Project:Sandbox

= Schedule of works. November 2011 – March 2012 =

Telecity updates and minor sort out
Date:12th November 2011 LATE (22:00 – 23:59)

Port settings on Telecity for ISP routers
Change Gi1/0/1 & Gi2/0/1 to manual - 100/full (via Cisco Network Assistant on LVDC01).

NIC teaming related changes
Enable LVDC01 2nd NIC.

‘sudo ifdown eth1’ on MEGRIM.

Updates
LVDC01 only:2601626 (will require reboot).

All (inc. LVDC01):890830 (MSRT, Nov ’11) & 2544893 (no reboot usually required with latter).

IP address reassignments on LVWEB01
Remove 10.9.y.48 from HSBC site and restart.

Add 10.9.0.48 to Monte Titoli site, remove 10.9.0.101, restart and update DNS records (LVAPP01 & LVDC01).

Hardware changes at Telecity
Date:26th November 2011 MORNING (09:00 – 13:00)

09:00Transfer and installation of TMAPP01 & PLAICE
09:00Arrive at office, reconfigure (IP addresses & web servers), shutdown & dismount both servers (take rails).

Install 4 * 1GB RAM (i.e. 2 CT553121 kits) in TMAPP01.

10:00Journey to Telecity (via Addison Lee taxi service).

11:00Remove blanking plates & move power bars. Install servers, as per notes below.

12:00Other hardware tasks (see below).

TMAPP01 notes
Rack position:9 & 10

Cable length/colour:2m, red

Data switch port:9 (HALIBUT to 10)

KVM switch & port:1508i, 2 (move GHOTI to 8, EWSRV01 to 1508Ai next time)

Power switch & port:1&2, D

New IP addresses:10.8.0.226

PLAICE notes
Rack position:7 & 8

Cable length/colour:2m, red

Data switch port:19

KVM switch & port:1508i, 7 (move LVDB01 to 1 next time)

Power switch & port:3&4, D

New IP addresses:10.9.0.63, .32, .33, .35 (add after removal from MEGRIM)

CL1000M Notes
Rack position:23

Power switch & port:

LVAPP01 – RAM & 2nd CPU
Install 2 * 2GB RAM (i.e. the CT852712 kit).

GHOTI – RAM
Install 4 * 1GB RAM (i.e. 2 CT553121 kits).

13:00LUNCH

Network changes at Telecity (part 1)
Date:26th November 2011 AFTERNOON (14:00 – 17:30)

14:00IP address changes on servers & sites
The primary aim is to allow halving of public subnets, but there are some changes within the space that we will retain.

Shifting Retail 3rd Party Clients (KH, Hysterie, Ellipsis)
GHOTIRun script (~/20111126_update.sh) to achieve following, including freeing addresses for other servers:

Katharine Hamnetttomcat.24 -> .28 

Ellipsis PropertyApache.26 -> .30 

HysterieApacheAdd .29 (.154 to be removed later)

Changes relating to clients with multiple White Label Sites (HSBC & ING ISEC)
These should be made with changes in the next section

MySQL change:

HALIBUTHSBC SupplierSelectAdd privileges for DB from new MEGRIM IP address.

Server address changes:

HALIBUTChange (manual)10.8.0.97, .95 -> .161, .133 (update internal DNS on LVDC01)

MEGRIMRemove10.9.0.126, .35, .8 - .11(new interfaces file ready as _20111126)

LVWEB01Add10.9.0.24 - .27(will be freed from GHOTI beforehand)

Site address changes:

GHOTIING Enquiriesenquiries.ing-isec.com.73 -> .17tomcat_rapx_ing

LVAPP01ING Feesfees.ing-isec.comAdd .21, .23 (temp)

LVWEB01ING MarketsSelect *.ing-isec.com Add .25, .27 (temp)

LVWEB01HSBC MarketsSelect *.hsbcmarketinfo.com Add .24

MarketsSelect & all PROBE sites
Address changes:

LVWEB01Add10.9.0.96-99

Add10.9.0.72-25(will be freed from GHOTI)

LVAPP01Add10.9.0.8-11(will be freed from MEGRIM)

Site changes:

LVAPP01Opbench[opbench]Add .8

Demo Fees[demo-fees]Add .11

LVWEB01MarketsSelect{marketsselect.com}Add .72

Firewall tunnels for new addresses
Need to add DMZ_ & EXTERNAL_ Network Objects (with NAT), plus “WEB” Access Rules, for z=28 — 31.

16:00DNS record changes
LVAPP01Run script (DNS_Changes.bat) to change the following domains:

Clients:

hsbcmarketinfo.com

ing-isec.com

ingnetworkmanagement.com

Retail 3rd Parties:

Katharine Hamnett (8)

ellipsisproperty.com, elipsisproperty.com

Thomas Murray:

marketsselect{.com,.co.uk}

Manually update PROBE related thomasmurray.com records (public and internal).

Network changes at Telecity (part 2) / Updates
Date:17th December 2011 AFTERNOON (14:00 – 17:30)

14:00Windows and apt-get updates, other changes
Apply Windows Updates in new normal order (LVDC01, LVDB01, LVWEB01, LVAPP01, TMAPP01). Also:

SQL Server related tasks
Shrink tempdb (currently 12GB) on LVDB01 – must put server into single user mode first.

Apply service packs:

LVDB01SQL 2005 SP4

LVAPP01SQL 2008 R2 SP1

Firewall tunnels for new addresses
Adjust PROTECTED_097 to PROTECTED_161

Need to add DMZ_ & EXTERNAL_ Network Objects (with NAT), plus “WEB” Access Rules, for z=32 – 33 & 92 – 99.

Removal of 10.9.1.0/24 subnet from LVWEB01 IIS sites
Needs to be removed from almost all of the sites on this server.

New addresses for TM MS WLS instances and supporting applications on LVWEB01
IP z values for sites requiring new addresses on LVWEB01 (with related DNS changes in brackets):

TM R&I, Piccadilly.73[tmri, piccadilly]

ABC Consultants / ABC Fund .73[abcconsultants, abcfund]

Demo Client White Label Sites.75[demo]

Cross Module Sign-On.96[cmso]

Bulletins (*2).97[bulletins, banks]

Reporting Services.99[reports]

Shifting Emile Woolf
Add .92-.95 to server (EWSRV01) & sites (IIS, host headers required) – split between EWP (92 & 93) and others.

Update TM managed Emile Woolf domains (19) on LVAPP01 (even though DNS switch to PLAICE will follow).

16:00New primary addresses on firewall and switches
Prior to the first change, it is necessary to change the Remote IP in the site to site object on the London GNATBoxes.

ASA 5520[1*]External80.85.75.254 -> 126

Management10.30.0.100 -> 126

2960S[1*]Management10.30.0.200 -> 62

Vlan 80880.85.75.124 -> 62

Vlan10810.8.0.124 -> 62

16:30PowerWAN Link activation
Put this on 10.20.0.126, change VLAN to 120.

Hardware & service changes at Telecity
Date:17th December 2011 EVENING (17:30 – 21:00)

17:30New CPU in LVAPP01
Install Intel Xeon 3.2GHz 800MHz FSB (Model 4 Stepping 3) CPU with heatsink.

18:00Installation and connection of KVM switch
Investigate whether the two switches can be independently remotely managed while being serially connected use through the same CL1000M unit.

KH1508Ai (new switch): set up notes
Rack position:21

Data switch & port:

New IP address:80.85.75.67

Hostname (FQDN):kvm-telecity.thomasmurray.com

KH1508i (old switch): set up notes
Rack position:20 (no change required)

Data switch & port:

New IP address:93.89.86.67

Hostname (FQDN):kvm-goscomb.thomasmurray.com

Port connection table
New server connections are marked in green, changes are marked in red (with original position on old switch)

Network changes at Telecity (part 3)
Date:31st December 2011 AFTERNOON (14:00 – 17:30)

14:00Connection, reconfiguration and upgrade of GTA GNATBox firewalls
Keep DMZ (eth; 10.9.0.0/24) interface unplugged until GNATBoxes reconfigured?

Primary and HA virtual addresses
GB-2000X[2]EXTERNAL293.89.86.252-254 -> 124-126

EXTERNAL80.85.75.252-253 -> 124-125

PROTECTED10.8.0.252-254 -> 124-126

DMZ10.9.0.252-254 -> 124-126

17:00Removal of addresses previously used for public sites in upper half of all current /24 subnets
Note: Internal subnets will remain /24, for internal services.

Main shares on TMNAS01 to LUN on SAN array
Date:TBD

Removal of servers from Bunker (plus TMNAS01 from Office) to Telecity?
Date:3rd March 2012

Servers to remove
To Telecity:DRDC01, DRMAIL01, DRNAS01

Scrapping:DRBES01