讲义-IT运维体系建设的理论、方法及实践

1、IT运维体系建设的理论、方法及实践中山大学网络与信息技术中心何海涛 博士 高级工程师提纲基本理论“最佳实践”的方法SYSUNET的具体实践提纲基本理论系统工程IT治理“最佳实践”的方法SYSUNET的具体实践背景IT的永恒不变的特点就是其变化性。对IT的理解经历了从单一的技术工具向企业核心资源并进而向以综合战略、关系、文化和人、组织、制度建设为主要内容的过渡过程。将IT理解为纯粹的技术问题被公认为是错误的观点，这是IT运维体系解决的核心问题。IT运维管理的挑战什么是系统许多组成要素保持有机的秩序，向同一目的行动的事物（日本JIS工业标准）自成体系的组织；相同或相类的事物按一定的秩序和内部联系组

2、合而成的整体（辞海）一些在相互关联与联系之下的要素组成的集合，形成了一定的整体性、统一性（前苏联大百科全书）什么是系统（cont.）系统由要素结合而成系统具有关联性系统具有目的性系统具有层次性系统具有环境适应性系统构成的要素（钱学森）物物资（能源、原料、半成品、成品）设备（土木建筑、机电设备、工具仪表）财（工资、流动资金）事任务（上级下达的任务或与其他单位所订合约）信息（数据、图纸、报表、规章、决策等）人什么是系统工程系统工程是组织管理系统的规划、研究、设计、制造、试验和使用的科学方法，是一种对所有系统都具有普遍意义的方法（钱学森、许国志、王寿云）系统工程是为了更好的达到系统目标，而对系统的构

3、成要素、组织结构、信息流动和控制机理等进行分析与设计的技术（日本JIS工业标准）系统工程的原则目的性原则整体性原则综合性原则动态性原则协调与优化原则适应性原则提纲基本理论系统工程IT治理“最佳实践”的方法SYSUNET的具体实践什么是IT治理 规定了决策的权利 (decision rights) 及责任的框架 (accountability framework)，以鼓励在IT的使用中产生所期望的行为 (desirable behaviors)。 Weill & Ross （2004） 一个有效的IT治理应解决：什么 (what) 决策应该被做出；由谁 (who) 负责做出；这些决策如何 (ho

4、w) 被做出并监测等三个问题。IT治理的目标 完善IT风险控制体系，降低IT成本，实现IT与企业战略、管理、业务、安全的深度融合，使IT为企业持续地创造价值，有效率并有效果地进行信息化。 IT Governance Institute (ITGI) IT 治理域（domain）Value deliveryFocuses on ensuring the linkage of business and IT plans and on aligning IT operations with enterprise operationsIT delivers the promised benefits

5、against the strategy, concentrating on optimizing costs and proving the intrinsic value of ITIs about the optimal investment in, and the proper management of, critical IT resources: applications, information, infrastructure and people Senior management, appetite for risk, compliance requirements, tr

6、ansparency about the significant risks to the organisationTracks and monitors strategy implementation, project completion, resource usage, process performance and service delivery to achieve goals measurable beyond conventional accountingPerformance measurementRisk managementResource managementStrat

7、egic alignment2007 IT Governance Institute提纲基本理论“最佳实践”的方法SYSUNET的具体实践平衡（balance） 在中山大学，其内部组织及所采用的IT技术均十分复杂，这要求竞争(Competing)的IT技术应该被仔细评估以保障有限资源 (limited resource) 能够被有效的使用，故IT的决策者应平衡 (balance)：创新性 vs. 稳定性/可靠性有限的带宽资源 vs. 庞大的用户需求集体共识 vs. 决策的效率集中式 vs. 分布式服务商业应用 vs. 开源程序PerformanceConformance风险（Risk）评估基础

8、设施风险架构不完整、可靠性和冗余性不足短视（short-sighted）的规划技术风险不成熟的技术组织架构及人力资源风险IT组织的形式及人力的职责不清晰流程的执行力不足V3 PackageCOREVALUE ADDED PRODUCTSCOMPLEMENTARYPractical Decision MakingBusiness Eco systemsFrom value chains to value netsAdaptive processes for customers, services and strategiesLinking to external practices and st

9、andardsManaging uncertainty and complexityIncreasing the economic life of servicesSelecting, adapting and tuning the best IT service strategiesPragmatic Service BlueprintPolicies, Architecture, Portfolios, service modelsEffective technology, process and measurement designOutsource, shared services,

10、co-source models? How to decide & how to do itThe service package of utility, warranty, capability, metrics treeTriggers for re-designNewly designed Change, Release & Configuration processesRisk and quality assurance of designManaging organization & cultural change during transitionService managemen

11、t knowledge systemIntegrating projects into transition Creating & selecting transition modelsManaging change, risk & quality assuranceResponsive, stable servicesRobust end to end operations practicesRedesigned, incident and problem processesNew functions and processesEvent, technology and request ma

12、nagementInfluencing strategy, design, transition and improvement SOA, virtualization, adaptive, agile service operation modelsMeasures that mean something& improvements that workThe business case for ROIGetting past just talking about itOverall health of ITSMPortfolio alignment in real-time with bus

13、iness needsGrowth and maturity of SM practiceHow to measure, interpret and execute resultsITIL v3强调更多的管理实践IITL V2 vs. ITIL V3ITIL3.0版本里面引入了生命周期的概念。它通过PDCA模型，可以不断地循环改进，从而保持ITIL的生命活力。ITIL3.0提供了丰富的新资源。ITIL3.0里面加入了和业界其他标准的接口，如软件开发标准CMMI、目前非常热门的COBIT（IT治理控制框架）、6绩效考核管 理办法和PMP项目管理方法等。 V2 ProcessesIncident

14、ManagementProblem ManagementConfiguration ManagementChange ManagementRelease ManagementService Level ManagementCapacity ManagementAvailability ManagementFinancial ManagementIT Service Continuity ManagementAgree&DefinePlan&ImproveRelease&ControlSupport&RestoreFinancial ManagementService Level Managem

15、entCapacity ManagementAvailability ManagementIT Service Continuity ManagementService DeskConfiguration ManagementChange ManagementRelease ManagementIncident ManagementProblem ManagementService DeskContinual ServiceImprovementAgree&DefinePlan&ImproveRelease&ControlSupport&RestoreServiceStrategyFinanc

16、ial ManagementDemand ManagementService Portfolio ManagementServiceDesignFinancial ManagementService Catalog ManagementService Level ManagementService Level ManagementAvailability ManagementCapacity ManagementSupplier ManagementInformation Security ManagementIT Service Continuity ManagementAvailabili

17、ty ManagementCapacity ManagementIT Service Continuity ManagementServiceTransitionTransition Planning & SupportChange ManagementConfiguration ManagementChange ManagementRelease ManagementConfiguration ManagementRelease ManagementService Validation & TestingEvaluationKnowledge ManagementServiceOperati

18、onEvent ManagementIncident ManagementRequest FulfillmentProblem ManagementAccess ManagementService DeskTechnical ManagementIT Operations ManagementApplications ManagementIncident ManagementProblem ManagementService DeskService MeasurementService ReportingService Improvement提纲基本理论“最佳实践”的方法SYSUNET的具体实践SYSUNET的使命（Mission） 设计并实施一个完整的校园网，能够提供一个简单、安全且健壮的基础设施，实现用户在任何时间 (anytime)、任何地点 (anywhere)的校园网便利接入，这一切均在一个可持续 (sustainable) 的资金投入基础上结合业界最好的实践 (industry best practice)实现。 SYSUNET的现状覆盖4个校区、8所附属医院和2个独立学院总用户数约4.6万，其中南校区1.8万，北校区0.