Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "Instructions for centrally-provided services Service Providers"

From EGIWiki
Jump to navigation Jump to search
(Deprecate the page)
(Deprecate the page)
 
(No difference)

Latest revision as of 14:20, 18 September 2019

Alert.png This article is Deprecated and should no longer be used, but is still available for reasons of reference.



Main EGI.eu operations services Support Documentation Tools Activities Performance Technology Catch-all Services Resource Allocation Security


Tools menu: Main page Instructions for developers AAI Proxy Accounting Portal Accounting Repository AppDB ARGO GGUS GOCDB
Message brokers Licenses OTAGs Operations Portal Perun EGI Collaboration tools LToS EGI Workload Manager



Initial activities

Goal: Introducing a new centrally-provided service. Every new centrally-provided service developed to support EGI operations needs to contact EGI Operations (operations@egi.eu) and provide the following data:

  1. Name of the service
  2. Support email
  3. Name and contact details of the Service Provider Team leader
  4. Description of the service - purpose
  5. License

The following steps needs to be performed with the help of the EGI Operations team:

  1. Creating a sub domain in egi.eu zone
  2. Registering the endpoints in GOCDB under EGI.eu NGI
  3. Creating a category in "Requirements" queue in EG RT tracker and RT dashboard to receive and handle service requests
  4. Creating a GGUS Support Unit to receive and handle incidents (define level of quality of support - default: Medium)
  5. Negotiating and signing an OLA with EGI Foundation
  6. Acknowledging EGI
  7. Creating a wiki entry for the service with the relevant information
    • Service name
    • Category, Short description of the service
    • URL
    • Contact
    • GGUS Support Unit
    • GOCDB entry
    • link to related OLA
    • link to documentation
    • license
    • provider name
    • link to source code
    • Change management:
      • link to EGI RT dashboard for the service
      • (if applicable) internal bug/task tracking facilities
      • (if applicable) link to Operations Tool Advisory Group (OTAG) team
    • Release and Deployment management:
      • Release schedule
      • Release notes
      • (if applicable) Roadmap
      • URL of test instance
  8. Subscribe to Tool-admins mailing list
  9. Get from EGI access to notification@egi.eu email

Ongoing activities

Change management

Goal: To ensure changes are planned, approved, implemented and reviewed in a controlled manner to avoid adverse impact of changes to services or the customers receiving services.

CM.png

Record

  1. EGI recording system is EGI RT.
  2. EGI user is instructed to submit changes requests in EGI RT.
  3. Team can use an internal tracker but keeping consistence between EGI RT and internal tracker is under the responsibility of the development team.
  4. If the service has other customers than EGI, the development team is responsible to inform EGI about submitted change request from the other customer.
  5. Minimum set of statuses of entry
    • New - newly recorded in system
    • Accepted - accepted by OTAG/OMB
    • Rejected - rejected by OTAG/OMB
    • In progress/Open - Development team is working on the request
    • Resolved - released, closing the ticket being under the responsibility of the development team
    • Stalled - on hold

Classify

  1. All change requests should be classified in a consistent manner. Classification in EGI RT is based on the Service the request is related to.
  2. Service providers should define list of standard change requests (a Change that is recurrent, well known, has been documented in a procedure following a pre-defined, relatively risk-free path, and is the accepted response to a specific requirement or set of circumstances, where authority is effectively given in advance of implementation.). Standard change request doesn't need approval to be implemented.
  3. Emergency change for Operational tools are the highest priority change related to security vulnerability and can be implemented without approval but will be subject of a post-review.

Assess and Approve

  1. Each change request should be commented by the development team with an assessment of the work needed to implement the change.
  2. Every change which is not a standard change or an emergency change should be assessed (prioritised)and approved both internally, among the Product Teams (PTs) and with the OMB.
  3. Where needed a dedicated Operations Tool Advisory Group (OTAG) can be set up. The OTAG mandate is to help developers in requirement prioritisation and releasing process of operational services. OTAG provide forums to discuss the service evolution to meet the expressed needs of the EGI community. It has representations from all the end users groups depending on the service.
  4. Minimum set of value for prioritisation:
    • None (in RT - 0)
    • Low (in RT - 1)
    • Normal (in RT - 2)
    • High (in RT - 3)
    • Immediate/emergency (in RT - 4)

Implement, release and deploy

Phase which takes place in Release and Deployment process (see below).

Review

  1. Every release is a subject of a post-implementation review. Within one week customers are providing feedback answering to following questions:
    • Were release notes and documentation sufficient?
    • Is the service working as expected?

Release and deployment management

Goal: To bundle changes into a release, so that these changes can be tested and deployed to the production environment together.

RnDM.png

Plan Release

  1. Release schedules should be defined, including the frequency of releases (eg. every 1-2 month).
  2. Scope of every release should be defined.
  3. Release should be planned in a way that OMB can be informed in at least one week time in advance.
    • all planned releases should be presented during the monthly OMB meeting prior to their release to production.
    • emergency releases should be presented at the first available OMB meeting, post-release.

Build Release

  1. Due to the open-source nature of the developed software, each service should have and use publicly available code repositories, using a Version Control System (VCS) like Git, Subversion or CVS
    • The preferred Version Control System is Git using GitHub to ease collaborations
  2. All new releases should correspond to a new tag in the VCS
    • If intended to be part of the UMD distribution, all tools should be packaged in an OS native format (rpm for RH family, debs Debian)
  3. Distribution
    • source code archived as a tarball or as binaries through EGI AppDB or attached to GitHub repositories
      • if intended to be part of UMD - new releases should be distributed as binaries through the UMD repository

Test Release

  1. Testing of the software, prior to its release, is a responsibility of the development team.
  2. Where a dedicated OTAG exists it can be involved in the testing activity.
  3. Major or particularly important releases should pass acceptance tests performed by customer representatives
  4. When the development phase of a new release is completed an announce should be sent to all the Service Providers teamss and to all the actors that should be involved in the release testing (OTAGs). The announcement should contain:
    • release notes, changelog, installation and configuration steps to apply the update, as well as known issues
    • documentation links
    • detailed test plan
    • all the information needed by the conformance criteria.
    • the expected release date and the kind of testing will depend on each specific release and on its importance.
  5. If a test fails a report will be produced and the release sent back to development to restart the cycle. Tests will include a documentation review and a documentation update if needed. The test phase can be performed internally in the development team if no other tools or services are affected.

Document

  1. The development team is responsible for creation and maintenance of the documentation, instructions and manuals related to the service in collaboration with the EGI Operations team.
  2. Before each release documentation should be checked and updated where needed.

Inform

  1. Information about next release should be communicated
    • during OMB meeting (at least one week before release).
      • One slide information should be send to operations@egi.eu
    • through Monthly Operational broadcast
      • Content of the broadcast should be sent to operations-support@mailman.egi.eu

Deploy Release

  1. For changes of high impact and high risk, the steps required to reverse an unsuccessful change or remedy any negative effects shall be defined.

Review Release

  1. Each release should be monitored for success or failure and the results shall be analysed internally.

Incident and Problem management

Goal: To restore agreed service level within the agreed time after the occurrence of an incident, and to investigate the root causes of (recurring) incidents in order to avoid future recurrence of incidents by resolving the underlying problem, or to ensure workarounds are available.

Incident and requests management

Support should be provided:

  • via the [GGUS https://ggus.eu] HelpDesk, which is the single point of contact for infrastructure users to access the EGI Service Desk.
  • (for incidents) According to declared level of quality of support (default: Medium)
  • Support is provided in English
  • Support is available
    • from Monday to Friday
    • 8 h per day
  • All incidents and requests should be (assigned to proper Support Unit) and prioritised according to the suitable scheme.

Problems management

  1. In case of recurring incidents which cannot be solved by the development team a GGUS ticket should be created to "Operations" Support Unit. EGI Operations team will coordinate the investigation of the root cause of (recurring) incidents in order to avoid future recurrence of incidents.
    • Any existing GGUS tickets which may help investigation should be marked as a child of the created ticket.

Planned maintenance windows or interruptions

Planned maintenance should be:

  • declared in GOCDB in a timely manner i.e. 24 hours before
  • with a typical duration up to 24 hours otherwise it should be justified

Unscheduled interruptions should be managed according to MAN04.

Security incidents

All security incidents should be registered according to EGI_CSIRT:Incident_reporting.

Monitoring

The development team is responsible for development, maintenance and support of the service monitoring probes.

Availability and reliability threshold should be defined with EGI Operations team depending on the criticality of the service.

Information Security management

Goal: to manage information security effectively through all activities performed to deliver and manage services, so that confidentiality, integrity and accessibility of relevant assets are preserved

The following rules for information security and data protection apply:

  • The Provider must define and abide by an information security and data protection policy related to the service being provided;
  • This must meet all requirements of any relevant EGI policies or procedures and also must be compliant with the relevant national legislation.

Customer relationship management'

Goal: Establish and maintain a good relationship with customers receiving service

Development team need to interact with each other inside EGI activities, primarily with OMB, the main customer of the operational tools.

Interactions between Development teams are guaranteed through periodic phone conferences and face to face meetings. A dedicated mailing list is available as well.

Interactions with customers are guaranteed through periodic OMB meetings and (where needed) dedicated Operations Tool Advisory Group. The OTAG mandate is to help developers in requirement prioritisation and releasing process of operational tools. OTAG provide forums to discuss the tools evolution that meet the expressed needs of the EGI community. It has representation from the all end users groups depending on the tool.