A CMDB for IT infrastructures

Automate IT²: Chapter #1 at Palo Alto Networks

About me

Network and Security Architect

Cisco CCIE #38620 (R&S)

VMware VCP/Red Hat RHCE

andrea.dainese@gmail.com

www.routereflector.com

@adainese

www.linkedin.com/in/adainese

Developer (UNetLab)

VMware vExpert since 2014

Cisco Champion since 2014

Automate IT²: Chapter #1 at Palo Alto Networks

Task: list all active systems

Alice: consults an Excel file and reports 1984 running systems. (What should be)

 

Bob: consults AWS, Azure, GCE and internal vCenter and reports 2010 running systems. (What is)

 

Carol: remembers that 5 internal VMs are running 33 Docker containers, and asks if they should be included or not. (Exception)

Automate IT²: Chapter #1 at Palo Alto Networks

System of Record (SOR): A system of record is the authoritative data source for a given data element or piece of information. (What should be)

 

Source of Truth (SOT): The source of truth is a trusted data source that gives a complete picture of the data object as a whole. (What is)

Automate IT²: Chapter #1 at Palo Alto Networks

What a CMDB is (WikiPedia)

A configuration management database (CMDB) is a repository that acts as a data warehouse for information technology (IT) installations. It holds data relating to a collection of IT assets (commonly referred to as configuration items (CI)), as well as to descriptive relationships between such assets.

Automate IT²: Chapter #1 at Palo Alto Networks

Features of a CMDB (ITIL)

  • Manual and, where applicable, automatic recording and modification of configuration items
  • Description of the relationship and/or interdependence between CIs
  • Change of CI attributes (e.g. serial numbers)
  • Location and user management for CIs
  • Integration via the ITIL processes represented in the system

Automate IT²: Chapter #1 at Palo Alto Networks

Single System of Truth Records (SSOR): every data element is stored exactly once.

Automate IT²: Chapter #1 at Palo Alto Networks

Asset Inventory

IP Addresses

Network Devices

vCenter

AWS

Azure

GCE

Kubernetes

CMDB

Single System of Records (SSOR):

every data element is
stored exactly
once.

Automate IT²: Chapter #1 at Palo Alto Networks

Planning a CMDB

Requisites

  • ITIL
  • CFG Management
  • Asset Management
  • SSOR / federated CMDB
  • ...

Automate IT²: Chapter #1 at Palo Alto Networks

Planning a CMDB

Design processes and data structures

Automate IT²: Chapter #1 at Palo Alto Networks

Choosing a CMDB

  • CMDBuild
  • ITOP
  • Git/CVS
  • ...

(from requisites)

Automate IT²: Chapter #1 at Palo Alto Networks

DEMO: CMDBuild

Automate IT²: Chapter #1 at Palo Alto Networks

Network Devices

CMDB

Importing Existing Data

  • REST API (CMDBuild)
  • Python
  • NAPALM

Tools

Automate IT²: Chapter #1 at Palo Alto Networks

DEMO: Importing Data

Automate IT²: Chapter #1 at Palo Alto Networks

Network Devices

CMDB

Operating from the CMDB

  • REST API (CMDBuild)
  • Python
  • NAPALM

Tools

Automate IT²: Chapter #1 at Palo Alto Networks

DEMO: Operating from CMDB

Automate IT²: Chapter #1 at Palo Alto Networks

Lesson Learned

  • Plan
  • Be supported

Automate IT²: Chapter #1 at Palo Alto Networks

What's next

  • Configuration management
    • Git
    • Jerrit
    • Ansible/NAPALM
  • Continuous Integration
    • Git/GitLab/GitHub
    • Jerrit
    • Jenkins
    • Ansible/NAPALM
    • UNetLabv2

Automate IT²: Chapter #1 at Palo Alto Networks

Thank you

andrea.dainese@gmail.com

www.routereflector.com

@adainese

www.linkedin.com/in/adainese

Automate IT²: Chapter #1 at Palo Alto Networks