MSF Deployment Phase MSF Deployment Phase Tasks • Starting the deployment • Going Live • Stabilizing the deployment • Transferring ownership to operations • Closing the deploying phase Starting the deployment • Starts after a live pilot, where the team uses the equipment, software, and components inventory, schedule, and information concepts that it will use once the site is active. • Team incorporates the information it learns from the pilot into the deploying tasks, ensuring that all known issues have been considered. • Once development is complete, the team will review and update the deployment plan, using information learned during the testing cycles. • Prior to going live, the team should review and step through all recommended procedures, pilot test results, and reports, checklists, or collateral that were provided during the earlier phases. Going Live • At this point, the pilot has been tested and the team and key stakeholders have agreed on the acceptance criteria. • Acceptance criteria might mandate that all issues have been resolved, or that the solution is ready for deployment with the knowledge that some issues might exist and will be resolved in later versions. • The team should review the checklists for potential issues, and if all appears to working properly, it is time to go live. Going Live Tasks • Transitioning to Deployment • Deploying the Site • Architectural Considerations Checklists • Other Considerations Checklists Transitioning to Deployment – Logistic Manager Checklist • The deployment strategy is reviewed and approved. • Setup, installation, configuration, test, and operation and support procedures are available, reviewed, and approved. • Deployment procedures are documented, reviewed, and approved. • Hardware and software components are available and tested. • The deployment team has clearly defined roles, and the assigned personnel are trained and available. • The project schedule has been reviewed and approved. • There is a plan and ample resources for ownership transfer to the operations team. Transitioning to Deployment Considerations • It is vital that the project team continues to monitor the site after deployment until the transfer of ownership is finalized; This allows the team to establish baseline performance records to determine whether performance is going up or down. • Neither testing nor live pilots can completely reproduce the type of use and amount of load that the servers will experience after going live. • If the stress and capacity tests are performed well, the team should have both test scripts and test results available providing the baselines. • It is important to compare the baseline numbers to the new numbers any time a change is made to the servers, visualizing what effects the change has on performance. • Monitoring will continue on a regular basis, even after ownership is transferred to operations. Deploying The Sight • The team makes the decision to deploy only after reviewing the test results and information gained by using checklists. • Reviewing the checklists will alert the team to any issues that may influence the deployment. • If your team finds itself investigating the how and why behind a specific consideration, it probably indicates that the project is not ready to move forward. Architectural Considerations Checklists • Database Tier Considerations • Application and Business Layer Considerations • Presentation Layer Considerations Database Tier Considerations Consideration 1 Were database statistics updated prior to launch? Are database indexes fragmented? At what period will this be checked again, and corrected, if necessary? 2 Have all COM components been registered on their servers? Has the system run for long periods without failure or system resource issues? 3 Did the team define, test, schedule, and sign off on maintenance plans? 4 Are database backups tested and online? Has restoration been tested on the same computer and on a different system? Are off-site backup procedures in place? 5 Are alerts defined for key problems and conditions? Who monitors the email address these are sent to? Are beepers used? Has the alert system been tested? 6 Are jobs defined for common tasks? Are roles assigned for emergency situations? Has a lead been defined for incident handling? 7 Has the latest build of the database from your development/QA environment to operations been migrated, installed, tested, and verified? 8 Has database security been addressed with appropriate logon accounts created? Is the system administrator’s (SA) accounts password blank? Are applications using the SA account or other account(s)? Completed Database Tier Considerations (Continued) 9 Have all relevant service packs been loaded to the operations databases? Are the OS and installed service pack level well known and documented in case of failure and the manufacturer support is required to be called in? Are security bulletins being maintained and monitored? 10 Has clustering failover been tested in the operations environment? How long does the failover take to complete? Are all key decision makers aware of the time needed to failover? 11 Has the operations’ database been loaded with clean data and have initial inventory levels been set? Have feeds from other systems been verified under load to ensure that system availability is unaffected at the time they run? 12 Is there a backup of the operations database as it stands the day before launch? Is it well known where this is stored? 13 Were data loads tested against the operations system? At what level (2x, 4x, 10x normal load)? 14 Has a disaster recovery plan (DRP) been established that includes database procedures? Who is the DRP team leader? Is the leader’s contact information well known, and is a contingency leader appointed? 15 Has a time increment been established for the transaction log dumping that will be sufficient to recover activity to the satisfaction of the business? Has it been tested? 16 Have backup power systems been fully tested (fire drill) to ensure proper operation? 17 Are an appropriate number of replacement hard disks on hand in case of failure in an array? Database Tier Considerations (Continued) 18 Are the default client connection network library settings established on the server (typically: TCP/IP)? 19 Are all Database Application Server installation settings documented (sort orders, default language, and so on)? 20 Is the database running on the default port of 1433? If so, can this be changed to another port or ports to enhance security of the application without affecting proper operation? If so, change it. 21 Are ancillary, non-essential SQL Server services running (MS Search, OLAP)? Stop them if not required. 22 Are databases installed on the server that are not being used? Remove them (pubs, Northwind, and so on—be careful not to delete system databases like model, tempdb, master). 23 Are sufficient client access licenses and connections installed for the database server and the OS? Are these being monitored to assure that they do not reach their limit? 24 Is the database correctly tuned, and does it have the proper memory usage settings applied? 25 Is the database set for Auto Growth? Is disk space sufficient for the expected size of the data for 6-12 months ahead? Application and Business Layer Considerations Considerations 1 Has the golden release of your applications and components been given a release number, been archived, and deployed? 2 Were all required environmental settings for the applications set and documented? 3 Were the proper security settings for the applications set and documented? 4 Were the appropriate service packs for the environment applied and documented? 5 Are all third-party software or components that are required by the system installed and documented (version numbers, vendor contact information, and so on)? 6 Are all the required DSNs for the applications defined and tested (correct net library settings are being used)? 7 Has connectivity between the middle-tier system and any back-end systems been tested? Under load? Monitoring of connection pooling to assure proper operation? Completed Application and Business Layer Considerations (Continued) 8 Are operations configurations for this tier backed up? Were scripts created to reset configurations in an emergency, or to bring up a new server? Are they in a well-known location? 9 Are the activation types for your COM+ application set properly? Has the application been tested with the consoles logged on and logged off to assure the proper identity is used? Have bogus transactional calls been attempted to simulate rollback integrity? 10 Are the queuing settings for your COM+ application set? Have calls into the queue been monitored through the cycle to assure they clear? 11 Are you sure that no active debug code or logging exists in the operations components? 12 Has debugging in the COM+ application properties window been turned off? Application and Business Layer Considerations (Continued) 13 Has server communication between servers been checked to assure proper DNS resolution and routing (in case of multiple NICs) is happening? 14 Are spare disk drives and NICs available on-site? 15 Has security logging been implemented, has impact on the system been assessed? 16 Have all non-essential services and open ports on the server been identified and closed? 17 Have any and all event log messages been identified and investigated? Presentation Layer Considerations Considerations 1 Are the IIS server properties configured? Is a script available and stored in a well-known place to reset the application settings or to bring up a new server? 2 Have the secure socket layer (SSL) tokens been applied, as needed? Are the tokens backed up onto portable media and stored in a well-known place for emergencies or new server configuration? 3 Are any certificates that might be required loaded? Are the certificates backed up onto portable media and stored in a well-known place for emergencies, or new server configuration? 4 Has the latest release of the ASP code, images, and HTML files been given a release number, been archived, and deployed? 5 Was an external connection used when testing the application against the operations system? The external connection would be similar to what a customer will use. 6 Are the appropriate DSNs for the ASP code set up and tested? 7 Have the unnecessary ISAPI filters been removed? Completed Presentation Layer Considerations (Continued) 8 Are the custom error messages for IIS set? 9 Is the appropriate level of directory security set? 10 Are the performance tuning properties for IIS set, documented (preferably scripted), and stored in a well-known place? 11 Are the appropriate operators for the server set? 12 Are the execution permissions and application protection levels set? 13 Have you enabled/disabled application logging, as required? 14 Does the OS have sufficient client access licenses for the expected peak traffic loads? 15 Have you checked your Personalization & Membership settings and assured that they are appropriate for your solution? Is the LDAP required to be accessible to the public? If not, is it blocked at the firewall? Is Anonymous access to the LDAP disabled? Presentation Layer Considerations (Continued) 16 Has the team checked the LDAP settings for its LDAP services? 17 Has the team loaded the appropriate P&M schema settings for its solution in P&M? 18 Has the team mapped its Web servers to the proper P&M instance? 19 Has the team loaded the appropriate Site Server pipeline components onto its servers and the related pipeline configuration files? Are permissions on these files (as well as any .csc files) set so that users cannot download these files? Were all .csc and .pcf files (and dependent vbs scripts) examined to assure that they contain no clear text credentials for servers or databases? 20 Has the team set the default pipeline component settings? b Presentation Layer Considerations (Continued) 21 Has the team installed the proper scriptors (see #18 for security considerations) for its pipelines, if it is using them? 22 Has the team applied all metabase or registry settings required to improve the performance? 23 Have all non-essential Web server instances been disabled and/or removed from the IIS application? 24 Have all non-essential SMTP server instances been disabled and/or removed from the IIS application? 25 Have all non-essential FTP server instances been disabled and/or removed from the IIS application? 26 Will the IIS Web-based administration be used? If not, disable or remove it from the Web server configuration. 27 Are any IIS samples present on the server, or any other manufacturer sample code? Remove them prior to launch. Overall Considerations • General Technical Considerations • General Business Considerations General Technical Considerations Considerations 1 Has the team removed “Guest” accounts from the system and checked to ensure that this does not affect the application? 2 Has the team double-checked the operations network infrastructure against the architecture? 3 Has the team confirmed that no network equipment is in test or debug mode (such as routers, switches, hubs, load balancers, and so on)? 4 Has the team properly configured caching engines with the proper information? 5 Has the team applied any required operating system service packs and documented the OS version and service pack level accordingly? 6 Has the team tested operations integration with third-party systems (such as credit card systems, fulfillment, tax, and shipping)? 7 Has the team finalized training of the operations teams? Completed General Technical Considerations (Continued) 8 Has the team finalized the operational processes and guidelines? 9 Has the team limited access to anonymous users to appropriate content on the site? 10 Has the team developed, tested, and simulated disaster recovery procedures? Are the appropriate lead roles assigned to individuals or project positions? 11 Has the team created a backup of the operations code, data, and content and moved it off site? 12 Has the team tested backup power systems and assured they are online and fully charged? 13 Has the team defined security responses for denial of service, intrusion discovery, and hacker attempts? 14 Has the team tested the operations server farms for response to the removal or addition of servers? 15 Has the team considered issues related to physical security? General Business Considerations Consideration 1 Has the team completed full loop testing (actually placed an order, received it, and inspected its accuracy)? 2 Has the team tested the returns process (actually returned an ordered item)? 3 Has the team verified credit card charges and refunds? 4 Has the team reviewed integration with the accounting system? 5 Has the team tested backorder processing? 6 Does the team have procedures for contacting key decision makers in the event of a major problem or security threat? Completed General Business Considerations (Continued) 7 Does the team have internal controls in place for securing credit card information? 8 Does the team have a clear understanding of promotional plans affecting the launch and how they impact the site? 9 Does the team have a rolling 90-day marketing and promotion plan so that operations is able to prepare for traffic spikes? 10 Has the team put in place change-control procedures for the operations environment? 11 Does the team have a plan for quick-fix engineering in the event of a problem during the launch period? 12 Has the team considered doing a soft launch before the full-fledged site launch? Stabilizing the Deployment • A joint venture between the project and the operations teams. • Usually begins in the later part of the developing phase and continues throughout the deploying phase. • Important to include time in the master schedule for stabilizing because it gives both teams an opportunity to fine-tune the solution, resolves any issues that might arise, monitors the site to ensure it continues to work properly after going live, and assists the operations team after the transfer of ownership. Transferring Ownership to Operations • • • • • • • • Transferring the Site Project Team Tasks Operations Tasks Maintaining the Solution Site Content Changes Daily Site Management Upgrading the Site Microsoft Operations Framework Transferring the Site • The project team will be closing any open issues and handing off maintenance activities to the operations team. • The operations team will be opening procedures and validating all collateral and equipment received from the project team. Project Team Tasks • Verifying that the operations team has the proper resources to maintain and manage the new site. • Confirming that the knowledge base for transfer to the operations team is finalized. • Reviewing operations’ logbooks and ensuring that the procedures are being properly performed; The developer should clarify and correct any irregularities that were logged, and ensure that these activities are being maintained and monitored on a daily basis. • Confirming that all project sign-off affidavits are correct. Operations Tasks • Activate all reporting systems. • Validate and publish all collateral. • Validate and publish the knowledge and databases. • Review training materials provided by the project team. Maintaining the Solution • Important that operations personnel monitor the site on a continual basis. • Allows the team to remain proactive, avoiding issues before they occur. • Most important aspect of the team’s job is to ensure that the site’s businesscritical environment is available seven days per week, 24 hours per day. Site Content Changes • Operations team manages and maintains site content on a daily basis. • Several tools are available to track and upgrade the site’s content. Daily Site Management • Testing all system changes, including service packs, newly tested drivers, or newer versions of hardware and software as they are introduced to the environment. • Confirming that the solution’s capacity is monitored on a daily basis, and installing additional boxes if they are required. • Reviewing critical diagnostic messages as they are identified. The team will provide immediate relief to any critical error messages. • Monitoring the system’s recoverability. Should something fail, the team may use third-party tools to identify and correct these issues. • Validating data integrity on a daily basis; this will make sure nothing is corrupted because of memory or program failures. • Implementing daily checks on the site, making sure it responds properly. Daily Site Management (Continued) • Determining and logging any issues that occur on a daily basis. • Ensuring appropriately controlled release and change management, and accurate inventory tracking of all IT services and systems. • Managing physical environments and infrastructure tools, balancing cost with technology and business needs. • Ensuring quality customer support, quick problem resolution, and dedicated ownership of service level management. • Ensuring predictable, repeatable, and automated day-to-day system management. • Ensuring careful protection of corporate assets by controlled authorization to systems and information. • Ensuring dedicated management of external support and services provided through partners and outsource vendors. Upgrading the Site • If the site needs extensive add-in information or if the architecture or design needs upgrading, the product planning or marketing personnel might choose to initiate a new or second version project. • No matter how the initial project was deployed, the second version would be deployed by establishing a development, testing, and staging environment that is transferred to production after successful testing and initiating a live pilot. • Although it is possible to manually install the operating system on the servers, using a cloning process like Sysprep.exe is an easy and efficient way to deploy the operating systems on new servers. Microsoft Operations Framework • MOF recognizes that current industry best practice for IT service management has been well documented within the Central Computer and Telecommunications Agency’s (CCTA) IT Infrastructure Library (ITIL). • MOF combines these collaborative industry standards with specific guidelines for using Microsoft products and technologies. • MOF also extends ITIL code of practice to support distributed IT environments and current industry trends, such as application hosting and Web-based transactional and ecommerce systems. • MOF embraces the concept of IT operations providing business-focused service solutions through the use of welldefined service management functions, which provide consistent policies, procedures, standards, and best practices that can be applied across the entire suite of service solutions found in today’s IT environments. Closing the Deployment Phase • Signing Off on the Project • Obtaining Customer Sign-off • Producing the Closeout Report • Conducting the Project Review Signing off on the Project • Once all the deploying tasks are complete, the team must formally agree that the project has reached the deployment complete milestone and that the project’s work is finished. • By approving the milestone, team members signify that they are satisfied with the work performed in their areas of responsibility. Obtaining Customer Sign-off • Upon project closure, the product manager obtains the final sign-off from a representative of the customer, signaling approval of the solution and permission for the team to disengage from the project. • Although, at this point, the team is busy informally closing outstanding tasks and wrapping up deployment, the sign-off should be a formal acknowledgement that the project is complete. Producing the Closeout Report • Final versions of all the major project deliverables (for example, vision/scope document) • User information summary • Project review meeting summary • Sign-off by the team • Sign-off by the customer • Summary of next known steps Conducting the Project Review • When the project is complete, the team should hold a review meeting to discuss the project and identify what went well, what didn’t go well, what to replicate in future projects, and what to change. • Without assigning blame, team members conduct the project review with the goals of learning from mistakes and improving future projects. • Often called a postmortem, the project review meeting sometimes takes place shortly before the end of the project rather than afterwards, because team members might be required to leave the project before it ends. MSF Deployment Summary Key Tasks Deliverables Owners Starting the deployment Updated deployment plan Logistics Going live Commerce site connected to the Internet Logistics Stabilizing the deployment Optimized hardware and software Testing Resolution of deployment problems Development/design Transferring ownership to operations Operations responsible for solution Logistics Transfer of project documentation and developer collateral Operations Closing the deploying Project review phase Customer sign-off Close-out report Deployment complete milestone User education Program management Development Operations Questions?