82
edits
CloudServices/Principles: Difference between revisions
→Careful change control
| Line 6: | Line 6: | ||
Change is managed through these policies: | Change is managed through these policies: | ||
* complex changes require a step-by-step plan | * complex changes require a step-by-step plan | ||
** all plans undergo a walk-through before implementation | |||
** all change plans have a back-out plan (though, if "perform roll-out steps in reverse" is correct, that's fine) | |||
* a secondary person helps with / checks plans for complex changes (buddy system) | * a secondary person helps with / checks plans for complex changes (buddy system) | ||
* design and code reviews are standard | * points of commitment (or "no return") have go/no-go calls with a clear owner / deterministic datapoint | ||
* all change plan worthy events must have a clearly defined owner who is responsible for "heads-up", "starting", & "all-clear" communications, as well as any write-up on deviations from the plan or other problems. | |||
** communication will be via email *at least*, may also include twitter, Yammer, IRC, and other random media. | |||
== Rules of engagement == | |||
Call them "design principles" if you want. The point is basic risk reduction guidelines. | |||
* design and code reviews are standard, expected tasks | |||
* systems and environments have a production look-alike to test complex changes | * systems and environments have a production look-alike to test complex changes | ||
* applications may not run as root | * applications may not run as root | ||
* Non-Ops users may not have shell access to application or administrative accounts | * Non-Ops users may not have shell access to application or administrative accounts | ||
== Close the loop == | == Close the loop == | ||