Overview of Fleet Application Management
Fleet Application Management simplifies the management of system life cycles and the operation of resources deployed on OCI. Fleet Application Management provides a centralized platform to automate tasks, validate compliance, and enhance operational efficiency across an enterprise.
You can use Fleet Application Management to perform the following functions:
- Group resources by similarities, such as Compute instances, databases, application or environment type, or any other relevant criteria. These grouped resources are referred to as a fleet. You can group resources by manually selecting them or by dynamically using rules based on tags or resource types. Grouping ensures that real-time updates are applied to large numbers of resources together.
- Maintain patch compliance for operating systems, databases, and middle-tier components by applying available patches across these resources through a one-time or recurring schedule. This patching helps you mitigate the risks associated with outdated resource states, for example, applying critical security updates to address the vulnerabilities in an application.
- Manage policies for compliance that help establish governance standards for software compliance interpretation and stage remediation of operational activity rollout or rollback during failures.
- Monitor and query the current compliance status of a fleet or each resource based on the applicable compliance policy. Compliance information provides visibility into the deviations from the expected state. Also, you can schedule compliance issue fixes or on-demand operational actions within a defined maintenance window or by choosing a custom timeline.
- Run repeatable tasks across all resources. For example, running Python functional modules on Compute instances based on the environment status (halted, critical updates) and predefined policies that govern these instances, such as rate controls of concurrent operations and error thresholds for retries. You can create a time window to schedule administrative and maintenance tasks for several resources.
- Define products and product suites in Fleet Application Management. Then, create a runbook, define compliance policy and patch metadata information, upload patches, and apply patches for these products and product suites.
Benefits of Using Fleet Application Management
- Simplify and automate resource management workflows on OCI.
- Group cloud resources based on your requirements, ensuring efficient management, and streamlined updates.
- Easily apply patches to cloud resources, ensuring that critical updates are promptly applied to reduce potential security vulnerabilities.
- Ensure regulatory adherence and consistent deployment practices through compliance policies.
- Run repeatable tasks across all resources without manually connecting to the resources, enhancing operational efficiency and reducing manual efforts.
- Bring Your Own Product to Fleet Application Management and benefit from centralized management, automation, and compliance monitoring for your custom software products.
Key Components
Review the key components used in Fleet Application Management.
- action group
- A grouping of resources (fleet) and their associated targets, along with the maintenance operation (patching action) done by a specific runbook.
- application or application type
-
A software program running in an environment that solves business problems classified under a family of products or product suites.
- credentials
- The environment-specific credentials that are required for target discovery and lifecycle management operations of a resource.
- fleet credentials: The credentials specific to the applications a fleet hosts that can be used during lifecycle management operations.
- resource credentials: The credentials specific to a resource commonly used across targets and are available when added to another fleet.
- target credentials: The credentials specific to the operating product home, which Fleet Application Management requires for target discovery and lifecycle management of a target on a resource.
- compliance
- Ensures that the state of resources and their application components have the latest patch level applied to them successfully. As a result, the resources are protected or otherwise remediated against new security threats.
- environment or environment type
- A prioritization or category associated with a resource based on the implementation phase of the application that the resource hosts. The environment types can be Development, Test, Stage, User Acceptance Test (UAT), or Production.
- fleet
- A grouping construct through which Fleet Application Management performs lifecycle management operations on resources. Following are types of fleets:
- product: Group resources with a defined software product and select the product during fleet creation.
- environment: Group resources with a defined application type and environment type, and select these types during fleet creation.
- group: Create a fleet of fleets with or without a defined application or environment boundary.
- generic: Group resources without setting limits on product, application, or environment.
- job
- An individual occurrence of a lifecycle maintenance operation.
- lifecycle management
- A maintenance operation applied to resources, such as managing software patches, to avoid the risks arising from resources becoming obsolete.
- maintenance window
- Defines a timeline for a maintenance operation. You can decide on this timeline with an insight into business hours, or a cloud provider can start an activity for handling critical security vulnerabilities.
- patch
- Available software updates to enhance and fix vulnerabilities or bugs in the supported products.
- product
- A software platform installed on a resource, such as Oracle Java or Oracle WebLogic Server.
- property
-
A metadata with a name and value provided for platform configuration or created as a taxonomy when assigned to a fleet. It can be used to classify fleets by combining business aspects with operational needs.
- resource
- An existing OCI Compute or database instance.
- runbook
- Defines the workflow for handling the maintenance operation on a resource by including a set of tasks involved with required execution variables.
- schedule
- Specifies a date-time selection based on the maintenance window or custom time frame when the maintenance is performed with recurrent or one-time options.
- task
- A step to run on a resource target that represents the smallest unit of a workflow.
- target
- A set of identified operating environments or product homes in a resource discovered by Fleet Application Management, which can undergo lifecycle management.
- target discovery
- The process of scanning and capturing the state of software inventory found in a resource.