Published: 30 January 2024
Contributors: Chrystal R. China, Michael Goodwin
Configuration management is a systems engineering process that helps businesses maintain the performance quality and functionality of a given product, system or other IT asset throughout its lifecycle.
Tailored configuration management (CM) practices enable system administrators to track the state of assets (like computer systems, servers and applications) so that teams can quickly identify issues, effectively manage change control and prevent configuration drift and unnecessary downtime.
The discipline started in the U.S. military—namely the Department of Defense—which sought to increase the lifespan of its hardware equipment without sacrificing performance over time. The military eventually created the 480 series, a set of governing standards for maintaining technical equipment, which evolved into the ANSI–EIA–649 (the National Consensus Standard for Configuration Management) in 1998.
The primary goal of CM is to control the evolution of complex systems and create vigilant record-keeping processes that streamline and accelerate IT asset management. CM practices ensure that a system's design, implementation and operational information are always in sync, facilitating efficient version management and preventing the system instabilities that can occur with untracked modifications. In other words, CM ensures that IT assets remain in their desired state, regardless of how they evolve over time.
Learn how intelligent automation can make your business operations a competitive advantage.
Register for the ebook on observability myths
CM processes are driven by management tools that allow IT administrators to build a workstation or server with specific settings and then apply those settings to other assets. Used in concert with IT service management (as defined by the ITIL), CM requires teams to monitor the state of a system in real time to identify aberrant behavior and/or opportunities for patches, updates or upgrades.
Specifically, CM involves the following key processes:
Configuration identification is the process of determining the attributes that define every aspect of a configuration item (CI) at any point in time. It also includes pivotal decisions about configuration items (the software or infrastructure initiative, module or API the team will monitor and control), identifiers (the unique serial or version number or other tracking mechanism for each CI) and baselines (typically, the configuration of a working production environment).
Configuration change control, also called configuration control, is a strategy for handling changes systematically so that asset integrity remains consistent across its lifespan. It typically involves several stabilizing practices, including submitting change proposals, evaluating each proposal’s cost and benefits, getting the requisite approvals from authorizing parties, and implementing and documenting changes.
CSA involves documenting all configuration identification details (e.g., location, version, current status) and change details (date, responsible party, description of modifications). The process also includes generating regular status and historical records for stakeholders, verifying all records for accuracy and creating an accessible audit trail.
Configuration auditing is the formal process of assessing how well CI and CM practices conform to the established standards and baselines, including identifying and resolving anomalies. Auditing might entail evaluation of physical attributes, functional attributes or both.
A CMP outlines the specific CM practices, procedures and schedules designated for a particular project or organization. It usually includes information about related processes, as well as complete details on CM scope and objectives, CM activities, roles and responsibilities, baseline management, team training procedures and any tools the team will use to support the process.
Configuration management tools—from open-source programs like Ansible, Jira, Puppet, SaltStack and CFEngine to proprietary solutions like IBM AIOps Insights—help system administrators minimize the complexity of CM by automating most of its associated processes. CM tools can manage code versions, track system changes and automate the building and deployment processes.
They enable teams to change base configurations from a central location; categorize and manage CIs by group/subgroup; automate CI identification, updates and patches; install new settings across groups; and locate outdated or underperforming configurations.
CM tools include technologies like:
Version control systems: These tools manage changes to source code or documents over time. They maintain versions and histories that help with tracking changes, implementing rollbacks (if necessary) and supporting parallel development.
Continuous integration/continuous delivery (CI/CD) tools: CI/CD pipeline tools automate software testing and deployment, ensuring that systems regularly integrate changes to the code base and run appropriate tests for issue identification.
Infrastructure-as-code (IaC) tools: IaC tools facilitate infrastructure provisioning and management using code that can be versioned and treated as any other software system component.
Change management and tracking tools: These tools record, track and manage change requests and issues through a defined workflow.
Configuration management databases (CMDBs): CMDBs store configuration information about CIs and their dependencies, clarifying the structure of an IT environment and the potential impact of changes.
Effective configuration management is essential for optimizing IT automation within a business. It helps teams make informed decisions about changes to their IT infrastructure and assets, and it facilitates clear communication among stakeholders by prioritizing clear, constant documentation of system states throughout the lifecycle.
In DevOps environments, CM enables IT administrators to further automate infrastructure management and deployment processes. In agile environments, CM helps teams more easily access and triage configuration tasks to streamline project management practices. And in CI/CD environments, CM tools automate modifications so that teams can immediately deploy approved code and configuration changes to live systems.
CM also offers significant benefits for quality control and risk management across a gamut of industries, from software development and healthcare to manufacturing and IT service management (ITSM). And it has myriad use cases for a range of IT environments, including:
CM tools can configure and manage virtual private clouds (VPCs), operating systems (OSs) and workload security1 in cloud computing environments.
CM tools can apply policies consistently across a network and configure intrusion detection systems and firewalls automatically.
CM tools can set up and manage remote infrastructure systems, like IoT assets, server equipment and network and security protocols.
CM tools can configure network devices, like routers, automatically.
The sheer volume of data CM programs generate can add complexity to any organization’s IT asset management process. Therefore, optimizing the benefits of CM programs and tools requires adequate planning, resources and personnel training. To maximize the effectiveness of configuration management systems, teams can:
Establish a baseline early. Set initial baselines as soon as the project starts.
Automate as much as possible. Use CM tools to automate any repetitive tasks; not only does this save time, but it also reduces the risk of human error.
Back up data frequently. Unsurprisingly, backups of asset status and configuration data can prove invaluable if administrators need to revisit the baseline configuration after a data loss or corruption incident.
Maintain a single source of truth. Use one definitive repository or database to document and track the state of CIs.
Create a change advisory board (CAB). A CAB offers additional structure and traceability during the change evaluation and approval processes.
Leverage AI to streamline IT operations, increase uptime, improve efficiency and reduce costs.
Innovate faster, reduce operational cost and transform IT operations across a changing landscape.
The IBM Instana Observability platform is a fully automated real-time observability platform that puts performance data in context to deliver rapid identification and help prevent and remediate issues.
Learn how artificial Intelligence for IT operations (AIOps) uses data and machine learning to improve and automate IT service management.
Explore the opportunities for SREs to boost their effectiveness by adopting and driving a culture of AI-powered automation and innovation.
See how implementing an AI-powered solution can help keep your business operations running smoothly.
Learn more about the end-to-end management of IT assets through every stage of the asset lifecycle.
IT operations management (ITOM) is responsible for managing IT requirements within an organization, overseeing the provisioning, capacity, performance, and availability of IT infrastructure and resources.
Read about the latest and greatest, how-tos, best practices, and use cases from our experts and experienced product users.
Footnotes
1 Worldwide Corporate Endpoint Security Forecast Update, 2023–2027: Endpoint Security Platformization Propels Robust Growth (link resides outside ibm.com), International Data Corporation (IDC), 10 January 2024