Configuration Management

- Premanand Lotlikar
 Agenda
• Introduction
• Objective of CM
• Benefits
• Basic Concepts
• Relationship with other processes
• Activities in CM
• Process Control
• Key Performance Indicators
• Cost
• Possible Problems
 Introduction
• Every IT organization has information
about its IT infrastructure
• Art is to keep the information up-to-date
• Information includes not only about
individual component but how they relate
to one another
• If implemented properly, it can provide
information about:
 Product Policy
• Which IT components are we currently using?
How many of each version? How long have we
had them?
• What are the current trends in the various
product groups?
• Which IT components can be phased out and
which require upgrading?
• What licenses do we have and are they
adequate?
• Which maintenance contracts should be
reviewed?
 Troubleshooting information &
Impact assessment

• Which IT components are affected by a change?

• Which RFCs are under consideration for IT
components?
• What IT components are responsible for known
errors?
• Will the disaster recovery plan still be effective if
the configurations are modified?
 Objectives of CM
• Managing the economic value of IT services by
maintaining logical model of the IT infrastructure
• Provide accurate information on configurations
and their documentation to support all the other
Service Management processes
• Verify the configuration records against the
infrastructure and correct any exceptions
 Benefits
• Managing IT components
• High quality IT services (localizing CIs, reducing cost &
time)
• Effective problem solving (trends and previous records)
• More rapid processing of changes (impact analysis)
• Better control of s/w & h/w (rollout of packages)
• Improved security (authorization, licensing)
• Compliance with legal requirements
• More precise expenditure planning (maintenance cost,
contracts, licenses & expiration dates)
• Solid foundation for IT service Continuity Mgmt (back-up of
CMDB helps restoration after any disaster)
 Basic Concepts
• Configuration Items (CI’s)
– Every distinct entity that is part of the
infrastructure can be denoted as a
Configuration Item (CI)
 CI classification
• Tangible, discrete items (e.g. hardware, software,
technical documentation)
• Entities which provide the same functions as physical
CIs but do not have a physical form (E.g. virtual
machines in a server cluster environment)
• Policies, standards, contracts that bind two or more
entities
• Roles played by persons or groups (e.g. users, service
providers, support groups)
• Events that occur at specific times (e.g. service failures/
interruptions, scheduled maintenance)
CI example

•Source: OGC
CI example
 Basic Concepts
• Configuration Mgmt Database (CMDB)
– Keeps track of all IT components, their
versions and status and the relationships
between them.
 Isolated CMDBs

•Several applications storing their own data

•Accounting of IT assets and services
possible
 Integrated CMDBs

•Different processes sharing

data
•Lot of resources to
maintain integration
•Someone unfamiliar with
the system might not know
where to look for a given
piece of data
 Centralized CMDB
• Single, all encompassing
CMDB to hold configuration data
• Accessible by all applications
that need the data
• Single point of entry
• Requires a large capacity in
one place
• Creates a bottleneck because
all requests for and updates to
data pass through the same path
• Requires a massive migration
to get all of your data into the
single database
 Basic Concepts
• Definitive Software Library (DSL)
– Library storing all definitive authorized
versions of all software CIs
– Physical library storing master copies of
software
– Only authorized software should be accepted
– Strictly controlled by Change Mgmt
 Relationship with other processes
• Incident Mgmt needs information across
the whole infrastructure
• Configuration Mgmt helps to:
– To determine the CI’s location and owner
– To determine if there is a problem or a known
error with work around
– To know which customers and services are
impacted
– To know the relevant SLA
 Relationship with other processes
• Problem Mgmt needs information about
the complexity of the infrastructure.
• Configuration Mgmt helps to:
– To link problems & known errors to CI’s
– To use CMDB data to analyze incidents and
problems
– To identify the deviation b/w the authorized
configuration and the actual configuration
 Relationship with other processes
• Change Mgmt uses CMDB to identify the
impact of the changes done.
• Configuration Mgmt helps to:
– To associate changes with the relevant CI’s
• Change Mgmt provides major input for
updating the CMDB by recording RFC.
 Relationship with other processes
• Service Level Mgmt (SLM) needs
information about services along with the
relationships b/w services and the
underlying infrastructure CI’s.
• SLM data can be stored in the CMDB and
related to appropriate CI.
• Service levels (gold, silver, bronze) can be
recorded against the CI’s
 Relationship with other processes
• Availability Mgmt uses CMDB for
Component Failure Impact Analysis
(CFIA).
• It uses CMDB to identify the weakest CI in
the chain of CI’s providing a service.
 Relationship with other processes
• Capacity Mgmt uses CMDB
– To plan optimization of IT infrastructure
– To allocate workload
– To develop a capacity plan
Relationship with other processes
 Activities in CM
• Planning
• Identification
• Status Accounting
• Verification and Audit
 Planning
• The aim, scope, and priorities of
Configuration Mgmt have to be defined
within Service Management and should be
aligned with the business objective.
 Identification
• Relates to defining and maintaining naming conventions & version
numbers of CIs along with documentation, attributes & relationships.
• The general questions for determining information to be recorded:
– What resources are available for collecting information
– Which components should have their status and status history
recorded?
– What information do we require for changing purpose?
– Which components may affect capacity/availability after change?
– What requirements are associated with the provision of SLA?
– What information do we require for charging purpose?
• Decision to be made on
– Scope (breadth)
– Level of Breakdown (depth)
– Level of Detail (detail)
 Detailing the Scope
• What part of the infrastructure be
controlled by Configuration Mgmt?
• This scope affects the scope of:
– Diagnoses by Problem Mgmt
– Impact Analysis by Change Mgmt
– Verifiability of SLA
– Analysis & Planning by Availability Mgmt
 Detailing the Scope
Scope

CI # 1

IT Infrastructure Service A

Service B

CI # 2 CI # 3

Application A LAN 2 PABX

CI # 4 CI # 6
Module A System 21 Line 1

CI # 7
CI # 5
NIC 12 Line 2
Module B
CI # 8
Modem 5 Line 3
 Depth – Level of Breakdown

IT Infrastructure

Hardware Software Network Documentation

Business System 1 Business System 2

Application1-1 Application1-2 Application1-3

Module1-1 Module1-2
 Level of Detail (Attributes)
ATTRIBUTE DESCRIPTION
CI number/label Unique identification of the CI.
Serial Number Supplier’s identification number in the form of serial number
Model Name Full model name E.g. PIV MMX 933 MHz
Manufacturer Manufacturer of the CI
Category Classification (H/W, S/W, Documentation)
Warranty expiry date Date when warranty expires
Version number Version number of CI
Location Location of CI
Owner responsible Name and designation of the owner or person responsible for the CI
Status Current state of the CI E.g. ‘under test’, ‘live’
Cost Cost of acquisition
Residual value Current value of CI after depreciation
Comment Other comments
RFC Number RFC number open for the CI
Relationships Relationship b/w the CI and other CIs
 CI Relationships
• Relationship b/w CIs useful for:
– Diagnosing errors
– Predicting availability of services
• Relationships can be:
– Logical
• Is a copy of: Copy of a standard model
• Relates to: A procedure, SLA, customer area
• Is used by: CI needed for providing a service

– Physical
• Forms part of: FDD forms part of a PC
• Is connected to: PC connected to LAN
• Is needed for: H/w needed to run application
CI Relationships (example)
 Baselines
• Snapshot of group of CI’s taken at a specific
point in time
• Baseline can be used as:
– For recording cost information
– Starting point for development and testing of new
configurations
– Back-out if there is are problems with new
configuration after change
– Standard for supplying configurations (E.g. standard
workstation)
 Status Accounting
• The process of recording state changes to a CI
• Most common states:
– On order
– Received, pending testing
– Under test
– Installed to production, Operational
– Under repair
– Disposed
• This information is also useful for problem
management, especially for detecting devices
with high incidents of repair or long repair periods
Example CI status monitoring

•Source: OGC
 Verification and Audit
• Used to verify if the current situation still
reflects the details in CMDB
• Audits may be carried out in following
situations:
– After implementing a new CMDB
– Before and after major changes
– After disaster recovery
– At any convenient time
 Verification and Audit
• Following questions are asked during
audit:
– Are all RFCs recorded in CMDB?
– Is the CMDB still up-to-date? If not, why?
– What is the impact on Change Mgmt?
– Are baseline configurations recorded
correctly?
– Does naming of the new CI’s comply with
naming convention?
 Control of CIs
• Only authorized CIs should be recorded in the
CMDB
• The following actions are monitored:
– CI is added
– CI status changes
– CI owner changes
– CI relationship changes
– CI is removed
– CI license renewed or modified
– CI details updated after audit
 Process Control
• Critical Success Factors:
– Information in the CMDB should be up-to-date
• Change Mgmt must be strictly enforced
• Stakeholder for information
– Implementation of CMDB must be divided into
correct stages
• Extensive scopes of CM at once generally fails
– Recording must be given to person having not
only the reqd skill but the right attitude!
 Key Performance Indicators
• Number of deltas
• No of occasions when configuration was found
unauthorized
• No of occasions when recorded configuration could not
be found
• Time needed to process a request for recording
information
• List of CI’s where more than a given no of
incidents/changes were recorded
• Statistical information about the structure and
composition of IT infrastructure
• Growth data about IT infrastructure
 Cost
• Largely depends on the scope and level of the
detail
• Cost include H/w, S/w and personnel cost
• H/w, S/w cost depend on:
– Additional H/w & S/w required and its configuration
– Application and DB design, population, customization
& implementation
– DB maintenance
• Personnel cost depends on the size of the
organization and level of detail of CMDB
 Possible Problems
• Wrong CMDB scope or CI level of detail (too
little or too much)
• Inadequate manual systems (paper systems)
• Affect of urgent changes
• Over ambitious schedules (no time to update
CMDB)
• Management acceptance (cost concerns)
• Bypassing the process
Thank you!