This week I got to see a demo of Infront’s Orchestrated Patch Automation Solution (OPAS). The software promises to automate away all the manual steps that operational staff need to perform to update servers and then validate that they are healthy after the update. This could put an end to the weekend work, or middle of the night, bleary-eyed patching of one server after another. Why stay up late when you can make OPAS stay up for you? 🙂
What OPAS can do
Based on the demo we saw, there seem to be a lot of built-in validations and scheduling capabilities. Given one of the validations is capable of running PowerShell, that means you can basically validate anything you want. The basic process is “do updates, do checks, proceed or stop”. Some highlights that I enjoyed:
- Schedule the automation: Pick a date and time for a given update session to run. This way you can match it up to your existing maintenance schedule.
- Out of the box and custom validations: Port checks, response checks, powershell scripts. If you need to check it after you install the update, you probably can automate that.
- SQL Cluster support: This one is really nice. You can configure a SQL cluster in OPAS so that it will take one of the nodes out of the cluster, patch it, and if it fails it won’t be re-added and OPAS will stop processing the rest of the cluster. This ensures your application stays online.
- Load balancer support: Another nice one, similar to the SQL cluster support, you can take a VM out of the load balancer pool to perform updates and then add it back to the pool when it succeeds. Great for balanced content delivery servers so you can maintain uptime requirements.
There are definitely some features that are still in their product backlog and coming out for upcoming releases, but from the questions we asked there were a few limitations that I should point out:
- Limited concurrent updates: At the core, OPAS is limited by Orchestrator capabilities. We were told you could probably execute about 10 updates concurrently. This is enough for most of our client’s production footprints, but if you are doing managed services for many clients it means you’ll likely need to deploy multiple OPAS instances in order to manage your various clients to avoid conflicting schedules.
- Network connectivity required: Due to the nature of the type of communication required for the validations and installs, OPAS obviously requires access to the instances it is managing. For some network topologies, this may not be possible with a single OPAS instance. You may need to deploy multiple instances in multiple network zones to manage all your servers.
- Windows Update dependency: For our team, a great feature would be to be able to deploy Sitecore updates to a variety of servers, and not just windows updates. Technically you could script in a powershell validation to execute a bunch of code to do so, but that validation wouldn’t fire unless there was also a Windows update patch to install.
Where I see OPAS shining
As our team looks to offer more managed services to our clients, automation software like this will really help in keeping our IT team focused on the important things and not spending valuable hours billing clients for applying windows updates. With multiple clients being managed on different schedules and in different time zones, OPAS would give us the opportunity to scale out our server maintenance to dozens, possibly hundreds, of servers and VMs quickly and efficiently.
The management of multiple OPAS instances and keeping up with OPAS updates is something I would need more hands-on time with the product to figure out and optimize.
What are you using to bring automation to your operations team? Let me know!