Runecast has been acquired by Dynatrace!
Read more
DORA Compliance Automation for VMware, Windows and Linux
Read About DORA
Login

How we get to the ideal Runecast Analyzer experience

Runecast Analyzer has grown in leaps and bounds, adding support for the likes of AWS, Azure, Kubernetes, and a whole raft of new VMware technologies like NSX, Horizon, and VMware Cloud Director. However, the product never stops evolving, so we wanted to discuss some possible future improvements.
Kev Johnson
by
Kev Johnson
|
June 29, 2021
Educational
In this article:
-
-
-
-
-

Back in the mists of time, the founders of Runecast were managing many different vSphere environments. Because this is the real world, periodically bad stuff would happen, and they’d need to fix things. As they resolved things (and had to check many other environments for exposure to the same risks), they noticed that in 90% of cases, VMware had already documented the cause and solution. Wouldn’t it be great to have some kind of tool that could automatically check against the documentation and proactively notify you of these risks before they took your environment down, caused poor performance, or created a security risk? This spark of an idea was the genesis of Runecast Analyzer, and the rest is history.

Fast forward to the present day: Runecast Analyzer has grown in leaps and bounds, adding support for the likes of AWS, Azure, Kubernetes, and a whole raft of new VMware technologies like NSX, Horizon, and VMware Cloud Director. However, the product never stops evolving, so we wanted to discuss some possible future improvements.

Runecast is a super customer-focused organization, and our conversations with our customers have directly contributed to many of our features. Enterprise Console, for example, came from a request from a single customer. When we started to build this, we discussed it with others and discovered that this was a massive win. Custom Profiles is another. Today, we’d like to talk to you specifically about the challenges of getting from where you are right now to where you want to be.

What's YOUR experience?

With that in mind, then: we’d be interested to hear your thoughts on this matter. But, first, a few questions to start the ball rolling. 

  • Do you have a regularly scheduled maintenance window, or do you perform maintenance on an ad-hoc basis? If you do have a maintenance window, how regularly do they happen? Weekly? Monthly? Quarterly? Something different?
  • When performing maintenance, what is the general policy? For example, do you install security-related fixes only, or do you also install updates that add new features?
  • Do you perform multiple maintenance pieces on systems in one window, or do you prefer to dedicate a window to a specific fix or problem?
  • Do you have strict change control procedures in place? If so, do routine patches require a change, or do they get covered as a standard change? 
  • How do you generally perform maintenance? Are you mostly performing this manually, or do you rely on automation? If the latter, what tooling do you use to automate?

The feedback we receive regularly is that Runecast Analyzer does a great job of surfacing latent risks, highlighting the where and why, and what you need to do to rectify the situation. It would be nice if there were some way to shortcut those fixes. This kind of capability is not without its challenges.

Typically, Runecast Analyzer authenticates to the systems it monitors with an account with restricted access in line with (and quite rightly so!) the principles of least privilege. Because of this, Runecast Analyzer would execute these actions with limited rights. These actions would fail. One option here (and one used by some other tools) would be to specify a privileged service account that could perform actions. This service account could have elevated privileges in the managed systems so that any remediation actions were successful. Still, then all actions taken would be logged as performed by this specific service account. Depending on your policies, this may or may not be acceptable or desirable. 

Another option might be for Runecast Analyzer to generate output that an administrator of the target system could execute. In this way, the onus is on the administrator validating the script before execution. It would also mean that the remediation activity was also easily traceable to the administrator who triggered it.

With all of the above in mind: we’d be super interested to hear how you would prefer to see this kind of capability presented. So let us know your thoughts! Runecast Analyzer is built by sysadmins for sysadmins, and we’re keen to hear your thoughts!

Click to view larger image ↑

Click to view larger image ↑

Click to view larger image ↑

Click to view larger image ↑

Click to view larger image ↑

Meet other Runecasters here:

Behind-the-Scenes: Meet Simon Ahmet
This is some text inside of a div block.
Behind-the-Scenes: Meet Stephen Gow
This is some text inside of a div block.
Runecast Behind the Scenes with Jakub Prasek
This is some text inside of a div block.
Runecast Behind the Scenes with Michal Trneny
This is some text inside of a div block.
Runecast Behind the Scenes with Kev Johnson
This is some text inside of a div block.
Kev Johnson
Written by
Kev Johnson

Kev is a time-served sysadmin, technology consultant, and 5-time vExpert. Prior to joining Runecast as Systems Engineer, he was the Technical Marketing Architect for vSphere Lifecycle at VMware. Outside of work, his passions are Scottish football, cheese, craft beers, travel, and spicy foods. You can find Kev at his blog https://v-it.pro and also as a co-host on the OpenTechCast podcast. Find him on Twitter @kev_johnson.

→ Read more from this author

What would be your ideal Runecast Analyzer experience?

(short survey)

Let us know!