Difference between revisions of "PROC18 Temporary Cloud Resource Centre Registration and Certification"
Line 50: | Line 50: | ||
= Resource Center status Workflow = | = Resource Center status Workflow = | ||
Please see [[PROC09#PROC09#Resource_Center_status_Workflow]] | |||
== Resource Centre registration == | == Resource Centre registration == | ||
Line 321: | Line 305: | ||
|} | |} | ||
<u>After the successful completion of these steps, the Resource Centre is considered as "Certified".</u> | <u>After the successful completion of these steps, the Resource Centre is considered as "Certified".</u> | ||
= Revision History = | = Revision History = |
Revision as of 15:40, 5 August 2013
Main | EGI.eu operations services | Support | Documentation | Tools | Activities | Performance | Technology | Catch-all Services | Resource Allocation | Security |
Documentation menu: | Home • | Manuals • | Procedures • | Training • | Other • | Contact ► | For: | VO managers • | Administrators |
Title | Cloud Resource Centre Registration and Certification |
Document link | https://wiki.egi.eu/wiki/PROC18 |
Last modified | |
Policy Group Acronym | OMB |
Policy Group Name | Operations Management Board |
Contact Group | operations at mailman.egi.eu |
Document Status | |
Approved Date | |
Procedure Statement | A procedure for the steps involved to both register and certify new Cloud Resource Centres (sites) in the EGI infrastructure. The certification step can also be used to re-certify suspended Cloud Resource Centres (sites). |
Owner | Owner of procedure |
Overview
Certification is a verification process for a Cloud Resource Centre (aka site) to become part of a Resource Infrastructure such as a National Grid Initiative (NGI), an EIRO, or a multi-country Resource Infrastructure.
This document describes the steps required to
- register and certify a new Cloud Resource Centre,
- re-certify a Cloud Resource Centre which has been suspended.
A separate document provides the process for decommissioning a Resource Centre.
Through its parent Resource Infrastructure, a certified Cloud Resource Centre becomes a member of the EGI Resource Infrastructure to make resources available to international user communities.
The main difference between a certified Cloud Resource Centre and an uncertified or test Cloud Resource Centre is that a certified Cloud Resource Centre provides and guarantees a minimum quality of service of the resources (currently expressed in terms of monthly availability and reliability). All the requirements can be found in the Resource Centre OLA.
Definitions
- Cloud Resource Centre refers to the Resource Center definition in the "Resource Centre OLA". In addition Resource Center is planing to provide Cloud production quality resources.
- In this document, the term "site" is deprecated, and Resource Centre has been used in its place.
Please refer to the EGI Glossary for the definitions of the terms used in this procedure.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", “MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.
Entities involved in the procedure
Please see PROC09#Entities_involved_in_the_procedure
Prerequisites and responsibilities
Please see PROC09#Prerequisites_and_responsibilities
Resource Center status Workflow
Please see PROC09#PROC09#Resource_Center_status_Workflow
Resource Centre registration
Requirements
A Resource Centre MUST
- find a rescpective Resource Infrastructure which will provide operational services to the Resource Center. If a provider is not yet available for your country, then an alternative existing Operations Centre can be contacted.
- provide required information: HOWTO01 Site Certification Required Information.
Notes: If a Resource Centre wishes to leave the Grid or the Grid decides to remove the Resource Centre, the registration information MUST be kept by GOCDB for at least the same period defined for logging in the Traceability and Logging Policy. Personal registration information of the Resource Centre Operations Manager and Security Contact of the Resource Centre leaving the Grid MUST NOT be retained for longer than one year.
Steps
The following steps are only applicable if the Resource Centre is not already registered in GOCDB.
- Actions tagged RC are the responsibility of the Resource Centre Operations Manager.
- Actions tagged RP are the responsibility of the Resource Infrastructure Operations Manager.
- Actions tagged OC are the responsibility of the Operations Centre
# | Responsible | Action |
---|---|---|
0 | RC |
Contact your Resource Infrastructure Operations Manager (contact information is available at EGI web site).
|
1 | RP |
Accept or reject registration request and communicate this result back to applicant.
|
2 | OC |
Include the Operations Centre ROD, CSIRT, or help-desk teams in the step if necessary. |
3 | OC |
|
4 | RC |
|
5 | RC or OC |
|
6 | OC |
Check GOC DB that the Resource Centre's information is correct.
|
7 | OC |
Any other Operations Centre-specific requirements (e.g. join a certain VO and/or mailing list, etc.) |
8 | OC |
If all previous actions have been completed with success, notify the Resource Centre Operations Manager that the Registration is completed, and contact the Resource Infrastructure Operations Manager to notify that a new candidate Resource Centre exists and is ready to be certified. |
After the successful completion of all these steps, the registration phase is completed and the Resource Centre is ready for the start of the certification phase.
Resource Centre certification
Requirements
- The Resource Centre Certification procedure is only applicable for both Resource Centres in "Candidate" or "Suspended" status state in GOC DB.
- A Resource Centre can successfully pass certification only if the conditions required by the Resource Centre OLA are met.
Steps
The following is a detailed description of the steps required for the transition from the "Candidate"/"Suspended" to the "Certified" state of the Resource Centre.
- Actions tagged RC are the responsibility of the Resource Centre Operations Manager.
- Actions tagged RP are the responsibility of the Resource Infrastructure Operations Manager.
- Actions tagged OC are the responsibility of the Operations Centre
- Actions tagged CSIRT are the responsibility of the Computer Security Incident Response Team
# | Responsible | Action |
---|---|---|
0 | RP |
The Resource Infrastructure Operations Manager contacts the Resource Centre Operations Manager to request the subscription of the Resource Centre OLA. |
1 | RC |
The Resource Centre Operations Manager notifies the Resource Infrastructure Operations Manager that the Resource Centre OLA is accepted (if the Resource Centre is has not already endorsed it before for example in case of a suspended Resource Centre), and the Resource Centre is ready to start certification. |
2 | RP |
The Resource Infrastructure Operations Manager contacts the Operations Centre asking to start the certification process. |
3 | OC |
If the Resource Centre is in the "Candidate" or "Suspended" state, then flag the Resource Centre as "Uncertified".
|
4 | OC |
Add Resource Centre contact information to any regional mailing list and provide access to regional tools as required. |
5 | OC |
Check: GOC DB: All services are registered in GOCDBaccording to the requirements of the Resource Centre OLA, these are published and ALSO that services published in the GOCDB are valid.
|
6 | OC |
Check that the registered services are fully functional by performing manual tests.
Details for submitting manual tests can be found at Grid manual tests. |
7 | CSIRT |
Checks that the Resource Centre passes the basic security assessment tests, consisting of a suite of nagios security probes and the patch status monitoring tool (eg. Pakiti). Especially the Resource Centre MUST NOT reveal critical vulnerabilities as defined from SVG/CSIRT
|
8 | OC |
If all preliminary tests are passed for 3 consecutive calendar days, declare an initial maintenance downtime and switch the Resource Centre status to 'Certified'.
|
9 | OC |
The downtime should not be closed until the Resource Centre
Wait at least two days after the switch to the 'Certified' status to open the ticket, the propagation of the new status to the operational tools or the publication of accounting data may take one or two days. |
10 | OC | Notify the Resource Centre Operations Manager that the Resource Centre is certified |
11 | OC |
The Operation Center can broadcast that a new Resource Centre is now part of the EGI infrastructure. This step is OPTIONAL. |
After the successful completion of these steps, the Resource Centre is considered as "Certified".
Revision History
Version | Authors | Date | Comments |
---|---|---|---|
Malgorzata | 18.03 | RC Certification steps: Step 5 added part concerning QCG |