The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
Difference between revisions of "EGI Software Component Delivery"
Jump to navigation
Jump to search
Ongoing activities
Change management
Classify
Assess and Approve
Implement, release and deploy
Review
Build Release
Customer relationship management
| Line 1: | Line 1: | ||
{{Template:Op menubar}} {{Template:Tools menubar}} | |||
{{TOC_right}} | |||
= Initial activities = | |||
'''Goal: Introducing new Component.''' <br>Every new Component will be introduced concacting TBD_WHO providing following data: | |||
#Name of the Component | |||
#Contacts (support email address, web site address) | |||
#Name and contact details of the person Responsible for the Component | |||
#Description of the Component/Purpose | |||
#License<br> | |||
With the help of the EGI URT team, the following steps need to be performed: | |||
#Registration in GOC DB under EGI.eu NGI | |||
#Create category in "Requirements" queue in EGI RT tracker and RT dashboard to receive and handle service requests | |||
#Create GGUS Support Unit to receive and handle incidents (define level of quality of support - default: Medium) | |||
#Negotiate and sign Technical Provider Underpinning Agreement (TP UA) https://documents.egi.eu/document/2282 with EGI.eu<br> | |||
#Create wiki entry for the tool with relevant information | |||
#*Component name | |||
#*Category, Short description of the Component | |||
#*URL | |||
* | #*Contact TBD_needed a EGI.eu contact for each Component and a Provider contact for EGI.eu | ||
* | #*GGUS Support Unit | ||
* | #*GOC DB entry | ||
* | #*link to related TP UA | ||
#*link to documentation | |||
#*license | |||
#*provider name | |||
#*link to source code | |||
#*Change management: | |||
#**link to EGI RT dashboard for the tool | |||
#**(if applicable) internal bug/task tracking facilities | |||
#**(if applicable) link to OTAG team<br> | |||
#*Release and Deployment management: | |||
#**Release schedule | |||
#**Release notes | |||
#**(if applicable) Roadmap | |||
#**URL of test instance | |||
<br> | <br> | ||
= Ongoing activities<br> = | |||
<br> | |||
== Change management <br> == | |||
'''Goal: To ensure changes are planned, approved, implemented and reviewed in a controlled manner to avoid adverse impact of changes to services or the customers receiving services. ''' | |||
[[Image:CM.png|600px|CM.png]] | |||
=== Record === | |||
#'''EGI recording system''' is [http://rt.egi.eu EGI RT] | |||
#'''EGI user''' are instructed to submit changes requests in EGI RT. | |||
#If the Component has '''other customers than EGI,''' the Provider will inform EGI about submitted change requests from other customers. | |||
#Minimum set of statuses of entry | |||
#*New - newly recorded in system | |||
#*Accepted - accepted by AG/OMB | |||
#*Rejected - rejected by AG/OMB | |||
#*In progress/Open - TP is working on the request<br> | |||
#*Resolved - released | |||
#*Stalled - on hold | |||
=== Classify<br> === | |||
#All change requests should be '''classified in consistent manner'''. Classification in EGI RT is based on the Component the request is related to. <br> | |||
#TP should define list of '''standard change '''requests (a Change that is recurrent, well known, has been proceduralized to follow a pre-defined, relatively risk-free path, and is the accepted response to a specific requirement or set of circumstances, where authority is effectively given in advance of implementation.). Standard change request '''doesn't need approval''' to be implemented. | |||
#'''Emergency change''' for the Component are the highest priority change related to '''security vulnerability '''and can be implemented '''without approval '''but will be '''subject of post-review'''. | |||
=== Assess and Approve<br> === | |||
The | #Each change request should be commented by the TP with assessment of work needed to implement change. | ||
#'''Every change''' which is not a standard change or emergency change '''should be assessed '''(prioritized)'''and approved '''internally, in the URT and with OMB. | |||
#Where needed dedicated [[AG|Advisory Group]] can be set up. The AG mandate is to help the TP in requirement prioritization and releasing process of the Component. AG provide forums to discuss the tools evolution that meet the expressed needs of the EGI community. It has representation from the all end users groups depending on the tool.<br> | |||
#Minimum set of value for prioritization: | |||
#*None (in RT - 0) | |||
#*Low (in RT - 1) | |||
#*Normal (in RT - 2) | |||
#*High (in RT - 3) | |||
#*Immediate/emergency (in RT - 4) | |||
=== Implement, release and deploy<br> === | |||
<br> | Phase which take place in Release and Deployment process (see below).<br> | ||
=== Review<br> === | |||
#Every release is subject to '''post-implementation review'''. Within one week customers are providing feedback answering to following questions: | |||
* | #*Were release notes and documentation sufficient? | ||
* | #*Is the tool working as expected?<br> | ||
== Release and deployment management == | |||
'''Goal: To bundle changes to release, so that these changes can be tested and deployed to the production environment together.''' | |||
[[Image:RnDM.png|700px|RnDM.png]] | |||
=== Plan Release === | |||
#Release schedules should be defined - the frequency of releases (eg. every 1-2 month).<br> | |||
#Scope of every release should be defined. | |||
#Release should be planned in a away that OMB can be informed in at least one week time in advance. | |||
#*all planned releases should be presented during the monthly OMB meeting prior to their release to production | |||
#*emergency releases should be presented at the first available OMB meeting, post-release. | |||
=== Build Release<br> === | |||
#Due to the open-source nature of the developed software, each Component should have/use a '''publicly available code repository,''' like SVN, CVS, GIT | |||
#*preferred Software Versioning Control system - GITHUB (https://github.com/) | |||
#All new releases should correspond to a new '''tag''' in the SVC | |||
#*the Component should be packaged in an OS native format (e.g. rpm, deb) | |||
#**packaging standards and policies should be followed (ex: [http://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard FHS], [https://fedoraproject.org/wiki/EPEL/GuidelinesAndPolicies EPEL-GuidelinesAndPolicies], [https://www.debian.org/doc/debian-policy/ Debian Policies]) | |||
#Distribution | |||
#**new releases should be distributed as binaries through the UMD repository | |||
=== Test Release === | |||
<br> | #Testing of the software, prior to its release, is a '''responsibility of the Provider.''' | ||
#Where dedicated '''AG''' exists it can be involved in the testing activity. | |||
#'''Major or particularly important releases''' should pass acceptance testing performed by customer representatives | |||
#When the development phase of a new release is completed an announced it should be shared in the URT and to all the actors that should be involved in the release testing (AGs). The announcement should contain: | |||
#*release notes, containing changelog, installation & configuration steps to apply the update, any known issues | |||
#*documentation links | |||
#*detailed test plan<br> | |||
#*all the information needed by the [https://wiki.egi.eu/wiki/EGI_Quality_Criteria_Dissemination conformance criteria] set by the SA2 activity for the software providers. | |||
#*the expected release date and the kind of testing will depend on each specific release and on its importance. | |||
#'''If a test fails''' a report will be produced and the release sent back to development to restart the cycle. Tests will include a documentation review and a documentation update if needed. The test phase can be performed internally to the development team if no other components or services are affected. | |||
=== | === Document === | ||
The Provider | #'''The Provider is responsible for creation and maintenance of documentations''', instructions and manuals related to the Component in collaboration with EGI Operations team. | ||
#Before each release documentation should be checked and updated when/where needed.<br> | |||
=== Inform === | |||
#'''Information about next release '''should be communicated | |||
#*'''during OMB meeting''' (at least one week before release). | |||
#**One slide information should be sent to urt-discuss@egi.eu | |||
=== Deploy Release === | |||
# | #For '''changes of high impact and high risk''', the steps required to reverse an unsuccessful change or remedy any negative effects shall be defined. | ||
== | === Review Release === | ||
#'''Each release should be monitored for success or failure''' and the results shall be analysed internally. <br> | |||
== Incident and Problem management == | |||
'''Goal: To restore normal/agreed service operations within the agreed time after the occurrence of an incident, and to investigate the root causes of (recurring) incidents in order to avoid future recurrence of incidents by resolving the underlying problem, or to ensure workarounds are available. ''' | |||
=== Incident and requests management === | |||
Support should be provided: | |||
*via the GGUS portal, which is the single point of contact for infrastructure users to access the EGI Service Desk. | |||
*(for incidents) According to declared level of [[FAQ GGUS-QoS-Levels|quality of support ]](default: Medium) | |||
*Support is provided in '''English'''<br> | |||
*'''Support is available''' | |||
**from Monday to Friday | |||
**8 h per day<br> | |||
*All incidents and requests should be'''(assign to proper Support Unit) and [[FAQ GGUS-Ticket-Priority|prioritized]]''' according to suitable scheme.<br> | |||
=== Problems management === | |||
#In case of '''recurring incidents '''which cannot be solved by the Provider a GGUS ticket should be created to "Operations" Support Unit. EGI Operations team will coordinate investigation of the root causes of (recurring) incidents in order to avoid future recurrence of incidents. | |||
#*Any existing GGUS tickets which may help investigation should be marked as a child to the created ticket. | |||
=== Planned maintenance windows or interruptions === | |||
'''Planned maintenance''' should be | |||
*declared in GOC DB in a timely manner i.e. '''24 hours before''' | |||
*with typical duration up to 24 hours otherwise needs to be justified | |||
'''Unscheduled interruptions '''should be managed according to [[MAN04 Tool Intervention Management|MAN04]] TBD_NOT_CLEAR | |||
=== Security incidents === | |||
All security incidents should be registered according to [[EGI CSIRT:Incident reporting|EGI_CSIRT:Incident_reporting]] | |||
== | === Monitoring === | ||
Provider is '''responsible''' for development, maintenance and support of the Component '''monitoring probes.''' | |||
Availability and reliability threshold should be defined with EGI Operations team depending on criticality of the service. | |||
== Information Security management == | |||
'''Goal: to manage information security effectively through all activities performed to deliver and manage services, so that confidentiality, integrity and accessibility of relevant assets are preserved<br>''' | |||
The following rules for information security and data protection apply:<br>• The Provider must define and abide by an information security and data protection policy related to the service being provided. <br>• This must meet all requirements of any relevant [http://www.egi.eu/about/policy/policies_procedures.html EGI policies or procedures] and also must be compliant with the relevant national legislation.<br><br> | |||
== Customer relationship management'''<br>''' == | |||
'''Goal:''' '''Establish and maintain a good relationship with customers receiving service''' | |||
The Provider interacts with EGI.eu, primarily with [[OMB|OMB]], the main customer of the operational tools. | |||
'''Interactions between EGI.eu TPs''' are guaranteed through periodic phone conferences and face to face meetings (URT). A dedicated mailing list is available as well: urt-discuss@egi.eu <br> | |||
'''Interactions with customers '''are guaranteed through periodic OMB meetings and (if needed) dedicated Advisory Groups. The AG mandate is to help the Provider in requirement prioritization and releasing process of the Component. AG can provide forums to discuss the Component evolution that meets the expressed needs of the EGI community. It has representation from the all end users groups depending on the Component.<br> | |||
<br> | <br> | ||
| Line 182: | Line 208: | ||
<br> | <br> | ||
<br> | |||
<br> | |||
Revision as of 14:12, 20 March 2015
| Main | EGI.eu operations services | Support | Documentation | Tools | Activities | Performance | Technology | Catch-all Services | Resource Allocation | Security |
| Tools menu: | • Main page | • Instructions for developers | • AAI Proxy | • Accounting Portal | • Accounting Repository | • AppDB | • ARGO | • GGUS | • GOCDB |
| • Message brokers | • Licenses | • OTAGs | • Operations Portal | • Perun | • EGI Collaboration tools | • LToS | • EGI Workload Manager |
Initial activities
Goal: Introducing new Component.
Every new Component will be introduced concacting TBD_WHO providing following data:
- Name of the Component
- Contacts (support email address, web site address)
- Name and contact details of the person Responsible for the Component
- Description of the Component/Purpose
- License
With the help of the EGI URT team, the following steps need to be performed:
- Registration in GOC DB under EGI.eu NGI
- Create category in "Requirements" queue in EGI RT tracker and RT dashboard to receive and handle service requests
- Create GGUS Support Unit to receive and handle incidents (define level of quality of support - default: Medium)
- Negotiate and sign Technical Provider Underpinning Agreement (TP UA) https://documents.egi.eu/document/2282 with EGI.eu
- Create wiki entry for the tool with relevant information
- Component name
- Category, Short description of the Component
- URL
- Contact TBD_needed a EGI.eu contact for each Component and a Provider contact for EGI.eu
- GGUS Support Unit
- GOC DB entry
- link to related TP UA
- link to documentation
- license
- provider name
- link to source code
- Change management:
- link to EGI RT dashboard for the tool
- (if applicable) internal bug/task tracking facilities
- (if applicable) link to OTAG team
- Release and Deployment management:
- Release schedule
- Release notes
- (if applicable) Roadmap
- URL of test instance
Ongoing activities
Change management
Goal: To ensure changes are planned, approved, implemented and reviewed in a controlled manner to avoid adverse impact of changes to services or the customers receiving services.
Record
- EGI recording system is EGI RT
- EGI user are instructed to submit changes requests in EGI RT.
- If the Component has other customers than EGI, the Provider will inform EGI about submitted change requests from other customers.
- Minimum set of statuses of entry
- New - newly recorded in system
- Accepted - accepted by AG/OMB
- Rejected - rejected by AG/OMB
- In progress/Open - TP is working on the request
- Resolved - released
- Stalled - on hold
Classify
- All change requests should be classified in consistent manner. Classification in EGI RT is based on the Component the request is related to.
- TP should define list of standard change requests (a Change that is recurrent, well known, has been proceduralized to follow a pre-defined, relatively risk-free path, and is the accepted response to a specific requirement or set of circumstances, where authority is effectively given in advance of implementation.). Standard change request doesn't need approval to be implemented.
- Emergency change for the Component are the highest priority change related to security vulnerability and can be implemented without approval but will be subject of post-review.
Assess and Approve
- Each change request should be commented by the TP with assessment of work needed to implement change.
- Every change which is not a standard change or emergency change should be assessed (prioritized)and approved internally, in the URT and with OMB.
- Where needed dedicated Advisory Group can be set up. The AG mandate is to help the TP in requirement prioritization and releasing process of the Component. AG provide forums to discuss the tools evolution that meet the expressed needs of the EGI community. It has representation from the all end users groups depending on the tool.
- Minimum set of value for prioritization:
- None (in RT - 0)
- Low (in RT - 1)
- Normal (in RT - 2)
- High (in RT - 3)
- Immediate/emergency (in RT - 4)
Implement, release and deploy
Phase which take place in Release and Deployment process (see below).
Review
- Every release is subject to post-implementation review. Within one week customers are providing feedback answering to following questions:
- Were release notes and documentation sufficient?
- Is the tool working as expected?
Release and deployment management
Goal: To bundle changes to release, so that these changes can be tested and deployed to the production environment together.
Plan Release
- Release schedules should be defined - the frequency of releases (eg. every 1-2 month).
- Scope of every release should be defined.
- Release should be planned in a away that OMB can be informed in at least one week time in advance.
- all planned releases should be presented during the monthly OMB meeting prior to their release to production
- emergency releases should be presented at the first available OMB meeting, post-release.
Build Release
- Due to the open-source nature of the developed software, each Component should have/use a publicly available code repository, like SVN, CVS, GIT
- preferred Software Versioning Control system - GITHUB (https://github.com/)
- All new releases should correspond to a new tag in the SVC
- the Component should be packaged in an OS native format (e.g. rpm, deb)
- packaging standards and policies should be followed (ex: FHS, EPEL-GuidelinesAndPolicies, Debian Policies)
- the Component should be packaged in an OS native format (e.g. rpm, deb)
- Distribution
- new releases should be distributed as binaries through the UMD repository
Test Release
- Testing of the software, prior to its release, is a responsibility of the Provider.
- Where dedicated AG exists it can be involved in the testing activity.
- Major or particularly important releases should pass acceptance testing performed by customer representatives
- When the development phase of a new release is completed an announced it should be shared in the URT and to all the actors that should be involved in the release testing (AGs). The announcement should contain:
- release notes, containing changelog, installation & configuration steps to apply the update, any known issues
- documentation links
- detailed test plan
- all the information needed by the conformance criteria set by the SA2 activity for the software providers.
- the expected release date and the kind of testing will depend on each specific release and on its importance.
- If a test fails a report will be produced and the release sent back to development to restart the cycle. Tests will include a documentation review and a documentation update if needed. The test phase can be performed internally to the development team if no other components or services are affected.
Document
- The Provider is responsible for creation and maintenance of documentations, instructions and manuals related to the Component in collaboration with EGI Operations team.
- Before each release documentation should be checked and updated when/where needed.
Inform
- Information about next release should be communicated
- during OMB meeting (at least one week before release).
- One slide information should be sent to urt-discuss@egi.eu
- during OMB meeting (at least one week before release).
Deploy Release
- For changes of high impact and high risk, the steps required to reverse an unsuccessful change or remedy any negative effects shall be defined.
Review Release
- Each release should be monitored for success or failure and the results shall be analysed internally.
Incident and Problem management
Goal: To restore normal/agreed service operations within the agreed time after the occurrence of an incident, and to investigate the root causes of (recurring) incidents in order to avoid future recurrence of incidents by resolving the underlying problem, or to ensure workarounds are available.
Incident and requests management
Support should be provided:
- via the GGUS portal, which is the single point of contact for infrastructure users to access the EGI Service Desk.
- (for incidents) According to declared level of quality of support (default: Medium)
- Support is provided in English
- Support is available
- from Monday to Friday
- 8 h per day
- All incidents and requests should be(assign to proper Support Unit) and prioritized according to suitable scheme.
Problems management
- In case of recurring incidents which cannot be solved by the Provider a GGUS ticket should be created to "Operations" Support Unit. EGI Operations team will coordinate investigation of the root causes of (recurring) incidents in order to avoid future recurrence of incidents.
- Any existing GGUS tickets which may help investigation should be marked as a child to the created ticket.
Planned maintenance windows or interruptions
Planned maintenance should be
- declared in GOC DB in a timely manner i.e. 24 hours before
- with typical duration up to 24 hours otherwise needs to be justified
Unscheduled interruptions should be managed according to MAN04 TBD_NOT_CLEAR
Security incidents
All security incidents should be registered according to EGI_CSIRT:Incident_reporting
Monitoring
Provider is responsible for development, maintenance and support of the Component monitoring probes.
Availability and reliability threshold should be defined with EGI Operations team depending on criticality of the service.
Information Security management
Goal: to manage information security effectively through all activities performed to deliver and manage services, so that confidentiality, integrity and accessibility of relevant assets are preserved
The following rules for information security and data protection apply:
• The Provider must define and abide by an information security and data protection policy related to the service being provided.
• This must meet all requirements of any relevant EGI policies or procedures and also must be compliant with the relevant national legislation.
Customer relationship management
Goal: Establish and maintain a good relationship with customers receiving service
The Provider interacts with EGI.eu, primarily with OMB, the main customer of the operational tools.
Interactions between EGI.eu TPs are guaranteed through periodic phone conferences and face to face meetings (URT). A dedicated mailing list is available as well: urt-discuss@egi.eu
Interactions with customers are guaranteed through periodic OMB meetings and (if needed) dedicated Advisory Groups. The AG mandate is to help the Provider in requirement prioritization and releasing process of the Component. AG can provide forums to discuss the Component evolution that meets the expressed needs of the EGI community. It has representation from the all end users groups depending on the Component.