docs/deployment/VM_DEPLOYMENT_CHECKLIST.md

# VM Deployment Checklist

## Pre-Deployment

- [ ] Azure subscription configured
- [ ] Azure CLI installed and logged in
- [ ] Terraform >= 1.0 installed
- [ ] SSH key pair generated
- [ ] Resource group created
- [ ] Network infrastructure deployed (VNet, subnets, NSGs)
- [ ] Key Vault created and configured
- [ ] Genesis file generated
- [ ] Validator keys generated
- [ ] Terraform variables configured (`terraform.tfvars.vm`)

## Deployment

- [ ] Terraform initialized (`terraform init`)
- [ ] Terraform plan reviewed (`terraform plan`)
- [ ] VM deployment enabled (`vm_deployment_enabled = true`)
- [ ] SSH public key configured
- [ ] VM sizes selected appropriately
- [ ] Disk sizes configured
- [ ] Terraform apply executed (`terraform apply`)
- [ ] VMs created successfully
- [ ] Public IPs assigned (sentries and RPC nodes)
- [ ] Network Security Groups configured

## Post-Deployment

### Validation

- [ ] All VMs created (validators, sentries, RPC)
- [ ] All VMs running
- [ ] SSH access working
- [ ] Docker installed on all VMs
- [ ] Besu containers running
- [ ] Genesis file present
- [ ] Validator keys present (for validators)
- [ ] Configuration files present

### Network

- [ ] Validators in private subnets
- [ ] Sentries have public IPs
- [ ] RPC nodes have public IPs
- [ ] NSG rules configured correctly
- [ ] P2P port (30303) accessible for sentries
- [ ] RPC port (8545) accessible for RPC nodes
- [ ] Metrics port (9545) accessible

### Functionality

- [ ] Validators syncing
- [ ] Sentries peering
- [ ] RPC endpoints responding
- [ ] Chain ID correct (138)
- [ ] Block production working
- [ ] Transactions processing

### Security

- [ ] Managed Identity configured
- [ ] Key Vault access policies set
- [ ] NSG rules restrictive
- [ ] SSH keys configured
- [ ] No hardcoded secrets
- [ ] Boot diagnostics enabled

### Monitoring

- [ ] Metrics endpoint accessible
- [ ] Logs accessible
- [ ] Monitoring scripts working
- [ ] Health checks passing
- [ ] Alerts configured (if applicable)

## Operations

### Daily

- [ ] Check VM status
- [ ] Check Besu container status
- [ ] Review logs for errors
- [ ] Check resource usage
- [ ] Verify block production

### Weekly

- [ ] Review security logs
- [ ] Check disk usage
- [ ] Review performance metrics
- [ ] Update documentation
- [ ] Review costs

### Monthly

- [ ] Security audit
- [ ] Backup verification
- [ ] Disaster recovery test
- [ ] Capacity planning review
- [ ] Update dependencies

## Troubleshooting

- [ ] Troubleshooting guide reviewed
- [ ] Diagnostic scripts available
- [ ] Support contacts documented
- [ ] Runbook procedures tested

## Documentation

- [ ] Deployment guide reviewed
- [ ] Quick start guide reviewed
- [ ] Troubleshooting guide reviewed
- [ ] Runbooks created
- [ ] Architecture documented

## Sign-off

- [ ] All checks completed
- [ ] Network operational
- [ ] Security verified
- [ ] Monitoring configured
- [ ] Documentation complete
- [ ] Team trained

---

**Last Updated**: $(date +%Y-%m-%d)
**Deployment Version**: 1.0
Add Oracle Aggregator and CCIP Integration - Introduced Aggregator.sol for Chainlink-compatible oracle functionality, including round-based updates and access control. - Added OracleWithCCIP.sol to extend Aggregator with CCIP cross-chain messaging capabilities. - Created .gitmodules to include OpenZeppelin contracts as a submodule. - Developed a comprehensive deployment guide in NEXT_STEPS_COMPLETE_GUIDE.md for Phase 2 and smart contract deployment. - Implemented Vite configuration for the orchestration portal, supporting both Vue and React frameworks. - Added server-side logic for the Multi-Cloud Orchestration Portal, including API endpoints for environment management and monitoring. - Created scripts for resource import and usage validation across non-US regions. - Added tests for CCIP error handling and integration to ensure robust functionality. - Included various new files and directories for the orchestration portal and deployment scripts. 2025-12-12 14:57:48 -08:00			`# VM Deployment Checklist`

			`## Pre-Deployment`

			`- [ ] Azure subscription configured`
			`- [ ] Azure CLI installed and logged in`
			`- [ ] Terraform >= 1.0 installed`
			`- [ ] SSH key pair generated`
			`- [ ] Resource group created`
			`- [ ] Network infrastructure deployed (VNet, subnets, NSGs)`
			`- [ ] Key Vault created and configured`
			`- [ ] Genesis file generated`
			`- [ ] Validator keys generated`
			- [ ] Terraform variables configured (`terraform.tfvars.vm`)

			`## Deployment`

			- [ ] Terraform initialized (`terraform init`)
			- [ ] Terraform plan reviewed (`terraform plan`)
			- [ ] VM deployment enabled (`vm_deployment_enabled = true`)
			`- [ ] SSH public key configured`
			`- [ ] VM sizes selected appropriately`
			`- [ ] Disk sizes configured`
			- [ ] Terraform apply executed (`terraform apply`)
			`- [ ] VMs created successfully`
			`- [ ] Public IPs assigned (sentries and RPC nodes)`
			`- [ ] Network Security Groups configured`

			`## Post-Deployment`

			`### Validation`

			`- [ ] All VMs created (validators, sentries, RPC)`
			`- [ ] All VMs running`
			`- [ ] SSH access working`
			`- [ ] Docker installed on all VMs`
			`- [ ] Besu containers running`
			`- [ ] Genesis file present`
			`- [ ] Validator keys present (for validators)`
			`- [ ] Configuration files present`

			`### Network`

			`- [ ] Validators in private subnets`
			`- [ ] Sentries have public IPs`
			`- [ ] RPC nodes have public IPs`
			`- [ ] NSG rules configured correctly`
			`- [ ] P2P port (30303) accessible for sentries`
			`- [ ] RPC port (8545) accessible for RPC nodes`
			`- [ ] Metrics port (9545) accessible`

			`### Functionality`

			`- [ ] Validators syncing`
			`- [ ] Sentries peering`
			`- [ ] RPC endpoints responding`
			`- [ ] Chain ID correct (138)`
			`- [ ] Block production working`
			`- [ ] Transactions processing`

			`### Security`

			`- [ ] Managed Identity configured`
			`- [ ] Key Vault access policies set`
			`- [ ] NSG rules restrictive`
			`- [ ] SSH keys configured`
			`- [ ] No hardcoded secrets`
			`- [ ] Boot diagnostics enabled`

			`### Monitoring`

			`- [ ] Metrics endpoint accessible`
			`- [ ] Logs accessible`
			`- [ ] Monitoring scripts working`
			`- [ ] Health checks passing`
			`- [ ] Alerts configured (if applicable)`

			`## Operations`

			`### Daily`

			`- [ ] Check VM status`
			`- [ ] Check Besu container status`
			`- [ ] Review logs for errors`
			`- [ ] Check resource usage`
			`- [ ] Verify block production`

			`### Weekly`

			`- [ ] Review security logs`
			`- [ ] Check disk usage`
			`- [ ] Review performance metrics`
			`- [ ] Update documentation`
			`- [ ] Review costs`

			`### Monthly`

			`- [ ] Security audit`
			`- [ ] Backup verification`
			`- [ ] Disaster recovery test`
			`- [ ] Capacity planning review`
			`- [ ] Update dependencies`

			`## Troubleshooting`

			`- [ ] Troubleshooting guide reviewed`
			`- [ ] Diagnostic scripts available`
			`- [ ] Support contacts documented`
			`- [ ] Runbook procedures tested`

			`## Documentation`

			`- [ ] Deployment guide reviewed`
			`- [ ] Quick start guide reviewed`
			`- [ ] Troubleshooting guide reviewed`
			`- [ ] Runbooks created`
			`- [ ] Architecture documented`

			`## Sign-off`

			`- [ ] All checks completed`
			`- [ ] Network operational`
			`- [ ] Security verified`
			`- [ ] Monitoring configured`
			`- [ ] Documentation complete`
			`- [ ] Team trained`

			`---`

			`Last Updated: $(date +%Y-%m-%d)`
			`Deployment Version: 1.0`