Procedures: Runbook Automation that Works

This post was originally published here by Greg Pollock.

One of the challenges of building and running information technology systems is solving novel problems. That’s where frameworks like scrum and agile come inā€“ getting from the unknown to the known with a minimum of frustration and waste. Another challenge is performing known tasks correctly every single time. Here runbooks,Ā checklists, and documentation are your friend. And yet, despite a crowded market for IT process automation offerings, misconfigurations and missed patches are still a problemā€“ and not just a problem, but theĀ root causeĀ of 75-99% of outages ofĀ breachesĀ depending on platform.

Executable Documentation

UpGuard’s Procedures feature provides the missing layer ofĀ runbook automationĀ to ensure that every machine is configured correctly at every stage of its lifecycle. There are two places to get started: your existing documentation and UpGuard’s library of pre-made procedures. Whether you’ve documented your standard operating procedures in text documents, spreadsheets, a knowledge base, or sticky notes, any information on what your organization needs to maintain secure, reliable systems is a good starting point.

Every procedure is made up of steps, where each step represents one action you need to perform. The most common step type is to run anĀ UpGuard policyĀ to check that system configurations match expectations. CreatingĀ policiesĀ can be done either by transforming the discovered state of a node into checks or by writing the checks out. For best practices, you can also choose from the library that UpGuard provides for common system checks.

Ā READY TO BUILD RESILIENT IT PROCESSES?

The Automation Safety Net

Once you know what procedures should govern your systems, you can start automating the critical validation phase. Whether you use a configuration management tool, a collection of scripts, or shoot from the hip on the command line, UpGuard provides theĀ validationĀ that the resulting configuration state complies with the prescribed procedural steps.

Adding a procedure made of policy checks to a node group will cause UpGuard to run all the automatic steps that it can at a scheduled interval. The output of all those automated validation steps is presented as a dashboard showing what procedures are running against each node group and whether they are in the desired state. Procedural breakdowns likeĀ configuration driftĀ or missed security hardening can thus be easily detected and remedied.

Conclusion

At the root of almost every failure is a poorly defined process or a process that was not executed completely. The foundation of successful process execution rests on clearly documented procedures that are visible to everyone involved in the administration of those systems. UpGuardā€™s Procedures not only provide thatĀ share layer of visibility, they automate the work of confirming that those procedures have been executed correctly, saving time, money, and frustration.

Ā 

Ad

No posts to display