prototype template (5428278)\screen library_new_final.ppt 11/28/2012. What is
ITIL? 3. • Information Technology Infrastructure Library. • A set of practices for IT ...
Technologies to support ITIL David Borsos and Adam Demjen
Agenda •
What is ITIL?
•
Knowing the infrastructure
•
Software assets
•
Impact analysis
•
How much does it cost?
•
Change management
•
Contact management
•
Access management
•
Q&A
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
What is ITIL? • Information Technology Infrastructure Library • A set of practices for IT Service Management −
“Service approach” focuses on the customers’ perspective
−
How to “run” an IT plant in a “good” way?
−
Holistic view: not just technology and implementation
• Concepts, processes vs. tools to support them • Publications 1.
Service Strategy
2.
Service Design
3.
Service Transition
4.
Service Operations
5.
Continual Service Improvement
3
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Knowing your infrastructure ITIL CMDB
• Size of an Enterprise IT Plant (e.g. Morgan Stanley) −
Tens of thousands of hosts
−
5700 database servers
−
Dedicated teams to support the various infrastructure elements
−
Impossible to “know it all”
• Solution: Configuration Management Database (CMDB) −
Collect all infrastructure data into a single, federated database
−
Fundamental structural unit: CI (Configuration Item) + Properties + Relationships
−
Example CI types: server, database, software asset, mailgroup, person, building…
• Source data can be −
Defined manually
−
Discovered
−
Loaded from a different management system 4
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Knowing your infrastructure ITIL CMDB Software asset catalog Infrastructure provisioning
Costs & billing Impact analysis
Automatic discovery
CMDB Data Warehouse
Change management Contact management
External systems
Access Management Organizational data 5
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Knowing your infrastructure Inside the data warehouse
Property
… CI
System: Trading App 3000
Property
CI
Property
Lifecycle Phase: Production
Dev Email Group:
[email protected] Owns
… Relationship
(Logical) Database: PROD_TRADING_DB
Relationship Property CI
Data_Space_Allocated_MB: 20000 Runs On DB_Server_Version: Sybase 12.5.4.0.10
Property …
Relationship
Cluster Service: nycluster28
IP_Address: 123.456.789.101 Cluster Type: coyote
…
• Highly normalized uniform data 6
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Knowing your infrastructure ETL: Extract, Transform, Load
• Extract −
Do not change the contents, only make it “manageable” (CRLF?)
−
Lots of different data sources • Use simple structures (database table, CSV file) • Generalize the connectivity (2-3 types)
• Transform −
Change the data here to make sense (e.g. convert to lowercase, combine data)
−
Cleanup
−
Mostly can be done via SQL (“INSERT INTO transform SELECT * FROM extract”)
• Load −
Create the normalized data
−
Insert it into the database
• Highly scalable, highly parallel, lots of challenges 7
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Knowing your infrastructure ETL: Extract, Transform, Load
Transformed Data
Raw Data
Normalized CI Data
Customers
Normalized CI Data
Business Processes
Normalized CI Data
Reports
Normalized CI Data
Data Sources
Analysis
Extract
Transform
Load
• Scheduled operation • Isolated steps – parallel loading / synchronization challenge −
Extract from A and Extract from B can run at the same time…
−
… but the Transform combining then needs to wait for both Extract A and B 8
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Knowing your infrastructure Some metrics…
• 6 million CIs • 30 million relationships • 800 000 records moved one day • 85 data sources • Hundreds of customers • Checking new data every 10 minutes
9
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Software assets From the infrastructure’s perspective
• A catalog of software products available (vendor products or proprietary systems) • Software: special CI type • A product (system) −
Consists of source code (repository)
−
Provides business functionality
−
Owns / Uses infrastructure components (CIs)
−
Relates to people (e.g. developers, support personnel)
−
Owned by organizational entities
−
Uses other systems
• More than 10000 systems registered in Morgan Stanley
10
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Software assets Software metadata
• Does it store confidential or restricted data? • Is it in scope for certain regulations? (e.g. Sarbanes-Oxley Act aka. SOX) • Software lifecycle −
New product / active development
−
Maintain current state
−
On a decommission track
• Cost allocation (internal billing) • New products must be reviewed before deployment −
Risk
−
Security
• Changes of a system are typically in scope of Change Management
11
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Software assets Life of a software Reviews
Pre – production
Ready for production
Evaluation
Production
Proposal
To be decommissioned
Decommissioned
Infrastructure decommission
Change management Idea or business need 12
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Impact analysis • Question: what happens if I shut down a host? −
What is the impact on the business?
−
What if a whole datacenter goes down?
• CMDB contains all infrastructure (CI) data and their relationships • Everything is mapped to Software Assets • Software Assets are related to business functionality and people • Solution: search the dependency graph of the CIs • Know: −
What the impact is?
−
How serious it is?
−
Who needs to know about it? (and when)
13
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Impact analysis Traversing the dependency graph
Infrastructure
Software assets
Business information
Datacenter Commodities department
Contains Owned by
Owned by
Host System Running on Database server
Provides Trade completion
14
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
How much does it cost? • CMDB: CIs and relationships • Software Assets: systems, CIs and business functionality • CI TCO/year – how much does an infrastructure component cost? −
One-time costs: buy a HDD
−
Power consumption
−
Support (manpower) costs
• System TCO/year – how much does a system cost? −
Sum of all infrastructure costs
−
Add the cost of people (developers, support)
• Split it up based on usage -> billing per organizational unit • Split it up based on business functionality -> cost efficiency • Predictions & strategic planning 15
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Change management ITIL Transition Management
• Change: result in a new status of one or more CIs • Minimize the impact / disruption of business activity −
Utilize the CMDB (CI relationships)
• Detailed documentation must be supplied −
When is the change executed?
−
What are the execution steps?
−
How do you make sure the change was successful?
−
How do you undo the change if it wasn’t?
• Must be approved by management −
Who needs to approve? (organizational data)
• Multiple changes might happen in the same time (e.g. weekends)
16
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Change management ITIL Transition Management
• Tooling to support changes −
Distribution tools
−
Database migration tools
−
etc…
• Can’t make changes without the tools • Tools prevent unintended production changes −
Need a fully approved change ticket
−
Emergency changes -> review post-event
• DEV / QA environment are less or non-restricted • Code must reach appropriate (production) status before deploying −
Consequence: cannot deploy a brand new system that is not security-approved
17
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Contact management ITIL Service Operations
• Who to contact with if… −
…there is an infrastructure incident
−
…there is a planned work related to a CI
• Utilize the data from the CMDB −
Software asset owns infrastructure CIs
−
Software asset relates to people (who is responsible for support?)
• Set up contact instructions on a system level instead of CI level −
No need to individually set up on all infrastructure CIs
−
Resolve the rules on them
• Changes are handled automatically −
Change in the responsibilities of people
−
Infrastructure configuration changes 18
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Access management • Can a specific user access an infrastructure item? −
Can I read from that database?
−
Depends on the user and the database
• Examples: −
A developer needs to access a database for development purpose
−
A developer should not access a production database with live data
• Exceptions might be made (e.g. in emergency situations) • Use the People – System – CI relationships again • Grant CI level permissions automatically • Lots of changes each day −
Need to automate to avoid errors / over-entitlement
−
Need to automate because it’s better for the people
• Also possible to automate 19
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Access management
Roles
Software assets On
System Infrastructure
User
Has
Role
Owns
Resource
In
Environment
Actions / Permissions May
Action
In
Environment
20
prototype template (5428278)\screen library_new_final.ppt
11/28/2012
Access management
Roles
Software assets On
TradingApp Infrastructure
Joe
Has
Developer
Owns
nydb167
In
DEV
Actions / Permissions May
read-data
In
DEV
• Result: Joe will be able to connect and read data from nydb167 • No need to give entitlements on nydb167 specifically to Joe 21
Q&A
