Managing an
application infrastructure can be demanding, especially in a
tiered deployment architecture. If multiple Web and application
server configurations are involved, the problems associated with
maintaining consistency across the organization are compounded.
MValent's Integrity can help harried administrators by providing
a centralized repository from which all text-based
configurations can be managed and, in some circumstances,
automated. Integrity 3.0 lets you perform audit configuration
changes, and capture and centralize configurations. The program
also notifies you immediately when a change is made.
Integrity, which is closely aligned with the ITIL (IT
Infrastructure Library), organizes its features and
functionality into three categories: configuration, change and
release. In short, it provides mechanisms for managing
configurations, tracking changes and provisioning configurations
across the enterprise.
Integrity can manage virtually any text-based configuration file.
It's designed to suck in configurations from application servers,
but also supports a wide variety of other infrastructure devices,
including Web servers, routers and switches. For each machine I
wanted to manage, I had to perform some setup within Integrity. Its
power lies in its ability to both read and write managed
configuration files, so you must make sure the access method
includes write access for the specified user.
Access to resources is specified through
authentication packs,
which specify how Integrity should retrieve the configuration
file--through FTP, SSH (secure shell) or a UNC (Universal Naming
Convention). Integrity's power lies in its ability to both read and
write managed configuration files, so you must make sure the access
method includes write access for the specified user.
To test this, I specified a WebSphere 6.0 automation pack and
then pointed Integrity at a WAS 6.0 directory over UNC. Integrity
initially had some problems pulling in our WebSphere
configuration--differences in configuration format between WAS 5.1
and 6.0 were the culprit--but mValent engineers quickly remedied the
problem, and we moved forward without further delay.
Integrity supports a lengthy list of possible assets, including
Apache Web server, BEA Systems WebLogic, IBM WebSphere, Microsoft
Internet Information Server and SQL Server and Oracle databases.
Integrity also provides an import mechanism similar to that found in
Excel that lets you specify how the configuration file should be
read--comma delimited (CSV) or XML-based--and then parses the file.
In my tests, Integrity handled simple CSV or key-value pairs
(Windows INI style) with ease.
Integrity organizes configurations into projects, which helps
when using the comprehensive comparison tools.
I configured two
projects, one to hold my WAS 6.0 and Apache production
configurations and another to represent a development or quality
assurance (QA) environment. By selecting the Apache httpd.conf from
both projects, I could compare the two (see screen, page 20).
One glitch: It's not readily apparent which configuration file
belongs to which project. For each piece, such as DocumentRoot or
Listen, I could ignore key-value pairs on a global, asset or session
basis. This is useful if you need to ignore values that must be
different across configurations, such as host-specific values, but
still view base-configuration differences that may be causing
problems or deviating from organizational standards.
The interface clearly shows configuration differences through
bright color schemes and uses the same view an administrator would
to edit the configuration file. This lets admins immediately change
one or both files without moving between the config files in the
hierarchy. Comparisons can be executed against configuration files
from different machines or across versions of a single configuration
file from a single machine.
Trail of Changes
Tracking is accomplished through a polling mechanism that occurs
on a scheduled basis, so in a large network changes will only be
detected periodically. Once a configuration is loaded, it's a simple
task to enable tracking, which then logs each change to the
configuration file whether it occurs out of band or from within
Integrity's role-based structure.
I enabled tracking for my production WAS 6.0 configuration and
then modified the configuration manually through the WAS
administration console. Integrity picked up the change, shot off an
e-mail and further notified me through the use of the alerts tab
within the Integrity console. I scanned the differences and then was
given the choice of provisioning the WAS configuration stored within
Integrity back to the server or accepting the change and creating a
new version within Integrity. I decided to provision the original
configuration back to the server. When I reloaded the WAS admin
console, it notified me--as expected--that the configuration had
changed.
Functions such as copying, cloning, provisioning and versioning
configurations are a breeze with Integrity, though the interface is
cluttered by the extensive hierarchical nature of product
configurations. Integrity continually polls for config changes
through the defined authentication packs, and can be scripted using
Python to provision configurations on a scheduled basis.
Administering Integrity
You can control configuration administration through Integrity's
role-based authentication and authorization system, which provides a
delegated admin environment. For even finer control, you may
override permissions at the file level, which enables an
administrative hierarchy of a single resource type. For example, I
designated permissions on both WAS environments (production and QA)
and then further dove into specific configuration files, giving one
administrator access to modify the configuration for the production
environment but not the QA.
Overall, mValent's Integrity 3.0 performed as advertised. The
extensive hardware requirements may make the cost of acquisition
less than appealing, but the reduction in risk, management time and
troubleshooting may be well worth the $60,000 investment.
Lori MacVittie is a Network Computing senior technology
editor working in our Green Bay, Wis., labs. She has been a software
developer, a network administrator, and a member of the technical
architecture team for a global transportation and logistics
organization. Write to her at lmacvittie@nwc.com.
"We set out to address and automate all
the information that was held by IT
departments. The knowledge held by DBAs,
systems administrators and so forth is the
glue that holds the application together,"
says Andrew Bird, mValent vice president of
business development.
The application server platform support
comes in software packages called enablers.
The WebSphere and WebLogic enablers automate
the creation and management of
configurations for those platforms. Among
the features are best practices templates,
automatic verification and application
server replication.
The templates include definitions and
specifications designed for the application
server platform. The enabler will match the
definitions with what is in the customers’
environment and then customize the templates
to their infrastructure. This will help them
standardize their management processes on
those platforms because all the
configurations will be based on a common
template, the company says.
The automatic verification feature is
there to ensure that as additional
application servers are provisioned and
brought on line they are in sync with the
current application infrastructure. The
enablers will check the application server
configuration against that in the templates
and verify that it meets the chosen
standard.
Application server replication automates
the process of creating a new server.
Lastly, the new enablers will
automatically save WebSphere- and
WebLogic-specific information into mValent's
configuration management database. The
company says this simplifies the process of
creating a consolidated source for all
infrastructure configurations for customers.
"The software can reduce the time it
takes to perform a server replication or
large migration job from three men working
three months down to one man for a week, for
example," Bird says. "It's an automation
platform for application infrastructure."
MValent software captures information
about infrastructure requirements for
different applications and models how
applications use infrastructure components
such as Web, application and database
servers. The captured information and models
inform different IT departments how to
either write an application or configure
infrastructure components for optimal
performance.
MValent uses software installed on a
dedicated server and client software on,
say, an application developer's desktop. The
client software collects information
relevant to its user’s role in the
application lifecycle. For example, a
systems administrator, an application
developer, a database administrator and a
network manager could all use the client
software.
The data configured and collected by the
client software regarding any given
application from that specific perspective
is then sent to the server software to be
correlated and to create the models of how
the application users multiple components in
the infrastructure.
Available now, pricing for mValent's
Infrastructure Automation Suite 2.2 is based
on the number of IT users and starts at
$50,000.
Andrew Bird has a consistent track record of success at
enterprise software companies ranging in size from early-stage
to market leader. Prior to joining mValent, Andrew was the
Executive Vice President of Marketing at Precise Software
Solutions, where he established Precise as the leading
application performance management ISV which merged with VERITAS
in July 2003 in a $675M transaction.
Andrew joined Precise after building the application service
management business for BMC Software in Europe. Andrew's 25-year
career includes executive management roles at Precise Software
Solutions, BMC Software, and BGS Systems, where he held various
senior positions in business development, marketing, and sales,
both in the US and Europe. Earlier in his career, Andrew also
held sales, systems engineering and technical support positions
with Cullinet Software and Cincom Systems. Andrew is a native of
the United Kingdom and, when not focused on business, can be
found sailing the northeast coast of the US.
Personal info for
jtauber
Name: James Tauber
Homepage: http://jtauber.com/
Notes:
I'm Chief Scientist at mValent
and an original participant in the XML activity at the W3C. I wrote
the first open source implementation of XSL-FOs, FOP (which I
donated to Apache); started the first open source implementation of
UDDI, jUDDI; a Python implementation of the XML schema language TREX,
PyTREX; and am co-developer of Redfoot, an RDF application
framework.
Recently, I started PyGo, a Python application for studying and
playing Go.
Email: jtauber@jtauber.com
This person is:
- a Lead Developer on project
FOP.
- a Contributor on project
jUDDI.
- a Lead Developer on project
Redfoot.
- a Lead Developer on project
PyTREX.
- a Lead Developer on project
ApplePy.
- a Lead Developer on project
PyGo.
- a Lead Developer on project
Leonardo.
Recent diary entries for jtauber:
Living back in Perth, but working for mValent in Boston. Working on
the editing and scoring for my first short film,
Alibi Phone Network.
Resumed work on my morphological database of the Greek New Testament,
MorphGNT and was in the
midst of a major rewrite of
Leonardo (release as 0.4)
Python is my programming language of choice. I've been using it for
over seven years. I, like many people, have Paul Prescod to thank
for my "conversion".
I am currently working on:
Also see my new
Relational Python
series.
Little scripts people might find fun / useful:
In hiatus are:
- Tim — a tree-based IM client
- Sebastian
— a music composition system
- a
graphical shell widget
- PyLing — a
library for doing computational linguistics
- PyMMO — a
framework for building massively multiplayer online games
- Cleese — an
operating system in Python
- pyso — pygame-based
package for isometric games
Open-source software I have previously written in Python
includes:
I also mentored the Python Bayesian Network project for
Google's Summer
of Code.
Re [tools-dev] Python support