. Recent rise of data breaches highlighting the seriousness of the challenges that corporations and their IT security teams  are facing.


Situation is further complicated with growing infrastructure complexity as organizations implement multitier apps, SaaS, virtualization technologies. The cloud computing has further increased complexity, adding many more VMs, users both inside and outside the walls of the enterprise. As  if this was not good enough, as more Enterprise IT development organization adapts agile like methodology for software application development, rate of configuration changes pushed out are like never seen before. Enterprise IT environment is in a state of continual flux. There is an on going barrage of software changes, such as software patches and updates, as well as a constant demand for new application software.


To achieve and sustain compliance, IT must maintain tight control of the IT infrastructure and allow developers to make changes at the rapid pace. Configuration Compliance and Automation tools will be critical to ensuring that information about the IT environment is known, stable and appropriate at all times. Configuration Compliance Automation tools helps enforce proper configurations are  maintained for all devices throughout the enterprise. Organizations must centralize compliance scan and reporting for regulatory and internal auditor purposes.



Industry analyst firms like Gartner recommends Configuration Compliance and Automation tools as an effective way to ensure accurate configuration control. These tools can support Audit and Compliance to Reduce Risk and achieve a baseline, which will enable enterprises to avoid "drift" and prepare for audits.


Key benefits of Configuration Compliance Automation tools includes:


  • Automate assessment processes to improve overall security and compliance posture
  • Prioritize remediation efforts based on a composite view of risk
  • Communicate IT risk in business-relevant terms by reporting



Why it Matters?



  • Ensuring that IT systems are always properly configured not only are critical for compliance and security initiatives but also tied to overall business viability and goodwill
  • Given the rate of change, only possible way to demonstrating to auditors that systems are compliant w/o time consuming manual gathering projects with significant cost implications is to proactively leverage configuration management & automation tools
  • Automating configuration auditing enables a greater level of security and dramatically reduces preparation time for IT audits conducted for regulations such as PCI, Sarbanes-Oxley and HIPAA.
  • Compliance efforts can act as a catalyst and provide a foundation for the launch of initiatives that align IT more closely with the business. These initiatives can bring significant additional business benefits, including reduced risk and increased business

Companies that are proactively able to:  maintain an audit-ready posture with regard to monitoring, protect entire IT infrastructure environment from non-compliant changes, collect and report compliance-related information, able to verify configurations of targeted servers/VMs/Apps have not changed and are  consistent across all IT groups  will be the only ones which are able to achieve their compliance goals and minimize their exposure to downtime and security risks.

Share This:

How does the change management process at your organization work? Is it rigorously enforced or more of an optional step based on whether or not you have time to document what you’ve done? Perhaps you are one of those organizations that that are compelled by regulatory standards to properly track and report change but still have issues due to the manual nature of the process or unpredictable behavior caused by unauthorized/unplanned changes?


There’s no doubt that proper change control brings big benefits to the business. It’s not just about reporting change, it’s about making sure that the changes that are made are authorized, will not interfere with the business and that if mistakes are made and outages occur that the cause can be quickly tracked down and the impacting change addressed.


So what’s the answer, how can we make sure it’s not us (IT) that disrupts the business through poor change management processes? Well to be successful organizations need an automated and integrated approach to change management. 


Automated is good as a change policy can be put in place and that policy will always be implemented, there is no room for manual errors or forgetting to create change requests in the first place.


The integrated approach brings other benefits. For example, embedding and exposing the change approval mechanism inside the toolsets that your organization uses  to make changes (for example server or network configuration solutions) means those users of those toolsets natively understand the relationship between the task they are performing and the status of the change request that has been generated.

When it comes to troubleshooting issues or outages, if there is integration between the monitoring tools and the change management system, any incidents that are raised against a piece of infrastructure are automatically enriched with information detailing all the different changes that have recently occurred on that component, greatly reducing the time it takes to identify the root cause of a problem and fix it.


If all this sounds interesting and you can relate to some of the challenges listed above, take a look at BMC’s continuous compliance solutions which integrate our Bladelogic automation solutions to service desks and monitoring solutions.


Never make an unplanned, undocumented and potentially dangerous change ever again!

Share This:

As I look at the Server Automation Community, I see a lot of activity and back and forth.  Bill Robinson is answering any and everything you can throw at him.  But have you noticed the content being made available for Server Automation?


Just last night, the BSA Technical Success plan (found here: BSA/BDSSA Technical Success Plan) was posted by Newton Nyante and contains a maintenance schedule to optimize the performance and increase the uptime of your BladeLogic environment.  This will be enhanced with how-to docs and videos moving forward as well.  Please feel free to comment on how this doc could be improved.


We hope to continue to produce and post more of this type of content and would love to hear from all of our community users.

What can we provide to continue to add value to the community?  How has what has already been provided helped you?


Let's work together to maximize the community experience for all of us!

Time to make the donuts...

Posted by Jody Hunt Feb 17, 2011
Share This:

A growing focus of datacenter automation is application release automation. IT exists to run applications, and deploying new applications or updating existing ones is a crucial part of IT's job.


Most of the application release solutions on the market propose that you use process orchestration to accelerate your application release processes. Guess what: orchestration is not the hard part of release automation. There are a lot of ways to do process orchestration and workflow management. Best practices in most organizations are smart people writing scripts and documentation for application release standard operating procedures. Scripts are a poor-man's orchestration, and scripting works for simple application environments that don't change frequently.


So here's a question: do the words "simple" or "unchanging" describe any of your critical web-based business applications?


The fallacy of using a purely process-oriented approach to release automation is that it only solves the easy and most immediate part of the problem. The hard part of the application release process is maintaining configuration consistency across multiple application servers in multiple environments. At its core this is a data management problem. Using orchestration (scripts, procedural documentation, etc.) for application configuration management just bakes a whole bunch of configuration data inside a sequence of commands. As soon as something changes even slightly (and that's pretty soon)...time to rewrite the instructions - a never-ending maintenance chore. "Time to make the donuts."


Worse is when you're not the person who wrote the scripts, because then you have to reverse engineer the logic and figure out where and how to make the requisite changes. You can only hope the person carefully documented the code they wrote. Right.


You need to be able to dynamically manage configuration data separately from workflows. Configuration discovery and configuration data modeling is a fundamental requirement for release automation.  Process automation without configuration management just helps you make mistakes faster, and consigns your best people to "making the donuts".

Share This:

   I'm Jude.  A fair number of you already know me.  I'm the moderator for the BMC BladeLogic community here, among other things.  I've been drinking the BladeLogic Flavor Aid for a few years now.  It's good stuff.   I hope to see this forum become more active and to see more people making contributions, particularly as we migrate more content from the old site.  Please feel free to drop me a line to introduce yourself; I'll be happy to talk your ear off about automation, IT in general, or darn nearly any other topic that suits your fancy. 


     Among the other projects I've been taking on, I have been spending a fair amount of time preparing for the launch of BladeLogic 8.0.  My next post will discuss my experiences with it so far and my impressions.

Filter Blog

By date:
By tag: