Robin, @ my last company we were required to physically inventory every machine & process runnong every 6 months. In our datacnter (about 800 physical servers) it took us a week. Granted this may not be ideal in all cases however our environment dealt with financial data and we didnt want to be the next T J Maxx :)
The issue we found was exactly as you had stated. typically the dev tam called someone in the middle of the night to put up a machine for whatever reason. Of course this request was generally followed by a call from an executive telling you to just get it done. months later when the dev team was done with it they would tend to put mission critical processes on "test machines" anyhow the point is we should be diligent in auditing the infrastructure on a regular basis and providing a valid business cause as to why any particular machine is on the network. On Mar 30, 2009, at 10:14 AM, Robin Wood wrote: > 2009/3/30 Dan McGinn-Combs <[email protected]>: >> In my limited experience, people, sysadmins and developer alike, >> remember virtual machines. Especially when they require someone to >> turn them on or eat developer workstation resources. >> Dan > > I wasn't thinking virtual I was thinking real ones where one gets put > under a desk or in a spare bit of rack and then forgotten about. Being > a server it would never be shutdown or rebooted so would just run and > run. > > Robin > >> >> -----Original Message----- >> From: Robin Wood <[email protected]> >> Sent: Monday, March 30, 2009 5:19 AM >> To: PaulDotCom Mailing List <[email protected]> >> Subject: [Pauldotcom] orphaned machines >> >> Hi >> In one of the last couple of episodes Larry mentioned machines which >> were orphaned when people left a company, my immediate thought was >> along a different track to what was discussed so I thought I'd >> mention >> it. >> >> What about temporary machines which are setup by sys-admins for >> specific jobs or departments when the sys-admin leaves. Maybe a >> developer needed a server with a specific version of mysql on it to >> test a bug, the machine gets put on the network as a temporary thing >> but then the sys-admin who does it leaves and the developer finishes >> his testing and forgets about it. I can think of quite a few >> scenarios >> where pet projects or temporary machines are forgotten about or lost >> when someone leaves. >> >> I supposed one solution to this is to make sure that every machine >> that gets added to a network is logged but in reality I think people >> are likely to be lazy and for short term installations bypass the >> paperwork. An alternative is to scan the network regularly and pick >> up >> any machines which are new or not in an approved list and have them >> checked out. The problem with this is that once the machine is >> vouched >> for once it becomes a recognised part of the network so wouldn't be >> picked up as an anomaly. >> >> So, that was my thought when orphaned machines were mentioned. >> >> Robin >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> >> _______________________________________________ >> Pauldotcom mailing list >> [email protected] >> http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom >> Main Web Site: http://pauldotcom.com >> > _______________________________________________ > Pauldotcom mailing list > [email protected] > http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom > Main Web Site: http://pauldotcom.com _______________________________________________ Pauldotcom mailing list [email protected] http://mail.pauldotcom.com/cgi-bin/mailman/listinfo/pauldotcom Main Web Site: http://pauldotcom.com
