Recently i started to work in new company. I will replace old admin who is going into retirement and he has been showing me his procedures for server, database and network administration.
From first point of view: there is absolutely no configuration management involved how they deploy software or patches. Yes there is test, development and production systems but I think this is not enough.
For example: I need to make a change. Log into production server, do what do you need to do and log out. Every admin has root access and so on.
My ex. employer had a strict policy how to apply changes in production environment. Every change involved creating system package (RPM, SYSVR4 or IPS), push that package into repository. From there I installed package to test server and if everything was good package would be installed into production. No admin could ever log into production environment.
I know there are tool like Puppet and Chef where I can specify a recipe what to do but I never used them for any serious work.
So my questions are:
- Is it good to have only three environments (test, development, production) and no other configuration policy in medium-size enterprise?
- Is it better to stick with ex. employer policy to bring all changes as system packages or is better to learn some tool like Chef?
- How do you perform configuration management?