Business process automation is an essential part of what IT delivers, and central to allowing IT to deliver business automation is using IT automation. You may recall lots of vBrownBag content around “Automate all the things” a few years ago. Plenty of help to use PowerShell to automate your vSphere and more recent content helping you learn to automate with Python. The thing is that the best automation is the one you don’t write. A vendor with an open API to allow customers to develop automation is fantastic, and now an open API is table stakes for products in private and public cloud deployment. Unfortunately, some vendors stop with an API and expect their customers to develop all of their own automation using that API. If a large number of your customers are writing precisely the same automation, then your product is missing the feature that removes the need to write the automation. For example, if most of your customers need to write reports that show the availability and performance of your product, then your product should have those reports built-in. Customers are far better served with features built-in, rather than lots of duplicated effort to build these features on top of your API.
Disclosure: This post is part of my work with Cohesity.
I had been thinking about what I might automate on my Cohesity deployment when I realized that there is already automation for routine activities. A classic task is to add a newly created VM to a backup job. If the API were the only automation, then you would need to make configuring data protection part of your VM deployment and change methodologies using custom scripting. Cohesity has auto-protection, specify the criteria for protection, and new VMs will be automatically included. One criterion is a folder in the vSphere inventory, a Protection Job attached to a folder that has auto-protection enabled will automatically add any new VM in that folder. Folders are just one dimension; you can setup auto-protection based on VM tags as well as VM name matching. The various options allow you to leverage your existing categorization strategy, rather than needing to have a new strategy just for data protection. You might use VM tags as part of your application and data management. Maybe a tag of Mission Critical means that the VM should have vSphere resource reservations and be on an HA cluster. That same Mission Critical tag could also tell Cohesity to protect the VM every two hours, replicate to a remote data center for Disaster Recovery, and retain weekly archive copies for seven years.
Using Cohesity auto protection, you do not need to build your own automation to protect new VMs. Built-in automation is better than developing your own scripts, although there will still be plenty of reasons to write your own automation. I think using vSphere tags to drive auto-protection of VMs is compelling; I will dig a little more into this soon. I saw that Dan wrote about the reverse, using tags to prevent VMs from being auto protected.
© 2019, Alastair. All rights reserved.