Detecting configuration drifts and remediating with vRSLCM

Detecting configuration drifts and remediating with vRSLCM

This post was originally published on this site ---

Many vRealize Suite products come with configuration and policy data. These data are present in configuration files and/or databases. The core functioning of product takes place only because of these data. Altering these data intentionally or unintentionally can have significant impact on functioning of product. It cannot be assumed that all products are doing audit logging of any change done to the product hence it becomes important if this task can be delegated to an application which also manages the product.

vRealize Suite Lifecycle Manager (vRSLCM) provides solution to all these problems with its features of configuration management, drift analysis and configuration remediation. Configuration management provides user view of all configuration data. Drift analysis reports any changes in configuration data. Configuration remediation lets user to update or revert or accept the changes made to configuration data. These features have been explained in detail in following sections.

 

Configuration management

When a vRealize Suite product is deployed or imported inside an environment of a datacenter of vRSLCM, the configuration collection can be triggered by user by clicking the Save Baseline option present on the menu of environment.

 

Since this is an active task, user has to trigger collection explicitly. When Save Baseline task is triggered, vRSLCM collects the configuration data from product. The collected data is time-stamped, versioned and saved inside vRSLCM. The collected data or report is known as Baseline report or Golden Configuration. Save Baseline task can be triggered by user whenever there is any change in configuration data or whenever he is willing to do but vRSLCM saves only the latest copy of baseline report inside it.

Once the baseline report is generated, user can export this report to his local system to view the configuration of the product by clicking on Export Baseline option present on the menu of product by navigating to it via View Details button of the environment.

A sample exported baseline report will look like as below:

 

 

vRSLCM also provides option of importing baseline using Import Baseline option where user can import the baseline report from his local system.

Once baseline report has been generated, the automatic configuration collection comes into picture which is a scheduled task and takes place after every 24hrs. The configuration collection interval is configurable and can be reconfigured from vRSLCM System Settings as shown below:

User can view the full configuration report by clicking on the Show Report option. Show Report option will be enabled when periodic configuration collection is taking place. A sample full report will look like as below:

 

The expanded report will look like as below:

 

Configuration management UI also shows the timeline of all collected configuration reports with timestamp.

Drift Analysis

Drift analysis or reporting is a scheduled operation which happens in vRSLCM host. The schedule interval is 24hrs but it can be re-configured by the user from the System Settings page, if required. Drift analysis takes the baseline report and current configuration report and performs the drift analysis.
As per the schedule interval, the current configuration collection task is triggered. The collected data is sent to drift analyzer which then retrieves the latest baseline report and performs comparison of baseline and current configuration. The final generated drift report is time-stamped at per property level and saved inside vRSLCM. The end user can login to vRSLCM and requests drift report for a single vRealize Suite product. The drift analyzer shows the latest drift report for indicated product.

A sample report with drifted properties will look like as below:

 

If there is no drift in the configuration properties, the user interface will look like as below:

 

User can also select any past report and check the comparison with respect to baseline report from the timeline of configuration collection.

 

Configuration remediation

When a configuration property is changed by the user inside the product or by the product itself, it will be captured by drift report in vRSLCM. vRSLCM then provides user option to either accept or update or reject this change with the help of remediation feature. The remediation UI is shown as below:

 

The Edit to Remediate button is enabled when there is any change in configuration data.

The user navigates to the required property to be remediated after clicking Edit to Remdiate button and then either provides new value or copies back old value and triggers the remediation task by clicking Apply Config button. vRSLCM updates the configuration in the indicated product. As a good practice, user should trigger Save Baseline task after remediation task has completed.

 

Few properties update triggers the restart of services inside the product, hence before triggering the remediation task, user is shown a warning popup. Accordingly, the user can proceed with remediation task.


The point to note here is that not all properties are remediable, for eg: system generated IDs or timestamps or properties which APIs or commands itself do not allow to be modified.
The failure or success of remediation task can be seen in Recent Tasks in vRSLCM.

 

Troubleshooting

 

  • Export Baseline option is disabled.

Export Baseline option will only be enabled when there is Baseline report available to be exported. Please generate a baseline report using Save Baseline option.

  • Show Report option is disabled.

Please ensure baseline report has been generated and configuration collection/drift analysis is taking place.

  • Remediation of a property encounters failure.

Since remediation of a property is done by logging into indicated product so if the product itself is not up or not reachable then remediation will not take place. Please check vRSLCM and product logs for more details.

 

The post Detecting configuration drifts and remediating with vRSLCM appeared first on VMware Cloud Management.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.