Skip to content

Cesivi Production Deployment Checklist

HomeDocumentationReference → Production Checklist

This checklist ensures a smooth and secure production deployment of Cesivi server.

Pre-Deployment Checklist

1. Environment Validation

  • [ ] .NET Runtime installed (.NET 10.0 or later)
  • [ ] Hardware meets minimum requirements:
  • CPU: 2+ cores (4+ recommended)
  • RAM: 4GB+ (8GB+ recommended)
  • Disk: SSD with 20GB+ available
  • [ ] Operating System supported and patched
  • [ ] Network ports available (5000 for HTTP, 5001 for HTTPS)
  • [ ] Firewall configured to allow required ports
  • [ ] DNS records configured (if using custom domain)

2. Security Configuration

  • [ ] HTTPS enabled with valid SSL certificate
  • [ ] Authentication mechanism configured:
  • [ ] NTLM authentication tested
  • [ ] Basic authentication tested (development only)
  • [ ] Bearer token authentication tested
  • [ ] CORS configured with specific origins (not wildcard *)
  • [ ] Rate limiting enabled and tested
  • [ ] Security headers enabled:
  • [ ] HSTS (Strict-Transport-Security)
  • [ ] X-Frame-Options
  • [ ] X-Content-Type-Options
  • [ ] Content-Security-Policy
  • [ ] Secrets management implemented (no hardcoded credentials)
  • [ ] Audit logging enabled for security events

3. Configuration Review

  • [ ] appsettings.Production.json reviewed and validated
  • [ ] Environment variables set correctly:
    ASPNETCORE_ENVIRONMENT=Production
    ASPNETCORE_URLS=https://+:5001;http://+:5000
    
  • [ ] Logging level set appropriately (Warning or Error for production)
  • [ ] MockData location configured correctly
  • [ ] Connection strings (if using database) validated
  • [ ] Cache configuration optimized:
  • [ ] Cache expiration set
  • [ ] Cache size limits configured
  • [ ] Distributed cache (Redis) configured if HA required

4. Performance Validation

  • [ ] Performance benchmarks executed:
    cd tools/PerformanceBenchmark
    dotnet run
    
  • [ ] Baseline metrics documented:
  • [ ] Average response time < 10ms for SOAP
  • [ ] Average response time < 15ms for REST
  • [ ] P95 response time < 50ms
  • [ ] Compression enabled (Brotli/Gzip)
  • [ ] Response caching configured and tested
  • [ ] MockData structure optimized (no files > 10MB)

5. Monitoring Setup

  • [ ] Health check endpoint accessible: /_vti_bin/diagnostics
  • [ ] Application Insights or monitoring tool configured
  • [ ] Log aggregation setup (ELK, Loki, or Serilog to file)
  • [ ] Alerts configured for:
  • [ ] Service down (health check failure)
  • [ ] High error rate (> 5%)
  • [ ] High memory usage (> 80%)
  • [ ] Slow response times (P95 > 100ms)
  • [ ] Low cache hit rate (< 40%)
  • [ ] Metrics dashboard created (Grafana/Azure Dashboard)

6. Backup & Recovery

  • [ ] Backup strategy implemented:
  • [ ] Daily automated backup of MockData
  • [ ] Configuration files backed up
  • [ ] Backup retention policy: 30 days minimum
  • [ ] Backup storage verified (local/S3/Azure Blob)
  • [ ] Restore procedure tested successfully
  • [ ] Disaster recovery plan documented
  • [ ] RTO/RPO defined and achievable:
  • [ ] RTO < 1 hour
  • [ ] RPO < 24 hours

7. High Availability (if required)

  • [ ] Load balancer configured and tested
  • [ ] Multiple instances deployed (minimum 2)
  • [ ] Shared storage for MockData (NFS/Azure Files/EFS)
  • [ ] Session affinity configured if needed
  • [ ] Health checks enabled on load balancer
  • [ ] Failover tested successfully
  • [ ] Auto-scaling configured (if Kubernetes/cloud)

Deployment Steps

1. Pre-Deployment Actions

  • [ ] Change window scheduled and communicated
  • [ ] Stakeholders notified of deployment
  • [ ] Rollback plan prepared and reviewed
  • [ ] Deployment team briefed
  • [ ] Support team on standby

2. Build and Publish

# Build application
dotnet clean
dotnet build --configuration Release

# Run tests
dotnet test --no-build --verbosity normal

# Publish application
dotnet publish Cesivi.Server/Cesivi.csproj \
  --configuration Release \
  --output ./publish \
  --self-contained false
  • [ ] Build successful with 0 errors, 0 warnings
  • [ ] All tests passing (146/146)
  • [ ] Published artifacts created

3. Deployment Execution

Choose deployment method:

Option A: systemd Service (Linux)

# Copy application
sudo cp -r ./publish/* /opt/Cesivi/

# Set permissions
sudo chown -R Cesivi:Cesivi /opt/Cesivi

# Restart service
sudo systemctl restart Cesivi

# Verify service
sudo systemctl status Cesivi
  • [ ] Application copied successfully
  • [ ] Permissions set correctly
  • [ ] Service started successfully
  • [ ] Health check passing

Option B: Docker

# Build image
docker build -t Cesivi:v1.0 -f deployment/docker/Dockerfile .

# Run container
docker-compose up -d

# Verify container
docker ps | grep Cesivi
docker logs Cesivi
  • [ ] Image built successfully
  • [ ] Container running
  • [ ] Health check passing
  • [ ] Logs show no errors

Option C: Kubernetes

# Apply manifests
kubectl apply -f deployment/k8s/deployment.yaml
kubectl apply -f deployment/k8s/ingress.yaml

# Check deployment
kubectl get pods -n sharepoint
kubectl get svc -n sharepoint

# Check logs
kubectl logs -n sharepoint -l app=Cesivi
  • [ ] Pods running (all replicas)
  • [ ] Service accessible
  • [ ] Ingress configured
  • [ ] Health checks passing

4. Post-Deployment Validation

  • [ ] Health endpoint accessible:
    curl https://Cesivi.company.com/_vti_bin/diagnostics
    
  • [ ] SOAP services responding:
    curl -X POST https://Cesivi.company.com/_vti_bin/Lists.asmx \
      -H "Content-Type: text/xml" \
      --data '<soap:Envelope>...</soap:Envelope>'
    
  • [ ] REST API responding:
    curl https://Cesivi.company.com/_api/web \
      -H "Authorization: Bearer <token>"
    
  • [ ] PnP PowerShell connectivity tested:
    Connect-PnPOnline -Url "https://Cesivi.company.com" -Credentials $creds
    Get-PnPWeb
    
  • [ ] Error logs reviewed (no critical errors)
  • [ ] Performance metrics within acceptable range
  • [ ] SSL certificate valid and trusted

5. Smoke Tests

Run smoke test suite:

# REST API smoke test
curl https://Cesivi.company.com/_api/web | jq '.d.Title'

# SOAP smoke test
curl -X POST https://Cesivi.company.com/_vti_bin/Lists.asmx \
  -H "SOAPAction: http://schemas.microsoft.com/sharepoint/soap/GetListCollection" \
  --data @soap-request.xml

# Search smoke test
curl "https://Cesivi.company.com/_api/search/query?querytext='test'" | jq
  • [ ] All smoke tests passing
  • [ ] Response times acceptable
  • [ ] No errors in logs

Post-Deployment Checklist

1. Monitoring Verification

  • [ ] Metrics flowing to monitoring system
  • [ ] Dashboards showing live data
  • [ ] Alerts tested and firing correctly
  • [ ] Logs aggregating correctly

2. Performance Validation

  • [ ] Baseline performance measured and documented
  • [ ] Response times within SLA:
  • [ ] SOAP operations < 10ms average
  • [ ] REST operations < 15ms average
  • [ ] P95 < 50ms
  • [ ] Throughput tested (requests/second)
  • [ ] Concurrent users load tested

3. Security Audit

  • [ ] Vulnerability scan completed
  • [ ] SSL configuration tested (SSL Labs A+ rating)
  • [ ] Authentication working correctly
  • [ ] Authorization enforced
  • [ ] Audit logs capturing events

4. Documentation Update

  • [ ] Deployment date recorded
  • [ ] Version number documented
  • [ ] Configuration changes logged
  • [ ] Known issues documented
  • [ ] Runbook updated

5. Stakeholder Communication

  • [ ] Deployment success communicated
  • [ ] Service URL shared
  • [ ] Support contacts provided
  • [ ] Known limitations communicated
  • [ ] Feedback mechanism established

Rollback Procedures

When to Rollback

Rollback immediately if: - [ ] Critical functionality broken - [ ] Error rate > 10% - [ ] Service unavailable for > 5 minutes - [ ] Data corruption detected - [ ] Security vulnerability introduced

Rollback Steps

systemd Service

# Stop current service
sudo systemctl stop Cesivi

# Restore previous version
sudo cp -r /backup/Cesivi-previous/* /opt/Cesivi/

# Restore configuration
sudo cp /backup/config/appsettings.Production.json /opt/Cesivi/

# Start service
sudo systemctl start Cesivi

# Verify
curl http://localhost:5000/_vti_bin/diagnostics

Docker

# Rollback to previous image
docker-compose down
docker tag Cesivi:v1.0 Cesivi:rollback
docker tag Cesivi:v0.9 Cesivi:v1.0
docker-compose up -d

Kubernetes

# Rollback deployment
kubectl rollout undo deployment/Cesivi -n sharepoint

# Verify rollback
kubectl rollout status deployment/Cesivi -n sharepoint
  • [ ] Rollback completed
  • [ ] Service functional
  • [ ] Stakeholders notified
  • [ ] Post-mortem scheduled

Sign-Off

Deployment Team

Role Name Signature Date
Release Manager _______ _______ //_____
DevOps Engineer _______ _______ //_____
QA Lead _______ _______ //_____
Security Officer _______ _______ //_____

Approvals

  • [ ] Technical Lead approval obtained
  • [ ] Security Team approval obtained
  • [ ] Operations Team approval obtained
  • [ ] Product Owner approval obtained

Post-Deployment Review

Schedule post-deployment review within 48 hours:

  • [ ] Lessons learned captured
  • [ ] Issues encountered documented
  • [ ] Process improvements identified
  • [ ] Documentation updated

Appendix

Contact Information

Team Email Phone Escalation
DevOps devops@company.com +1-xxx-xxx-xxxx On-Call
Security security@company.com +1-xxx-xxx-xxxx CISO
Support support@company.com +1-xxx-xxx-xxxx L2 Support

Reference Documents

Service Level Agreements (SLA)

Metric Target Measurement
Availability 99.9% uptime Monthly
Response Time P95 < 50ms Hourly average
Error Rate < 0.1% Daily average
Support Response < 15 minutes Business hours

Deployment Version: 1.0 Document Version: 1.0 Last Updated: 2025-01-06 Next Review: 2025-02-06