DATA CENTER STANDARDS

snakesailboatΑσφάλεια

23 Φεβ 2014 (πριν από 3 χρόνια και 5 μήνες)

185 εμφανίσεις






2011







University Information
Technology Services


System Assurance Group


DATA CENTER STANDARD
S

This document outlines Indiana University Data Center guidelines and standards, including
equipment installations, data center access, and
operational procedures.

T
able of Contents

1.

Requesting installation

1.1

Space request

2.

Acquisition guidelines

2.1

Rack mounted devices

2.2

Equipment specifications

2.3

Power

2.4

Receiving and placement

2.5

Equipment arrival notification

3.

Equipment installation

3.1

Data Center
staging area

3.2

Cabinet design

3.3

Cabinet/Rack

3.4

Network connectivity and firewall configuration

3.5

Internal cabinet wiring

3.6

Cabling

3.7

UPS

3.8

KVM solutions

3.9

Hardware identification

3.10

Disposal of refuse

3.11

Combustible and flammable material

3.12

Installation review

3.13

Negotiations

3.14

Replac
ement parts

4.

Equipment removal

5.

Operations procedures

5.1

Data Center access

5.2

Equipment registration

5.3

Essential information

5.4

Change Management

5.5

Monitoring tools

5.6

Security

5.7

System backups

5.8

Data Center tours






Last updated
April 25
, 2011

All UITS staff and external
departmental staff

who

have equipment responsibilities in
the
Data Centers

should accept the terms and responsibilit
ies

outlined in this document.


1. Requesting installation

1.1 Space request:

Prior to
your
submitting a proposal for new equipment,

you’ll

need
to begin i
nitial discussions regarding machine room space.
Once you s
ubmit

a

machine
room space request form
,

the System Assurance Group (SAG) will schedule

a meeting
.
The SAG includes the following participants: the UITS Operations Manager, a
representative from UITS Facilities, a representative from Networks, and the system
administrator and/or system owner. The purpose of the SAG meeting is to address
environmental
issues (i.e., equipment BTU and power specifications), space, and floor
location. The floor location may be determined based on environmental data.


2. Acquisition Guidelines

2.1 Rack mounted devices:
Ensure that you’
re purchasing rack
mounted equipment
-
-

everything needs to be either mounted in the rack or in its own proprietary cabinet

(as
opposed to free
standing)
.
The
Operations Manager

must approve any exceptions
.

2.2 Equipment specifications:
Upon making
your

equipment selections
,

send the vendor
sp
ecification sheet to
sag
-
l@indiana.edu

2.3 Power:

Request power for each device from the electrical engineer. Power requests
will be handled as follows:



IUPUI
:
Two rack
-
mounted cabinet distribution units (CDU) will be installed in each
standard rack. These CDUs utilize 208V IEC C13 and C19 outlets. Your hardware will
need to operate at 208V and have the proper power cords. Installation of CDUs can
take up to a

month, so please request power as early as possible. For non
-
standard or
proprietary racks, twist
-
lock receptacles shall be provided under the floor for connection
of user
-
supplied CDUs.


IUB

Data Center: In order to maintain Uptime Institute Tier III

requirements, two rack
-
mounted
CDU
s
fed from different power sources
wil
l
be supplied in each rack. In order
to assist with load balancing,
you

should purchase hardware with 208V IEC C13 or C19
plugs whenever possible.
Please do

not plug hardware

into any receptacle without
authorization of the electrical engineer.

2.4 Receiving and placement:

When

large, heavy equipment is involved
, you’ll need to
make arrangements for receiving the order
. It is
also
your responsibility to arrange for
the equip
ment to be moved to the proper place in the machine room. In emergency
situations
,

the Operations staff will act as the contact and receive equipment/parts after
normal dock hours.

2.5 Equipment arrival notification:

Receiving dock personnel will

notif
y y
ou

of
equipment arrival (unless otherwise arranged).


3. Equipment installation

3.1 Data Center staging area:


IUPUI
: There is very little to no staging area outside of the machine room
, so you’ll need
to use t
he machine room space
to uncrate/unpack and pr
epare equipment for
installation



and you’ll need to move/install a
ll items to their intended location

within
two weeks
.

If for some reason
you

cannot
do so

within
this time period
,
please make
other arrangements through UITS Facilities or Operations.
(This will not guarantee other
storage locations.)


IUB

D
ata
C
enter
:

A

staging area for equipment
is located just off the dock.
This space is
for

uncrat
ing
/unpack
ing

and
prepar
ing

equipment for installation. This area is only for
temporary storage


you ha
ve
two weeks

to

move/install

all items

to their intended
location.
If for some reason
you

cannot
do so

within
this time period
,
please make
other
arrangements through UITS Facilities or Operations.

(This will not guarantee other
storage locations.)

3.2
Cabinet design:

U
nless the server manufacturer specifically dictates the equipment
must be housed in their proprietary cabinet
,

a
ll servers will be installed in the standard
cabinets provided by Operations.
You’ll need to submit p
roof
of vendor
proprietar
y
cabinet
requirements to SAG. Such cabinets should have front, back, and side panels.
Unless someone is working in the unit, cabinet doors must remain closed
.

3.3 Cabinet/Rack:

Operations will label the cabinet
(
both front and rear
)

with the
unique floor
grid location

and with

the power circuit serving that unit.

Equipment spacing within the cabinet/rack should allow appropriate airflow for proper
cooling. Blanking panels will need to be installed to fill in all vacant rack space.

All cabinets will have

network switches installed at the top of the cabinet to provide
10/100/1000 Mbps Ethernet connections into the
data center

switching infrastructure.
(10000 Mbps available and priced on an individual request) All public and private
Ethernet connections are provided by UITS unless very special circumstances are
reviewed and approved by Network Engineering and Campus Network Infrastructure.

3.
4
Network connectivity and
f
irewall configuration:

System administrators installing
new serve
rs in the Machine Rooms must request network connectivity via the following
machine room network request

form
.

In addition, all servers must be behind the Machine Room firewalls.


Provide firewa
ll
configuration requests via the
firewall request

form
.

(Note
:


ALL switches in the Data Center will be managed by Campus Network
Infrastructure.


System administrators are not allowed to manage their own switches).

3.
5

Internal cabinet wiring:

Internal cabinet wiring should follow rack cabinet
management standards. C
ables should be neatly tied back out of the way. All cables
should be properly labeled so they can be easily identified. Refer to
TIA/EIA
-
942
Infrastructure Standard for Data Centers
, section 5.11; a copy is available in the
Operations Center.

3.
6

Cabling:

All data cabling under the floor, including SAN and Ethernet,

must by
installed
by CNI (Campus Network Infrastructure) in a cable tray.
C
ollocated cabinets
will follow normal standards
with installation

by CNI as outlined above. Both ends of the

cable should be labeled and tagged for proper identification. Refer to
TIA/EIA
-
942
Infrastructure Standard for Data Centers
, section 7.5; a copy is available in the
Operations Center.

3.
7

UPS:

NO

rack mounted
uninterr
uptible power supplies (
UPSs
)

will be

allowed.

The
Enterprise Data Centers

will provide backup power
.


3.
8

KVM solutions:

Rack mounted monitors and keyboard trays
are
required.

3.
9

Hardware identification:

Supply Operations with the appropriate fully qualified
server names
,

and they will label all equipment within the cabinets so that hardware
is

easily identifiable.
You will

need prior approval from the Operations Manager and
Communications Office

to display any signage
.

3.
10

Disposal of refuse:

The person/team installing
the device is responsible for the
d
isposal of all refuse (cardboard, styrofoam, plastic, pallets, etc.). Please see that
you
remove
any
refuse


and, if possible, recycle any cardboard


from
the
IUPUI
machine
room
and
IUB
Data Center staging area
on a
daily

basis
.

3.1
1

Combustible and flammable material:

Please do not leave
combustible material
s

in the machine room
s



such materials

include cardboard, wood,
and
plastic,
as well as
manuals and books
. This
also
prohibits the use of wooden tables/shelves.

3.1
2

Review installation:

The
person
request
ing installation

should

arrange with the
Operations Manager for a final review of equipment installation
,

to ensure that
appropriate polic
ies

and procedures
are implemented

before the equipment becomes
productio
n ready.

3.1
3

Negotiations:

Any negotiations and exceptions
must

be arranged between the
system owners and the Operations Manager
,

and approved by the Director of Enterprise
Infrastructure and the relevant director or officer of the area involved.

3.1
4

R
eplacement parts:

All onsite replacement parts
should

be stored in a storage
cabinet or on storage shelves in the storeroom (e.g.
,

for use by
service vendors
such as
IBM

or

Service Express). Make
any

necessary storage arrangements with Facilities or the
Operations Manager.


4. Equipment removal

4.1

When a new system is replacing a pre
-
existing machine, the old system must be
properly decommissioned via the Change Management process.
Submit a request t
o CNI
for the removal of
firewall rules for m
achines that are decommissioned.
4.2

Removal of
old hardware must be coordinated with the UITS Facilities Manager and follow all
appropriate policy, standards, and guidelines relating to data destruction, wiring
removal, and component disposition.

4.3

Please be sure to i
nclude all of the appropriate capital asset transfers.

4.4

The cost of removal is borne by the owner, and all equipment must be removed no
later than 30 days after it has been decommissioned. Exc
eption
s

to the 30 day

removal
period

require

approval by Facilities or the Operations Managers.


5. Operations procedures

5.
1

Data Center access:

Due to the sensitive nature of the data and computing systems
maintained within its facilities, security and
access are important aspects of the
OVPIT/UITS environment. In most cases, the university is contractually and legally
obligated to limit access to only those who have IT responsibilities requiring frequent
access.

S
ecurity cameras are
located
throughout O
VPIT/UITS buildings. These

cameras

record

footage

for follow
-
up in the case of a security incident. They also
provide

an effective
deterrence function in the safe operation of the building.

UITS staff with responsibilities in the data center may
gain

acces
s
through an

arrangement between the department manager and Operations. Requests should be
made via the
Special Access Request Form
.


Persons other than full
-
time UITS staff

are permitted in the data center only under one
of the following conditions:

A.

They are full
-
time staff
of

vendors providing services to UITS
:

Contract
consultants or service representatives may be authorized by prior arrangement
with Operations.

B.

They are
full
-
time staff of Indiana University working on a system owned by an
IU department and housed in the data center, under terms specified in a
Co
-
location
Agreement

--

a
ccess will be g
ranted in situations requiring
hands
-
on
system administration, not simply

because a system is present on a machine in
the data center.

C.


They are full
-
time or contracted staff of a non
-
IU entity that owns a system
housed in the data center, under terms specified in a co
-
location agreement



again,
access will
granted

when hands
-
on system administration is
necessary
,
not simply because a system is present on a machine in the data center.

D.

They are escorted by a full
-
time UITS staff member as part of a tour of the
facilities.

ID badges

and access cards will be provided for those individuals who meet criterion A,
B, or C. The ID badges must be worn and visible during visits to the data center.
All

staff

who meet criteria A
, B, or
C are expected to sign in to the data center through
Operations prior to entering the room, and to sign out upon exiting
.

Biometric hand geometry scanners

are installed at both Data Centers.
A registration
process will
be scheduled

and performed by the UITS Facilities or Operations staff
.

For additional inf
ormation and

to learn about biometric hand geometry scanners,
review the internal KB document at
https://kb.iu.edu/data/azzk.html


(note: the

internal document requires authentication).


The Vice President f
or Information Technology has developed a policy related to the
handling, management and disposition of "biometric" data used in the hand geometry
scanner. It is stored in an internal KB document at

https://
kb.iu.edu/data/bapr.html

(note: the internal document requires authentication).


5.
2

Equipment registration:

Equipment must be registered in the
m
achine
r
oom
i
nventory. Send
an
email to
dc
ops@indiana.edu

if you experienc
e
problems accessing
the
Machine Room Inventory System
.

5.
3

Essential information:

The system owner will
enter
the essential information
into
the Machine Room Inventory System

and update
th
at

information
if

it changes.
E
ssential information includes:



System hardware:

A complete description of the machine's hardware
configuration, including vendor, model, on
-
board memory, secondary storage
media vendor/type, etc.



System software:

A complete description of the machine's software
configuration, including operating system vendor, version, patch level, and other
major software components on the system



System function:

A complete description of the machine's function (the service
that
it provides)



System recovery:

Accurate startup and shutdown procedures and special
information relating to crash or other emergency recovery situations



On
-
call notification:

Primary and secondary system contacts and schedule
s
, plus
contact
information for
the manager supporting the system
(Please provide prior
to production date.)



Vendor and maintenance contract:

Vendor contact information, including
information related to the maintenance/service contract and warranty
(
The
Operations Manager will assist in
negotiating maintenance contracts on behalf of
UITS, but budgets for ongoing maintenance should be managed in the individual
units.
)

5.
4

Change Management:

The system manager or system administrator
needs to

participate in the Change Management process,
by

representing the deployment of a
new production system before implementation. A
t the start of fall and spring semesters,
a

change freeze
of

approximately 2 weeks
takes place
--

dates are posted on the
Change

Management

web site.

Only emergency c
hanges
with
the appropriate approvals

should
be implemented during change freezes
.

5.5

Monitoring tools:

N
etwork monitoring tools will scan

i
ncoming machines as
appropriate.
Please supply t
he network address and any special considerations for the
monitoring mode.

5.6 Security:

All servers are expected to be administered in a secure manner using
industry best practices
IT
Policy 12
,

including employment of host based firewalls and
operation

behind the
machine room

firewall.

You are expected to p
roper
ly

review and
formal
ly

acknowledg
e

all relevant security polices and standards.
For more information,
p
lease see
the University Information Security Office Resources page
.

5.
7

System backups:

Best Practices
should
include t
he implementation of a proper
system backup schedule. This includes the deployment of incremental, full, and archive
program processes as needed.
You must use proven, supported b
ackup software
and
apply a
ppropriate standards for off
-
site backup data for pr
oduction systems.

Enterprise Infrastructure offers a data backup service as part of the
Intelligent
Infrastructure

suite of services.


5.
8

Data Center tours:

All tours of the machine room mu
st be scheduled with the
Operations Manager.