Unpacking System Center 2012 Orchestrator

0
60
5 min read

(For more resources related to this topic, see here.)

Planning the Orchestrator deployment

The installation of SCORCH is simple. You must plan the deployment appropriately according to your needs. This recipe discusses and provides steps on common planning tasks to be performed before inserting the DVD or mounting the ISO for organizations who have successfully deployed SCORCH.

Getting ready

The authors recommend you to review the latest information on SCORCH at http://technet.microsoft.com/en-us/library/hh420383.aspx as the requirements of the product and supported platforms are regularly updated by Microsoft.

How to do it…

There are three planning categories, people, process, and the technology (SCORCH product).

  1. Identify and agree on the roles and responsibilities of the SCORCH team. SCORCH deployments typically have three types of users; service accounts, Administrators, and operators.
    • Services accounts: They perform actions for the specific components of SCORCH
    • Administrators: They will typically perform all activities including, but not limited to, SCORCH installation, Runbook creation and management, and delegation of security to operators
    • Operators: They will typically use the SCORCH console and the Runbook Designer to create and manage Runbooks
  2. Identify and document initial prototype processes to be used as the first candidate for automation and testing. The types of processes for this purpose should be simple repeatable tasks that fall into an organizations required standard service requests. Good candidates are service request which do not require authorization and approval. An additional example category is Windows operating system services that can be stopped and started as a part of trouble shooting.
  3. Plan for the following technology requirements areas for SCORCH:
    • SCORCH deployment type

      Deployment type

      Description

      Single Server

      All SCORCH roles installed on one physical or virtual machine

      This scenario is typically implemented in test environments but is fully supported in production. This however becomes a single point of failure for highly automated environments.

      Multi-server

      The SCORCH roles are separated and installed on one or more machines

    • Minimum hardware requirements for each SCORCH component

      Component

      Requirements

      Management Server

      • Operating system: Windows Server 2008 R2 or Windows Server 2012*
      • 1 gigabyte (GB) of RAM, 2 GB or more recommended
      • 200 megabytes (MB) of available hard disk space
      • Dual-core Intel microprocessor, 2.1 gigahertz (GHz) or better
      • Microsoft .NET Framework 3.5 Service Pack 1

      Orchestration database

      • Database: Microsoft SQL Server 2008 R2 or SQL Server 2012
      • Collation: SQL_Latin1_General_CP1_CI_AS
      • Local or Remote (Basic Engine only)

      Runbook Server

      • Operating system: Windows Server 2008 R2 or Windows Server 2012*
      • 1 gigabyte (GB) of RAM minimum, 2 GB or more recommended
      • 200 megabytes (MB) of available hard disk space
      • Dual-core Intel microprocessor, 2.1 gigabyte (GHz) or better
      • Microsoft .NET Framework 3.5 Service Pack 1

      Orchestrator Console/Web Service

      • Operating system: Windows Server 2008 R2 or Windows Server 2012*
      • 1 gigabyte (GB) of RAM minimum, 2 GB or more recommended
      • 200 megabytes (MB) of available hard disk space
      • Dual-core Intel microprocessor, 2.1 gigahertz (GHz) or better
      • Microsoft .NET Framework 3.5 Service Pack 1
      • Web Service: Internet Information Services (IIS) 7.0 and enabled IIS role
      • Microsoft .NET Framework 3.5 Service Pack 1
      • Microsoft .NET Framework 4
      • Microsoft Silverlight 4**

      Orchestrator Runbook Designer

      • Operating system: Windows Server 2008 R2, Windows 7 (32/64 bit) or Windows Server 2012*
      • 1 gigabyte (GB) of RAM minimum, 2 GB or more recommended
      • 200 megabyte (MB) of available hard disk space
      • Dual-core Intel microprocessor, 2.1 gigabyte (GHz) or better
      • Microsoft .NET Framework 3.5 Service Pack 1

      SCORCH 2012 SP1

      It is required only for the computer running the console in its web browser but not the Web Service server.

    • Services accounts and delegation groups

      Account/Group

      Type

      Notes

      Orchestrator management service

      Service account

      Create an Active Directory user account for this service. This is the main management server service account and it is granted log on as a service during the installation.

      Orchestrator Runbook monitor service

      Service account

      Typically this is the same account as the Orchestrator Management Service.

      Orchestrator Runbook service

      Service account

      Same user account as the Management and Runbook Server monitor service in a single deployment but can be different for multi-server deployments; Active Directory domain account recommended.

      Runbook authors (SCO_ADMINS)

      Group

      Create an Active Directory group. This group will have the equivalent access of full administration to the SCORCH deployment.

      Runbook operators (SCO_CON_USERS)

      Group

      Create an Active Directory group. This group will have the equivalent access of a Runbook operator to the SCORCH deployment.

      Installation user

      User

      The user with full administrative rights on the SCORCH servers is required to perform the installation and configuration of the SCORCH deployment.

    • Network Communication Ports

      Source

      Targeted computer

      Default port

      Configurable

      Runbook Designer

      Management Server

      135, 1024-65535

      Yes.

      Management Server, Runbook Server, and Web Service

      Orchestration database

      1433

      Yes; specified during the installation on the SCORCH supported version of Microsoft SQL Server. This is the case where the SQL Server instance is not using the default port.

      Client browser

      Orchestrator Web Service

      81

      Yes; during the SCORCH installation.

      Client browser

      Orchestration Console

      82

      Yes; during the SCORCH installation.

How it works…

The planning activities discussed are the minimum activities the authors recommend. The tasks performed at this stage will ensure that you ask for and plan for all your requirements before investing time in the actual installation. An additional benefit is identifying any people or budgetary risks before the deployment.

There’s more…

There are two additional planning areas which are typically ignored in technology focused deployments. These areas are communication strategies and stakeholder management.

Communication strategy

One of the inaccurate myths of SCORCH is that it would automate the IT professional. SCORCH when implemented right would improve efficiency but will not replace people. On the contrary you need to communicate with the people who perform the manual tasks as they hold the key to how to best automate their efforts. Early engagement with all IT team members should be one of your key planning tasks.

Stakeholder management

Stakeholders are all users affected by the SCORCH deployment. An important category of stakeholders are the management team responsible for policy creation and enforcement. Automation without organization buy in may lead to conflicts at the political level of your organization. An example of such a scenario is the ability to create Active Directory user accounts with rights to specific organization areas and restricted resources.

LEAVE A REPLY

Please enter your comment!
Please enter your name here