A key precept for site reliability engineering (SRE), platform engineering, and *Ops teams is automating non-essential toil. Think of toil as any tasks that must be done for systems to run smoothly but don't directly impact functionality. Tasks like running security updates and installing or upgrading packages fall into the toil category.
As teams become more proficient at creating automation, automating for other teams becomes more appealing. Delegating tasks to other technical teams so they can self-serve saves time on both sides of a ticket request: The requesting teams get tasks done when they need them, and the implementing teams aren't buried under a ticket queue full of requests that might be simple but need to be done correctly.
Automation should address three gaps to reap these benefits:
- Knowledge: Tasks can have many steps and dozens of possible options.
- Skills: Modern ecosystems consist of an enormous number of components with specific execution and configuration requirements.
- Access: Environments are restricted to a few users for security and compliance reasons.
Powerful automation platforms give teams a solution for these three gaps, providing a centralized resource to create, maintain, and grant access to automation for many types of tasks. These tools shouldn't ask too much of the requestor, who might know, "I want a developer environment in our cloud account" and not, "I want a set of containers built with this image, networked in that way, with access to the test data."
Rundeck is an open source software used to quickly automate manual tasks. Use it to create workflows consisting of commands, scripts, and APIs. These workflows might include software management, configurations, and scheduled events. Rundeck logs these activities for transparency and troubleshooting. How can Rundeck address the example of a developer needing an environment in the organization's cloud? Consider the following points.
Capture and share what you know
Creating automation that "civilians" can use has some challenges. The folks in your organization who work on other teams have their own skill sets and expertise, and it's not uncommon for different teams to have diverse skill sets and even platforms or environments where they are comfortable.
Administrators can automate a wide variety of tasks to be consumed by other teams in the organization. Common targets include provisioning environments and deploying new software versions, but runtime tasks such as service restarts and capacity adjustments are also helpful. These tasks might contain multiple steps, require access to various systems, platforms, or dashboards, and need to adhere to institutional requirements.
A script or other tool represents the team's knowledge of those tasks and others. The solution might be a simple shell script or a more elaborate Python or Go tool; it could run a few commands or a series of requests to a third-party API. Sysadmins should be able to write automation tools in the languages and platforms that make the most sense for the job. Rundeck supports a wide variety of tools and functionality.
Internal tools aren't usually meant for general consumption, so opening up access to other teams can be challenging. These tools were designed and developed with a specific persona in mind—that of the people who created them! If you want to delegate work to others, you must consider what knowledge they bring and what you can do with that knowledge.
In the example of a developer who wants a new development environment, you already know things about the developer, like their team or department and the projects they can access. You also know how work gets done for those teams or projects. If the developer is on Team A, and you already have a script called
build_dev_env_TeamA.sh, then you can delegate that job to the developer with an automation platform like Rundeck.
With Rundeck, the experts on your teams can use the scripts they already have to create jobs and plugins that others in the organization can utilize. When developers log into the Rundeck server, they only see the jobs and resources they've been granted access to. In this example, that might be a job named "Build a Developer Environment - Team A". The developer is satisfied, and your experts can continue their work uninterrupted. Rundeck records the activity and includes the execution of the job in the audit log. Should something go wrong, it can be found and fixed.
Give everyone what they want: Time
Teams reap the most rewards from automation that saves them time. A purpose-built automation platform like Rundeck gives time back on both sides of complex tasks: Requestors no longer wait for someone else to execute a task for them, and the experts keep their time working on other projects. The organization gains insight into the jobs run in the environment via the audit logs, and everything is secured using existing authorization solutions and Rundeck's access control lists features.