Device42 – Official Blog

Towards a Unified View of IT Infrastructure | The Official Device42 Blog


CMDB in the world of infrastructure as code

CMDB in the world of infrastructure as code

Businesses are increasingly running infrastructure as code. That’s great news for organizations, as it increases their agility, making it easier to deploy and manage IT infrastructure. It’s also great news for engineers, as they trade complex manual processes for automated provisioning of cloud services and streamlined configuration processes. And the pace is quickening: Nearly all (85 percent) of all organizations are embracing a cloud-first strategy by 2025, and 95 percent of new digital workloads are being deployed on cloud-native platforms. 

But if infrastructure can be produced, deleted, and recreated at will, does it really need to be tracked in a system of record? So, is maintaining information about codified IT infrastructure that’s created in private or public clouds in configuration management databases (CMDBs) still required – or is this busywork that companies can now avoid? 

Why CMDBs still matter for cloud-first businesses 

The argument for CMDBs is that they provide a living, centralized repository of configuration items and asset data. IT teams, including DevOps, deployment, and site reliability engineers, use CMBDs to capture change processes and configurations made to key hardware and software assets, such as servers, storage, operating systems and business applications. It’s likely that over time, CMDBs will contain far more information about software than hardware, as organizations trade data center management for virtualized hardware and software and modern cloud applications. 

However, even if organizations are largely software-driven, they still need to track valuable information about assets which informs other key business practices. Here are business processes that need to be closely tracked by all large businesses. 

  • Tracking software licensing: IT teams help manage enterprise software licenses, tracking usage and payments. However, tracking licenses is getting more challenging, as businesses own and deploy more technology, including cloud instances and SaaS apps. Both application and enterprise software sales are growing fast, with each expected to exceed $400 billion by 2023. However, somewhere between 30 and 50 percent of all IT investments are spent on “shadow IT,” or unknown business solutions.

    So, auto-discovering software using a CMDB and running reports to maintain this information enables organizations to demonstrate compliance with licenses. By doing so, organizations avoid issues that could result in lawsuits and fines, such as allowing unapproved internal users or third parties to access and use these tools. 
  • Determining usage: Organizations that don’t track cloud usage often end up overpaying for services they’re not using – or missing discounts they could otherwise exploit. Up to 35 percent of all cloud spending is wasted. Since organizations spent $494.7 billion on cloud services in 2022, that means hundreds of millions of dollars were spent in vain.

    Developers spin up functions as a service (FaaS) or PaaS to build and evolve code. However, as they proceed, they may no longer use some or these services, resulting in unnecessary spending. If these same users track cloud services in a CMDB, however, they can determine which ones are being used and which ones can be safely decommissioned.
  • Evaluating infrastructure versions: It’s not uncommon for organizations to run multiple versions of infrastructure across businesses and regions. IT teams need to manage these versions closely: to avoid running unsupported software at end-of-life, to bring users and groups into parity, and to prevent security issues.

    As an example, AWS recently announced an end of support for Node.js 12. Customers that have Lambda functions were notified that they needed to update to Node.js 16. Finding these functions doesn’t need to be an arduous process: Leading CMDBs can auto-discover these nodes, enabling developers to proactively update them and avoid unnecessary performance or security risks. 
  • Streamlining auditing and compliance: It’s difficult to audit what can’t be seen. Organizations need to audit IT assets for various purposes, such as PCI and ISO 27001 compliance, which requires gaining easy, anytime access to asset information and their metadata, which a CMDB can store. In addition, using a leading CMDB allows organizations to avoid maintaining a separate IT asset management (ITAM) system, as the data included in this latter system can be provided by the CMDB.
  • Rightsizing resources: Understanding assets – what’s used, what’s needed, and growth trends – helps organizations properly align their human capital to business and technology requirements. Organizations can use CMDB data to hire the right number of staff for teams, ensure that team members have desired skills, and train and upskill their talent appropriately.

    In this current economic environment, the C-suite is taking a closer look at all expenses, talent included. As a result, CMDB data can help groups, such as human resources, training, IT, and others, make better talent and workforce development investments.  
  • Accelerating ITSM processes: Service desks handle a torrent of issues, and time is of the essence to resolve them. CMDBs integrate with leading IT service management (ITSM) platforms such as ServiceNow. If they include asset information and not just code, CMDBs can provide technicians with vital information such as which assets are involved, software versions, recent configurations, and other data that can speed incident investigation and resolution. 

Codify your infrastructure – and track it with a CMDB Tool

Codifying infrastructure is an important strategy that many businesses are pursuing. It helps teams develop and deploy new services, scale with business growth, and improve disaster recovery. 

However, the move to becoming a software-defined enterprise doesn’t negate the requirement for a CMDB, but instead increases it. Organizations now, more than ever, need to track and understand their assets, so they can align talent, tools, and processes to run and grow their businesses efficiently. Having a single version of truth in a CMDB enables organizations to optimize IT operations and capitalize on business opportunities as they emerge.

Share this post

Rock Johnston
About the author