Tuesday, June 14, 2011

Managing server software deployments without remote access

Image: worradmu / FreeDigitalPhotos.net
The idea behind deployment tools in general is to automate as much as possible of the process to avoid human errors. You get the full benefits in your internal LAN  but what about production upgrades to customer servers? Smaller companies may grant remote access to their trusted software providers but larger operations will flinch at this type of request and wave their security guidelines at you. What then?

Well, let's have a second look at what makes manual upgrade processes so lengthy and complex. I think everyone will easily agree that the transfer of new software packages to target servers can be tedious but it is not particularly error-prone or difficult. It is a convenient feature of production deployment, nothing more. No, the real difficulty derives from re-applying existing configurations to the new upgrade package. This operation requires the deployer to compare the current production configuration files against the upgraded package and apply every customized parameters on the new version. This operation has to be repeated for every single configuration file, for each application component and on all target server of the production environment. Most good deployment tools include this capability by matching upgrades against their centralized configuration except that they cannot deliver in the absence of direct connectivity.

Advanced deployment management systems must have the capability to split the actual deployment process from the configuration management. KwateeSDCM does that by generating fully self-contained off-line installers that contain not only the upgraded software package but also the customized configuration parameters and the customized commands to be run during the installation process. Off-line installers can be run on any supported platforms (windows, linux, solaris, MacOS, ...). They can be exported and sent to the customer where they can be executed on each server in any security guideline-compliant fashion, i.e. from a removeable media, an intranet file server, etc.

No comments:

Post a Comment