System Administrators (SAs) are a lazy lot. Now, that might seem an unusual way to begin an article about automation, but if SAs weren’t lazy, automation software might have never found a home. It isn’t a bad thing for SAs to be lazy. In fact, it’s a very good thing that they are, otherwise everything would require manual intervention and perhaps two to three times the number of SAs to perform the work that one can comfortably do.
Automation goes far beyond CRON; it encompasses user account maintenance, self-healing scripts, logwatchers, network service setup, file copying, filesystem housekeeping, application configuration, and system monitoring for example. Some administrator use automated scripts to deploy physical and virtual machines. Although CRON, Task Scheduler, and other process scheduling applications are certainly useful and ubiquitous, they aren’t the only automation tools in the System Administrator’s arsenal nor should they be.
The following is an introduction to 5 applications and suites that SAs use to automate daily tasks, to keep a watchful eye on systems and processes, and software that, in general, mimics traditional human eyes on glass and fingers on keyboards. The companies and software featured in this article represent a wide range of possibilities for automating your enterprise. The list is in alphabetical order by company name.
Infrared360 – Avada Software
Avada Software is a small company with a big product known as Infrared360 (IR360), which is an enterprise middleware monitoring, testing, auditing, and statistical reporting tool. IR360 is a J2EE-compliant enterprise messaging management portal that enables secure, delegated access and permissions to WebSphere MQ, WebSphere Message Broker, WebSphere Application Server/JBOSS/Tomcat, Weblogic, TIBCO/EMS, Red Hat A-MQ, any web service, and any URL.
One of the most compelling features of IR360 is its capability to perform what system administrators call “self-healing” or what Avada Software calls automated corrective actions. If a monitored service fails, an MQ channel for example, IR360 will attempt to restart the failed service before it sends an automated alert. Administrators also receive notification that IR360 restarted the channel. And IR360 responds to error conditions via any service, such as MQSC, java, SOAP, SQL, .bat/.cmd files, shell scripts, and other scripting languages.
Automated services that IR360 performs:
· Qmgr definition backup
· Cloning of middleware objects
· Start processes in response to alert conditions
· Initiate services in response to alert conditions
· Cleanup messages and queues
· Scheduling and running of test cases
IR360 also features automated, rule-based analysis for problem conditions and automated cleanup of messages and queues. You can schedule services to perform channel and queue administration for your messaging environments. IR360 runs on standard hardware and can be installed and run as a virtual machine. It requires a transaction-safe relational database system such as MySQL, DB2, Oracle, and SQL Server for operation.
Hewlett-Packard Server Automation – Hewlett-Packard
In 2007, HP purchased Opsware, Inc. (formerly LoudCloud), which was one of the first companies to market SaaS and cloud computing. Now known as HP Server Automation (HPSA), it is a full automation suite for provisioning operating systems onto bare metal, for software installation, for patch management, for auditing, and for security management. HPSA has both a web interface and a java application for management.
HPSA uses a local agent to report back to a central “core” system. This agent also responds to requests, delivers software, runs scripts, and edits system files managed by a core or multiple cores. Administrators using HPSA can manage the entire life cycle of systems from deployment to decommissioning.
Administrators can manage both virtual machines and physical machines with HPSA, plus manage multiple operating systems all within the same interface. Jobs (scripts, packages, patches, files) can be delivered immediately or based on a schedule. Additionally, administrators may either choose to allow a system to reboot after patching or to deny a reboot. Denying a reboot allows administrators to deliver patches and software to numerous servers at once without disruption of production activities.
HPSA delivers the following automated services:
· Shell scripts
· Software packages
· Security updates
· Operating systems to bare metal
· System reboots or no reboots after patching
· Job status email
· Scheduled or ad hoc jobs to individual or multiple systems
If you need to edit the /etc/hosts file, or the C:WINDOWSSystem32Driversetchosts file, for a group of servers, you can select a subset of servers based upon a search or you can select a private group of servers that only you have access to and then deliver your modified hosts file to all selected servers in a single job.
HPSA is an automation suite capable of handling any size environment and many different operating systems (Windows, Linux, UNIX).
Pulseway offers a SaaS-based monitoring and management server subscription into which all of your Windows, Mac, and Linux systems will automatically report via an installed agent. It also supplies apps for your mobile phones, tablet computers, and web browsers from which you can receive alert notifications when things go wrong, respond, and troubleshoot from anywhere and using any device.
For automated monitoring, Pulseway provides real-time monitoring and alerting for applications, services, filesystems, CPU, memory, and system status. You can also customize alerts for your own applications and services. Using the SaaS-based enterprise server, you can create stratified user accounts and grant permissions based on job roles. For example, you can create a user that can perform process restarts, but can’t reboot or shutdown a system.
Pulseway’s self-healing capability is an extensive of its monitoring feature. You can specify alert conditions that, when met, will trigger a task such as restarting a process, running a script, or some other specified behavior.
You can also monitor and manage native and third party applications and services with Pulseway, such as:
· Active Directory
· Exchange Server
· SQL Server
· VMware hosts and VMs
· XenServer hosts
· Amazon services
· Azure services
· ESET Remote Administrator
· StorageCraft ShadowProtect
Pulseway’s automated monitoring enables system administrators to “watch” systems, services, and storage 24x7x365 in real time. It also allows administrators to respond quickly to alert notifications and keep business critical services up and running from any location and on any device.
SimpleWAN’s simplicity comes about because the firewall device comes preconfigured and self-provisions on your network. Its simplicity also originates from its automated two-way network traffic monitoring, alerting, and updating. SimpleWAN’s automation also covers automated configuration backup and automated maintenance that includes firmware updates and upgrades.
The complete list of automated SimpleWAN services:
· Random port-hopping security
· Dynamic WAN routing
· Remote and local logging
· Random remote client termination
· Real time monitoring
· Real time alert notifications
· Configuration backup
· Firmware updates and upgrades
SimpleWAN’s automated updates aren’t limited to firmware and maintenance releases. Your device receives rules and security updates resulting from known attacks and threats occurring in other customer environments. SimpleWAN makes its devices and services available through value added resellers (VARs) and managed services providers (MSPs).
Network Configuration Manager – SolarWinds
SolarWinds builds and supports dozens of enterprise tools, but the focus of this post is its Network Configuration Manager (NCM). NCM includes an array of automated and automatic features including automated network discovery that scans your entire network and imports discovered devices into its database. Its automated device association features automatically maps routers, firewalls, switches, and load balancers regardless of vendor and then matches the device with an NCM device template for automatic configuration backups.
The Network Configuration Manager’s automation features:
· Automated network discovery
· Automated device association
· Real time change detection
· Instant notification of configuration changes
· Automatic logging of all changes
· Automatically generated device inventory
· Automatic configuration backup
· Vendor-neutral configuration change automation
NCM’s built-in Syslog and trap server provides instant notification of any changes to a configuration. This feature provides information that’s valuable during troubleshooting because you’ll have a list of all changes for a specific device available to you. SolarWinds tools are quick to setup and easy to use. For example, you can install NCM, discover your network devices, and start backing up network configurations in under an hour.
Spiceworks is a free, automated inventory tool for your systems and their software. It scans all network-connected devices, without using agents, and reports that information back to a central repository. Spiceworks is a non-agent discovery tool that uses standard network protocols to discover and report on all your devices. The one limitation that it has is that it requires Windows XP Pro SP2 and newer or Windows 2003 Server SP1 and newer. You can run Spiceworks on a virtual machine (VM), but it requires at least 4GB RAM and should be dedicated to running this single service. On a physical system, you can run a limited number of other services with only 4GB RAM. For more than 50 discovered devices, you should increase your RAM to at least 8GB for either a physical or for a virtual machine.
Spiceworks can scan multiple networks as long as the Spiceworks server has network access to those systems, otherwise you’ll have to install the application on a server or VM in each network.
Spiceworks doesn’t use agents to monitor your systems, but you must setup your network devices to allow SNMP connectivity, provide Administrator-level access for Windows systems, and root-level access for Linux systems. Providing this information doesn’t compromise security, but it allows Spiceworks to collect valuable information on software, filesystems, services, and applications running on your systems.
Spiceworks is community-driven software, which means that free support is available through the user community that boasts membership in the millions. Alternatively, for enterprise installations, you can purchase subscription support. The Spiceworks community also provides many modules for the product that extend its capabilities beyond its original inventory-oriented scope.
Automation tools are indispensable elements in every system administrator’s arsenal to which they refer on a regular basis. The lazy system administrator knows that automation is the key to a more productive infrastructure and a more productive system administrator. Management also knows the value of automation. It lowers costs, increases revenue, and maintains a smoother operating environment that requires fewer human hands. Automation isn’t just a good thing; it’s an essential thing.
Photo courtesy of Shutterstock.