System administrators are often responsible for managing numerous complex services at a large scale. For example, a single administrator may be responsible for managing hundreds of thousands of instances of a cloud service. Each service may involve a diverse set of entities, such as applications, webservers, database, hosts, virtual machines (VMs), operating systems, filers, routers, cloud resources, etc. An “entity” or “target” in this context refers to any computing resource, including hardware and software, that can be managed or monitored.
Many management operations involve executing tasks on a large number of entities. For example, a patch operation may be applied to several different database servers that each support one or more instances of a cloud service. Adding to the complexity, applications and services often consist of different entity types. A high-level management operation may involve multiple steps, with each step run against a large set of entities. In some cases, one step in the management operation may need to wait for the preceding step to complete due to dependencies. For instance, to properly shut down a service, the system administrator may need to ensure that a set of instances of a software application are shut down first, followed by instances of a database server, followed by a database host. Failure to follow the proper sequence may lead to runtime errors and/or data corruption.
Management operations are further complicated by the dynamic nature of large scale applications and cloud services. New entities may be added or removed at any time, in matter of hours or days. In addition, relationships among entities for a given application or service may be in a constant state of flux. Such frequent changes increase the risk that a system administrator may overlook running a step of a management operation on one or more entities. In severe cases, such neglect may lead the application or service to be exposed to security vulnerabilities, performance degradation, and/or outages.
The approaches described in this section are approaches that could be pursued, but not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated, it should not be assumed that any of the approaches described in this section qualify as prior art merely by virtue of their inclusion in this section.