A common activity for many developers is to quickly spin-up or refresh their dev or test environments as they're developing new features on investigating production issues.
If you're someone that's familiar with tools like Vagrant and Ansible, you may think you've already got an automation system to provision dev, test or staging environments, but there are a few issues with that:
- It takes a lot of expertise to get all the settings and config options just right and can you be sure you're consistently using them for every piece of work?
- How do you manage admin accounts for the systems being used? For example, creating a VM with a database might be straightforward, but if you then want to apply config to the database or pre-load test data, you'll need an account, probably with DBA privileges. How will those credentials be managed?
- If you're frequently switching between projects, how easy is it to ensure you're getting the right set up for each piece of work?
If you're not a Vagrant or Ansible expert (and why should you be?), you just want to get some coding done or get stuck into investigating a bug or testing a new feature. if you're a coder just joining a new team or project, you don't want to spend the first few days or weeks getting a development environment set up as used by your new team.
In these cases, all you care about is how fast you can get into a productive environment.
If you're a team lead or manager, you want your team to be as productive as possible, so the time spent setting up a working environment is important. You also want consistency across all environments, for example ensuring all web servers have the right security controls.
The answer is automation.
There have been options for automation in the past, without them, CD/CI pipelines just wouldn't work. But automation with tools like Puppet or Chef, or even Linux shells like Bash or PowerShell on Windows have many limitations.
For example, they're hard to manage if each engineer builds their own automation scripts and no-one else knows they exists or how they work. They suffer from the problem mentioned earlier regarding credentials being embedded in the scripts. Sadly, they aren't always intuitive as they rely on command line options or config files. If the scripts want options selected by the user or for options to be validated, they get very complicated and more effort than they're worth.
Privileged Process Automation (PPA) is built to address the twin problems of making it easy to build cross-platform automation and protecting valuable admin credentials.
In the video above, you'll see a typical example where the developer can choose the type of environment they need, including the load-balancer and how many application servers will be needed. Of course, this is just an example, you may need to include other options such as which DB to use.
There are many other examples of where PPA helps with DevOps, for example, using PPA to build an interface around your existing Ansible scripts.
If you'd like to know more about PPA and how it helps DevOps, IT Operations, Cybersecurity and many other teams, please visit https://www.osirium.com/automation.