Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

Difference between revisions of "Instructions for centrally-provided services Service Providers"

From EGIWiki
Jump to navigation Jump to search
(Deprecate the page)
 
(12 intermediate revisions by 2 users not shown)
Line 1: Line 1:
{{Template:Deprecated}}
{{Template:Op menubar}} {{Template:Tools menubar}}  
{{Template:Op menubar}} {{Template:Tools menubar}}  


{{TOC_right}}
{{TOC_right}}


= Initial activities  =
= Initial activities  =


'''Goal: Introducing new Operations tool.''' <br>Every new operations tool developed needs to contact EGI Operations (operations@egi.eu) and provide following data:  
'''Goal: Introducing a new centrally-provided service.'''
Every new centrally-provided service developed to support EGI operations needs to contact EGI Operations (operations@egi.eu) and provide the following data:  


#Name of the tool
# Name of the service
#Support email  
# Support email  
#Name and contact details of Tool Team leader  
# Name and contact details of the Service Provider Team leader  
#Description of the tool - purpose  
# Description of the service - purpose  
#License<br>
# License


With EGI Operations team help following steps needs to be performed  
The following steps needs to be performed with the help of the EGI Operations team:


#[[EGI Collaboration tools#EGI.eu_domain|Creation of url in egi.eu domain]]  
# [[EGI Collaboration tools#EGI.eu_domain|Creating a sub domain in egi.eu zone]]  
#Registration in GOC&nbsp;DB under EGI.eu NGI  
# Registering the endpoints in GOCDB under EGI.eu NGI  
#Create category in "Requirements" queue in EGI&nbsp;RT tracker and RT dashboard to receive and handle service requests&nbsp;
# Creating a category in "Requirements" queue in EG RT tracker and RT dashboard to receive and handle service requests  
#Create GGUS Support Unit to receive and handle incidents (define level of quality of support - default: Medium)  
# Creating a GGUS Support Unit to receive and handle incidents (define level of quality of support - default: Medium)  
#Negotiate and sign OLA with EGI.eu<br>
# Negotiating and signing an OLA with EGI Foundation
#Create wiki entry for the tool with relevant information  
# [[Copyright#For_websites_.28EGI.2C_EGI-Engage.29|Acknowledging EGI]]
#*Tool name  
# Creating a wiki entry for the service with the relevant information  
#*Category, Short description of the tool
#* Service name  
#*URL  
#* Category, Short description of the service
#*Contact  
#* URL  
#*GGUS Support Unit  
#* Contact  
#*GOC&nbsp;DB entry
#* GGUS Support Unit  
#*link to related OLA  
#* GOCDB entry  
#*link to documentation
#* link to related OLA  
#*license
#* link to documentation  
#*provider name
#* license  
#*link to source code
#* provider name  
#*Change management:&nbsp;
#* link to source code  
#**link to EGI&nbsp;RT dashboard for the tool
#* Change management:
#**(if applicable) internal bug/task tracking facilities  
#** link to EGI RT dashboard for the service
#**(if applicable) link to OTAG team<br>
#** (if applicable) internal bug/task tracking facilities  
#*Release and Deployment management:&nbsp;
#** (if applicable) link to [[OTAG|Operations Tool Advisory Group]] (OTAG) team
#**Release schedule  
#* Release and Deployment management:
#**Release notes  
#** Release schedule  
#**(if applicable) Roadmap  
#** Release notes  
#**URL of test instance
#** (if applicable) Roadmap  
#** URL of test instance  
# Subscribe to Tool-admins mailing list
# Get from EGI access to notification@egi.eu email


<br>
= Ongoing activities  =


= Ongoing activities<br> =
== Change management ==


== Change management <br>  ==
'''Goal: To ensure changes are planned, approved, implemented and reviewed in a controlled manner to avoid adverse impact of changes to services or the customers receiving services. '''  
 
'''Goal:&nbsp;To ensure changes are planned, approved, implemented and reviewed in a controlled manner to avoid adverse impact of changes to services or the customers receiving services. '''  


[[Image:CM.png|600px|CM.png]]  
[[Image:CM.png|600px|CM.png]]  
Line 54: Line 58:
=== Record  ===
=== Record  ===


#'''EGI recording system''' is [http://rt.egi.eu EGI RT]&nbsp;
# '''EGI recording system''' is [http://rt.egi.eu EGI RT].
#'''EGI&nbsp;user''' are instructed to submit changes requests in EGI&nbsp;RT.  
# '''EGI user''' is instructed to submit changes requests in EGI RT.  
#Team can use '''internal tracker''' but keeping consistence between EGI RT and internal tracker is responsibility of the development team.  
# Team can use an '''internal tracker''' but keeping consistence between EGI RT and internal tracker is under the responsibility of the development team.  
#If tool has '''other customers than EGI,''' development team is responsible to inform EGI about submitted change request from other customer. &nbsp;
# If the service has '''other customers than EGI,''' the development team is responsible to inform EGI about submitted change request from the other customer.  
#Minimum set of statuses of entry  
# Minimum set of statuses of entry  
#*New - newly recorded in system  
#* New - newly recorded in system  
#*Accepted - accepted by OTAG/OMB
#* Accepted - accepted by OTAG/OMB  
#*Rejected - rejected by OTAG/OMB  
#* Rejected - rejected by OTAG/OMB  
#*In progress/Open - Development team is working on the request<br>
#* In progress/Open - Development team is working on the request
#*Resolved - released
#* Resolved - released, closing the ticket being under the responsibility of the development team
#*Stalled - on hold
#* Stalled - on hold
 
=== Classify<br> ===
=== Classify  ===


#All change requests should be '''classified in consistent manner'''. Classification in EGI RT is based on Tool the request is related to. <br>
# All change requests should be '''classified in a consistent manner'''. Classification in EGI RT is based on the Service the request is related to.
#Tool providers should define list of '''standard change '''requests (a Change that is recurrent, well known, has been proceduralized to follow a pre-defined, relatively risk-free path, and is the accepted response to a specific requirement or set of circumstances, where authority is effectively given in advance of implementation.). Standard change request '''doesn't need approval''' to be implemented.  
# Service providers should define list of '''standard change '''requests (a Change that is recurrent, well known, has been documented in a procedure following a pre-defined, relatively risk-free path, and is the accepted response to a specific requirement or set of circumstances, where authority is effectively given in advance of implementation.). Standard change request '''doesn't need approval''' to be implemented.  
#'''Emergency change''' for Operational tools are the highest priority change related to '''security vulnerability '''and can be implemented '''without approval '''but will be '''subject of post-review'''.
# '''Emergency change''' for Operational tools are the highest priority change related to '''security vulnerability '''and can be implemented '''without approval '''but will be '''subject of a post-review'''.


=== Assess and Approve<br> ===
=== Assess and Approve  ===


#Each change request should be commented by development team with assessment of work needed to implement change.  
# Each change request should be commented by the development team with an assessment of the work needed to implement the change.  
#'''Every change''' which is not a standard change or emergency change '''should be assess '''(prioritize)'''and approved '''both internally, among the PTs and with OMB.  
# '''Every change''' which is not a standard change or an emergency change '''should be assessed '''(prioritised)'''and approved '''both internally, among the Product Teams (PTs) and with the OMB.  
#Where needed dedicated [[OTAG|Operations Tool Advisory Group]] can be set up. The OTAG mandate is to help developers in requirement prioritization and releasing process of operational tools. OTAG provide forums to discuss the tools evolution that meet the expressed needs of the EGI community. It has representation from the all end users groups depending on the tool.<br>
# Where needed a dedicated [[OTAG|Operations Tool Advisory Group]] (OTAG) can be set up. The OTAG mandate is to help developers in requirement prioritisation and releasing process of operational services. OTAG provide forums to discuss the service evolution to meet the expressed needs of the EGI community. It has representations from all the end users groups depending on the service.
#Minimum set of value for prioritization:  
# Minimum set of value for prioritisation:  
#*None (in RT - 0)
#* None (in RT - 0)  
#*Low (in RT - 1)  
#* Low (in RT - 1)  
#*Normal (in RT - 2)  
#* Normal (in RT - 2)  
#*High (in RT - 3)  
#* High (in RT - 3)  
#*Immediate/emergency (in RT - 4)
#* Immediate/emergency (in RT - 4)


=== Implement, release and deploy<br> ===
=== Implement, release and deploy  ===


Phase which take place in Release and Deployment process (see below).<br>
Phase which takes place in Release and Deployment process (see below).


=== Review<br> ===
=== Review  ===


#Every release is a subject of '''post-implementation review'''. Within one week customers are providing feedback answering to following questions:  
# Every release is a subject of a '''post-implementation review'''. Within one week customers are providing feedback answering to following questions:  
#*Were release notes and documentation sufficient?  
#* Were release notes and documentation sufficient?  
#*Is the tool working as expected?<br>
#* Is the service working as expected?


== Release and deployment management  ==
== Release and deployment management  ==


'''Goal: To bundle changes to release, so that these changes can be tested and deployed to the production environment together.'''  
'''Goal: To bundle changes into a release, so that these changes can be tested and deployed to the production environment together.'''  


[[Image:RnDM.png|700px|RnDM.png]]  
[[Image:RnDM.png|700px|RnDM.png]]  
Line 102: Line 106:
=== Plan Release  ===
=== Plan Release  ===


#Release schedules should be defined - the frequency of releases (eg. every 1-2 month).<br>
# Release schedules should be defined, including the frequency of releases (eg. every 1-2 month).  
#Scope of every release should be defined.  
# Scope of every release should be defined.  
#Release should be planned in a away that OMB can be informed in at least one week time in advance.  
# Release should be planned in a way that OMB can be informed in at least one week time in advance.  
#*all planned releases should be presented during the monthly OMB meeting prior to their release to production  
#* all planned releases should be presented during the monthly OMB meeting prior to their release to production.
#*emergency releases should be presented at the first available OMB meeting, post-release.
#* emergency releases should be presented at the first available OMB meeting, post-release.


=== Build Release<br> ===
=== Build Release  ===


#Due to the open-source nature of the developed software, each tool should have/use a '''publicly available code repository,''' like SVN, CVS, GIT
# Due to the open-source nature of the developed software, each service should have and use '''publicly available code repositories,''' using a Version Control System (VCS) like Git, Subversion or CVS
#*preferred Software Versioning Control system - GITHUB (https://github.com/)
#* The preferred Version Control System  is Git using [https://github.com/ GitHub] to ease collaborations
#All new releases should correspond to a new '''tag''' in the SVC
# All new releases should correspond to a new '''tag''' in the VCS
#*Ideally, if intended to be part of the UMD distribution, all tools should be packaged in an OS native format (rpm for RH family, debs Debian)  
#* If intended to be part of the UMD distribution, all tools should be packaged in an OS native format (rpm for RH family, debs Debian)  
#**packaging standards and policies should be followed (ex: [http://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard FHS], [https://fedoraproject.org/wiki/EPEL/GuidelinesAndPolicies EPEL-GuidelinesAndPolicies], [https://www.debian.org/doc/debian-policy/ Debian Policies])  
#** packaging standards and policies should be followed (ex: [http://en.wikipedia.org/wiki/Filesystem_Hierarchy_Standard FHS], [https://fedoraproject.org/wiki/EPEL/GuidelinesAndPolicies EPEL-GuidelinesAndPolicies], [https://www.debian.org/doc/debian-policy/ Debian Policies])  
#Distribution  
# Distribution  
#*source code through SVC system of choice (tar.gz) or as binaries through EGI AppDB, GITHUB repositories  
#* source code archived as a tarball or as binaries through EGI AppDB or attached to GitHub repositories  
#**if intended to be part of UMD - new releases should be distributed as binaries through the UMD repository
#** if intended to be part of UMD - new releases should be distributed as binaries through the UMD repository


=== Test Release  ===
=== Test Release  ===


#Testing of the software, prior to its release, is a '''responsibility of the development teams.'''  
# Testing of the software, prior to its release, is a '''responsibility of the development team.'''  
#Where dedicated '''OTAG''' exists it can be involved in the testing activity.  
# Where a dedicated '''OTAG''' exists it can be involved in the testing activity.  
#'''Major or particularly important releases''' should pass acceptance testing performed by customer representatives  
# '''Major or particularly important releases''' should pass acceptance tests performed by customer representatives  
#When the development phase of a new release is completed an announce should be send to all the PTs and to all the actors that should be involved in the release testing (OTAGs). The announcement should contain:  
# When the development phase of a new release is completed an announce should be sent to all the Service Providers teamss and to all the actors that should be involved in the release testing (OTAGs). The announcement should contain:  
#*release notes, containing changelog, installation &amp; configuration steps to apply the update, any known issues  
#* release notes, changelog, installation and configuration steps to apply the update, as well as known issues  
#*documentation links  
#* documentation links  
#*detailed test plan<br>
#* detailed test plan
#*all the information needed by the [https://wiki.egi.eu/wiki/EGI_Quality_Criteria_Dissemination conformance criteria] set by the SA2 activity for the software providers.  
#* all the information needed by the [https://wiki.egi.eu/wiki/EGI_Quality_Criteria_Dissemination conformance criteria].  
#*the expected release date and the kind of testing will depend on each specific release and on its importance.  
#* the expected release date and the kind of testing will depend on each specific release and on its importance.  
#'''If a test fails''' a report will be produced and the release sent back to development to restart the cycle. Tests will include a documentation review and a documentation update if needed. The test phase can be performed internally to the development team if no other tools or services are affected.
# '''If a test fails''' a report will be produced and the release sent back to development to restart the cycle. Tests will include a documentation review and a documentation update if needed. The test phase can be performed internally in the development team if no other tools or services are affected.


=== Document  ===
=== Document  ===


#'''Development team is responsible for creation and maintenance of documentations''', instructions and manuals related to the tool in collaboration with EGI Operations team.  
# The '''development team is responsible for creation and maintenance of the documentation''', instructions and manuals related to the service in collaboration with the EGI Operations team.  
#Before each release documentation should be checked and updated when/where needed.<br>
# Before each release documentation should be checked and updated where needed.


=== Inform  ===
=== Inform  ===


#'''Information about next release '''should be communicated  
# '''Information about next release '''should be communicated  
#*'''during OMB&nbsp;meeting''' (at least one week before release).  
#* '''during OMB meeting''' (at least one week before release).  
#**One slide information should be send to operations@egi.eu  
#** One slide information should be send to operations@egi.eu  
#*through '''Monthly Operational broadcast '''  
#* through '''Monthly Operational broadcast '''  
#**Content of the broadcast should be sent to operations-support@mailman.egi.eu
#** Content of the broadcast should be sent to operations-support@mailman.egi.eu


=== Deploy Release  ===
=== Deploy Release  ===


#For '''changes of high impact and high risk''', the steps required to reverse an unsuccessful change or remedy any negative effects shall be defined.
# For '''changes of high impact and high risk''', the steps required to reverse an unsuccessful change or remedy any negative effects shall be defined.


=== Review Release  ===
=== Review Release  ===


#'''Each release should be monitored for success or failure''' and the results shall be analysed internally. <br>
# '''Each release should be monitored for success or failure''' and the results shall be analysed internally.


== Incident and Problem management  ==
== Incident and Problem management  ==


'''Goal: To restore normal/agreed service operations within the agreed time after the occurrence of an incident, and to investigate the root causes of (recurring) incidents in order to avoid future recurrence of incidents by resolving the underlying problem, or to ensure workarounds are available. '''  
'''Goal: To restore agreed service level within the agreed time after the occurrence of an incident, and to investigate the root causes of (recurring) incidents in order to avoid future recurrence of incidents by resolving the underlying problem, or to ensure workarounds are available. '''  


=== Incident and requests management  ===
=== Incident and requests management  ===
Line 161: Line 165:
Support should be provided:  
Support should be provided:  


*via the GGUS portal, which is the single point of contact for infrastructure users to access the EGI Service Desk.  
* via the [GGUS https://ggus.eu] HelpDesk, which is the single point of contact for infrastructure users to access the EGI Service Desk.  
*(for incidents) According to declared level of [[FAQ GGUS-QoS-Levels|quality of support ]](default:&nbsp;Medium)&nbsp;
* (for incidents) According to declared level of [[FAQ GGUS-QoS-Levels|quality of support ]](default: Medium)
*Support is provided in '''English'''<br>
*Support is provided in '''English'''
*'''Support is available'''  
* '''Support is available'''  
**from Monday to Friday  
** from Monday to Friday  
**8 h per day<br>
** 8 h per day
*All incidents and requests should be'''(assign to proper Support Unit) and [[FAQ GGUS-Ticket-Priority|prioritized]]''' according to suitable scheme.<br>
* All incidents and requests should be '''(assigned to proper Support Unit) and [[FAQ GGUS-Ticket-Priority|prioritised]]''' according to the suitable scheme.


=== Problems management  ===
=== Problems management  ===


#In case of '''recurring incidents '''which cannot be solved by development team a GGUS ticket should be created to "Operations" &nbsp;Support Unit. EGI Operations team will coordinate investigation of&nbsp; the root causes of (recurring) incidents in order to avoid future recurrence of incidents.&nbsp;
# In case of '''recurring incidents''' which cannot be solved by the development team a GGUS ticket should be created to "Operations" Support Unit. EGI Operations team will coordinate the investigation of the root cause of (recurring) incidents in order to avoid future recurrence of incidents.
#*Any existing GGUS tickets which may help investigation should be marked as a child to the created ticket.
#* Any existing GGUS tickets which may help investigation should be marked as a child of the created ticket.


=== Planned maintenance windows or interruptions  ===
=== Planned maintenance windows or interruptions  ===


'''Planned maintenance''' should be  
'''Planned maintenance''' should be:


*declared in GOC&nbsp;DB in a timely manner i.e. '''24 hours before'''  
* declared in GOCDB in a timely manner i.e. '''24 hours before'''  
*with typical duration up to 24 hours otherwise needs to be justified
* with a typical duration up to 24 hours otherwise it should be justified


'''Unscheduled interruptions '''should be managed according to [[MAN04 Tool Intervention Management|MAN04]]  
'''Unscheduled interruptions '''should be managed according to [[MAN04 Tool Intervention Management|MAN04]].


=== Security incidents  ===
=== Security incidents  ===


All security incidents should be registered according to [[EGI CSIRT:Incident reporting|EGI_CSIRT:Incident_reporting]]  
All security incidents should be registered according to [[EGI CSIRT:Incident reporting|EGI_CSIRT:Incident_reporting]].


=== Monitoring  ===
=== Monitoring  ===


Development team is '''responsible''' for development, maintenance and support of the tool '''monitoring probes.'''  
The development team is '''responsible''' for development, maintenance and support of the service '''monitoring probes.'''  


Availability and reliability threshold should be defined with EGI Operations team depending on criticality of the service.  
Availability and reliability threshold should be defined with EGI Operations team depending on the criticality of the service.  


== Information Security management  ==
== Information Security management  ==


'''Goal: to manage information security effectively through all activities performed to deliver and manage services, so that confidentiality, integrity and accessibility of relevant assets are preserved<br>'''  
'''Goal: to manage information security effectively through all activities performed to deliver and manage services, so that confidentiality, integrity and accessibility of relevant assets are preserved'''  


The following rules for information security and data protection apply:<br>•&nbsp;&nbsp;&nbsp; The Provider must define and abide by an information security and data protection policy related to the service being provided. <br>•&nbsp;&nbsp;&nbsp; This must meet all requirements of any relevant [http://www.egi.eu/about/policy/policies_procedures.html EGI policies or procedures] and also must be compliant with the relevant national legislation.<br><br>
The following rules for information security and data protection apply:
* The Provider must define and abide by an information security and data protection policy related to the service being provided;
* This must meet all requirements of any relevant [http://www.egi.eu/about/policy/policies_procedures.html EGI policies or procedures] and also must be compliant with the relevant national legislation.


== Customer relationship management'''<br>'''  ==
== Customer relationship management'  ==


'''Goal:''' '''Establish and maintain a good relationship with customers receiving service'''  
'''Goal:''' '''Establish and maintain a good relationship with customers receiving service'''  
Line 205: Line 211:
Development team need to interact with each other inside EGI activities, primarily with [[OMB|OMB]], the main customer of the operational tools.  
Development team need to interact with each other inside EGI activities, primarily with [[OMB|OMB]], the main customer of the operational tools.  


'''Interactions between Development teams''' are guaranteed through periodic phone conferences and face to face meetings. A dedicated mailing list is available as well. <br>
'''Interactions between Development teams''' are guaranteed through periodic phone conferences and face to face meetings. A dedicated mailing list is available as well.
 
'''Interactions with customers '''are guaranteed through periodic OMB&nbsp;meetings and (where needed) dedicated [[OTAG|Operations Tool Advisory Group]]. The OTAG mandate is to help developers in requirement prioritization and releasing process of operational tools. OTAG provide forums to discuss the tools evolution that meet the expressed needs of the EGI community. It has representation from the all end users groups depending on the tool.<br>
 
<br>
 
<br>


<br>
'''Interactions with customers '''are guaranteed through periodic OMB meetings and (where needed) dedicated [[OTAG|Operations Tool Advisory Group]]. The OTAG mandate is to help developers in requirement prioritisation and releasing process of operational tools. OTAG provide forums to discuss the tools evolution that meet the expressed needs of the EGI community. It has representation from the all end users groups depending on the tool.


[[Category:Tools]]
[[Category:Tools]]

Latest revision as of 14:20, 18 September 2019

Alert.png This article is Deprecated and should no longer be used, but is still available for reasons of reference.



Main EGI.eu operations services Support Documentation Tools Activities Performance Technology Catch-all Services Resource Allocation Security


Tools menu: Main page Instructions for developers AAI Proxy Accounting Portal Accounting Repository AppDB ARGO GGUS GOCDB
Message brokers Licenses OTAGs Operations Portal Perun EGI Collaboration tools LToS EGI Workload Manager



Initial activities

Goal: Introducing a new centrally-provided service. Every new centrally-provided service developed to support EGI operations needs to contact EGI Operations (operations@egi.eu) and provide the following data:

  1. Name of the service
  2. Support email
  3. Name and contact details of the Service Provider Team leader
  4. Description of the service - purpose
  5. License

The following steps needs to be performed with the help of the EGI Operations team:

  1. Creating a sub domain in egi.eu zone
  2. Registering the endpoints in GOCDB under EGI.eu NGI
  3. Creating a category in "Requirements" queue in EG RT tracker and RT dashboard to receive and handle service requests
  4. Creating a GGUS Support Unit to receive and handle incidents (define level of quality of support - default: Medium)
  5. Negotiating and signing an OLA with EGI Foundation
  6. Acknowledging EGI
  7. Creating a wiki entry for the service with the relevant information
    • Service name
    • Category, Short description of the service
    • URL
    • Contact
    • GGUS Support Unit
    • GOCDB entry
    • link to related OLA
    • link to documentation
    • license
    • provider name
    • link to source code
    • Change management:
      • link to EGI RT dashboard for the service
      • (if applicable) internal bug/task tracking facilities
      • (if applicable) link to Operations Tool Advisory Group (OTAG) team
    • Release and Deployment management:
      • Release schedule
      • Release notes
      • (if applicable) Roadmap
      • URL of test instance
  8. Subscribe to Tool-admins mailing list
  9. Get from EGI access to notification@egi.eu email

Ongoing activities

Change management

Goal: To ensure changes are planned, approved, implemented and reviewed in a controlled manner to avoid adverse impact of changes to services or the customers receiving services.

CM.png

Record

  1. EGI recording system is EGI RT.
  2. EGI user is instructed to submit changes requests in EGI RT.
  3. Team can use an internal tracker but keeping consistence between EGI RT and internal tracker is under the responsibility of the development team.
  4. If the service has other customers than EGI, the development team is responsible to inform EGI about submitted change request from the other customer.
  5. Minimum set of statuses of entry
    • New - newly recorded in system
    • Accepted - accepted by OTAG/OMB
    • Rejected - rejected by OTAG/OMB
    • In progress/Open - Development team is working on the request
    • Resolved - released, closing the ticket being under the responsibility of the development team
    • Stalled - on hold

Classify

  1. All change requests should be classified in a consistent manner. Classification in EGI RT is based on the Service the request is related to.
  2. Service providers should define list of standard change requests (a Change that is recurrent, well known, has been documented in a procedure following a pre-defined, relatively risk-free path, and is the accepted response to a specific requirement or set of circumstances, where authority is effectively given in advance of implementation.). Standard change request doesn't need approval to be implemented.
  3. Emergency change for Operational tools are the highest priority change related to security vulnerability and can be implemented without approval but will be subject of a post-review.

Assess and Approve

  1. Each change request should be commented by the development team with an assessment of the work needed to implement the change.
  2. Every change which is not a standard change or an emergency change should be assessed (prioritised)and approved both internally, among the Product Teams (PTs) and with the OMB.
  3. Where needed a dedicated Operations Tool Advisory Group (OTAG) can be set up. The OTAG mandate is to help developers in requirement prioritisation and releasing process of operational services. OTAG provide forums to discuss the service evolution to meet the expressed needs of the EGI community. It has representations from all the end users groups depending on the service.
  4. Minimum set of value for prioritisation:
    • None (in RT - 0)
    • Low (in RT - 1)
    • Normal (in RT - 2)
    • High (in RT - 3)
    • Immediate/emergency (in RT - 4)

Implement, release and deploy

Phase which takes place in Release and Deployment process (see below).

Review

  1. Every release is a subject of a post-implementation review. Within one week customers are providing feedback answering to following questions:
    • Were release notes and documentation sufficient?
    • Is the service working as expected?

Release and deployment management

Goal: To bundle changes into a release, so that these changes can be tested and deployed to the production environment together.

RnDM.png

Plan Release

  1. Release schedules should be defined, including the frequency of releases (eg. every 1-2 month).
  2. Scope of every release should be defined.
  3. Release should be planned in a way that OMB can be informed in at least one week time in advance.
    • all planned releases should be presented during the monthly OMB meeting prior to their release to production.
    • emergency releases should be presented at the first available OMB meeting, post-release.

Build Release

  1. Due to the open-source nature of the developed software, each service should have and use publicly available code repositories, using a Version Control System (VCS) like Git, Subversion or CVS
    • The preferred Version Control System is Git using GitHub to ease collaborations
  2. All new releases should correspond to a new tag in the VCS
    • If intended to be part of the UMD distribution, all tools should be packaged in an OS native format (rpm for RH family, debs Debian)
  3. Distribution
    • source code archived as a tarball or as binaries through EGI AppDB or attached to GitHub repositories
      • if intended to be part of UMD - new releases should be distributed as binaries through the UMD repository

Test Release

  1. Testing of the software, prior to its release, is a responsibility of the development team.
  2. Where a dedicated OTAG exists it can be involved in the testing activity.
  3. Major or particularly important releases should pass acceptance tests performed by customer representatives
  4. When the development phase of a new release is completed an announce should be sent to all the Service Providers teamss and to all the actors that should be involved in the release testing (OTAGs). The announcement should contain:
    • release notes, changelog, installation and configuration steps to apply the update, as well as known issues
    • documentation links
    • detailed test plan
    • all the information needed by the conformance criteria.
    • the expected release date and the kind of testing will depend on each specific release and on its importance.
  5. If a test fails a report will be produced and the release sent back to development to restart the cycle. Tests will include a documentation review and a documentation update if needed. The test phase can be performed internally in the development team if no other tools or services are affected.

Document

  1. The development team is responsible for creation and maintenance of the documentation, instructions and manuals related to the service in collaboration with the EGI Operations team.
  2. Before each release documentation should be checked and updated where needed.

Inform

  1. Information about next release should be communicated
    • during OMB meeting (at least one week before release).
      • One slide information should be send to operations@egi.eu
    • through Monthly Operational broadcast
      • Content of the broadcast should be sent to operations-support@mailman.egi.eu

Deploy Release

  1. For changes of high impact and high risk, the steps required to reverse an unsuccessful change or remedy any negative effects shall be defined.

Review Release

  1. Each release should be monitored for success or failure and the results shall be analysed internally.

Incident and Problem management

Goal: To restore agreed service level within the agreed time after the occurrence of an incident, and to investigate the root causes of (recurring) incidents in order to avoid future recurrence of incidents by resolving the underlying problem, or to ensure workarounds are available.

Incident and requests management

Support should be provided:

  • via the [GGUS https://ggus.eu] HelpDesk, which is the single point of contact for infrastructure users to access the EGI Service Desk.
  • (for incidents) According to declared level of quality of support (default: Medium)
  • Support is provided in English
  • Support is available
    • from Monday to Friday
    • 8 h per day
  • All incidents and requests should be (assigned to proper Support Unit) and prioritised according to the suitable scheme.

Problems management

  1. In case of recurring incidents which cannot be solved by the development team a GGUS ticket should be created to "Operations" Support Unit. EGI Operations team will coordinate the investigation of the root cause of (recurring) incidents in order to avoid future recurrence of incidents.
    • Any existing GGUS tickets which may help investigation should be marked as a child of the created ticket.

Planned maintenance windows or interruptions

Planned maintenance should be:

  • declared in GOCDB in a timely manner i.e. 24 hours before
  • with a typical duration up to 24 hours otherwise it should be justified

Unscheduled interruptions should be managed according to MAN04.

Security incidents

All security incidents should be registered according to EGI_CSIRT:Incident_reporting.

Monitoring

The development team is responsible for development, maintenance and support of the service monitoring probes.

Availability and reliability threshold should be defined with EGI Operations team depending on the criticality of the service.

Information Security management

Goal: to manage information security effectively through all activities performed to deliver and manage services, so that confidentiality, integrity and accessibility of relevant assets are preserved

The following rules for information security and data protection apply:

  • The Provider must define and abide by an information security and data protection policy related to the service being provided;
  • This must meet all requirements of any relevant EGI policies or procedures and also must be compliant with the relevant national legislation.

Customer relationship management'

Goal: Establish and maintain a good relationship with customers receiving service

Development team need to interact with each other inside EGI activities, primarily with OMB, the main customer of the operational tools.

Interactions between Development teams are guaranteed through periodic phone conferences and face to face meetings. A dedicated mailing list is available as well.

Interactions with customers are guaranteed through periodic OMB meetings and (where needed) dedicated Operations Tool Advisory Group. The OTAG mandate is to help developers in requirement prioritisation and releasing process of operational tools. OTAG provide forums to discuss the tools evolution that meet the expressed needs of the EGI community. It has representation from the all end users groups depending on the tool.