The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.
Difference between revisions of "PROC02 Operations Centre creation"
| Line 194: | Line 194: | ||
|1 | |1 | ||
|GOCDB | |GOCDB | ||
|Creation of a new NGI entry in GOCDB ''(with no site attached)''. | |Creation of a new NGI entry in the GOCDB ''(with no site attached)''. | ||
|- | |- | ||
| | | | ||
| Line 209: | Line 209: | ||
|2 | |2 | ||
|CE ROC | |CE ROC | ||
| | |Enter the new NGI in SAMAP ''(required for certification of new sites in NGI)'' | ||
|- | |- | ||
| | | | ||
|3 | |3 | ||
|Operations Portal | |Operations Portal | ||
| | |Enter the new NGI in the Operations dashboard | ||
|- | |- | ||
| | | | ||
|4 | |4 | ||
|GGUS | |GGUS | ||
| | |Create a new support unit in GGUS : NGI_XXX | ||
NOTE: ''(attach the FAQ document for the NGI to this ticket.)'' | |||
|- | |- | ||
| | | | ||
| Line 236: | Line 237: | ||
|''[If the NGI was part of a ROC]'' | |''[If the NGI was part of a ROC]'' | ||
IPC | IPC | ||
| | |Configure the NGI in the ROC Nagios instance | ||
|- | |- | ||
|5 | |5 | ||
| Line 247: | Line 248: | ||
|GOCDB | |GOCDB | ||
|* ''[If the NGI was part of a ROC]'' | |* ''[If the NGI was part of a ROC]'' | ||
GOCDB | GOCDB transfers related sites from the source ROC to the new NGI structure | ||
NOTE: If this is a Group of NGIs, please indicate the sites moving across to the new NGI in the ticket. | |||
|- | |- | ||
| | | | ||
| Line 253: | Line 255: | ||
| | | | ||
|* ''[If the NGI wasn't part of a ROC]'' | |* ''[If the NGI wasn't part of a ROC]'' | ||
Newly created NGI_XXX | Newly created NGI_XXX can insert new sites | ||
|- | |- | ||
|7 | |7 | ||
| Line 319: | Line 321: | ||
We would like to announce that NGI_XXX is now fully operational and that we have finished its integration procedure. | We would like to announce that NGI_XXX is now fully operational and that we have finished its integration procedure. | ||
All necessary operational teams and tools are established in our NGI and we are ready for production. NGI is visible | All necessary operational teams and tools are established in our NGI and we are ready for production. This NGI is visible | ||
in all operational tools as NGI_XXX and is responsible for all <COUNTRY> sites. | in all operational tools as NGI_XXX and is responsible for all <COUNTRY> sites. | ||
Best regards, | Best regards, | ||
</pre> | </pre> | ||
Revision as of 14:22, 15 July 2010
--Krakowian 13:40, 30 June 2010 (UTC)
The purpose of this document is to clearly describe the actions and the relative steps to be undertaken for integrating a NGI (or a group of NGIs) into the EGI operational structure. We call a “group of NGIs” a structure that contains sites from more than one country which is managed by one single operational structure (in terms of support, tickets assignment, etc.). From an operational point of view a single NGI or a group of NGIs (according to the definition provided above) are the same, and in the rest of the document both cases will be referred to using the word “NGI”.
This document is only relevant to operators of a stand-alone NGI or of a group of NGIs. It is irrelevant for NGIs that are operated as part of a group of NGIs.
Revision history
| Version | Authors | Date | Comments |
|---|---|---|---|
| 0.16 | Małgorzata Krakowian | 2010-07-14 | Optional step 9 (about information published in BDII) added |
| 0.15 | Vera Hansper | 2010-07-14 | Proofreading and clarification of some points |
| 0.14 | Małgorzata Krakowian | 2010-07-13 | Changes in 'NGI creation process steps' about NGI Nagios validation. |
| 0.13 | Tiziana Ferrari | 2010-07-05 | Clarified the process through which the ROC or COD is notified about the need to start the technical validation of a new NGI. |
| 0.12 | Małgorzata Krakowian, Tiziana Ferrari | 2010-06-16 | Migration to wiki page. Political and technical validation section. |
| 0.11 | Marcin Radecki, Małgorzata Krakowian, David Collados | 2010-06-15 | Nagios Box validation. |
| 0.10 | Marcin Radecki, Małgorzata Krakowian | 2010-06-11 | Update item 99953 and 99954 |
| 0.9 | Marcin Radecki, Małgorzata Krakowian | 2010-05-19 | Update item 99953 and 99954 |
| 0.8 | Marcin Radecki, Małgorzata Krakowian | 2010-05-13 | Update item 99953 and 99954 – Configuration NGI in Nagios |
| 0.7 | Marcin Radecki, Małgorzata Krakowian | 2010-04-27 | Update item 99953 and 99954 |
| 0.6 | Guenter Grein | 2010-04-26 | Update item 99953 |
| 0.5 | Marcin Radecki, Małgorzata Krakowian | 2010-04-23 | Adding step to inform ROC managers about new NGI creation and step which concerns ROD team creation |
| 0.4 | Marcin Radecki | 2010-04-06 | Changes related to NGI nagios box validation (not necessary yet) and renumbering of steps. |
| 0.3 | Marcin Radecki | 2010-03-05 | Proposed changes according to experience with creating NGI_PL |
| 0.2 | ROD Pole 3 | 2010-01-27 | Refined procedure taking technical requirements in consideration |
| 0.1 | Guenter Grein | 2010-01-12 | First draft |
Validation of NGI creation request
This document details the technical steps needed for the validation of an NGI.
The first step for validating an NGI (single of group of NGIs) is to be politically approved as an official partner of the EGI infrastructure. NGIs that are a partner of the EGI-InSPIRE project are already implicitly part of the EGI infrastructure.
After this step, the NGI needs to be technically validated. The Central Operator on Duty team - in charge of EGI oversight - is responsible for performing this validation. However, if the NGI is part of an ex EGEE-ROC structure which is still operating, and which is willing, then the ROC can perform the validation itself.
Political Validation
Text to be approved
CASE 1. If an NGI is already represented within the EGI Council, we recommend that the NGI political representative within the EGI Council notifies the EGI Chief Operations Officer that the respective NGI is entering its validation cycle. At this point, the technical validation can start.
CASE 2. If an NGI is not represented within the EGI Council, and it is willing to be represented there, the NGI needs to submit a request for admission to the Council before being technically validated. After this step, CASE1 applies.
CASE 3. If a new NGI is not represented within the EGI Council and is not interested in being part of it, but would still like to be a consumer of the EGI global services, then a request of admission has to be submitted and approved by the Council. If approved, then CASE1 applies. It is likely that in the future the signing of an MoU will be requested before validation can start.
Technical Validation
- The Integration Process Coordinator (IPC) is the entity responsible of integrating a new NGI within EGI. The IPC can be the EGEE parent ROC of the NGI (if still operational), or COD.
- The NGI manager(s) sends an email to the Chief Operations Officer (COO) that the Council was informed about the creation of a new NGI, and (if applicable) also that the Council has approved it. The NGI manager(s) should also indicate the IPC responsible for the validation in the email.
- The Chief Operations Officer opens a GGUS ticket to the IPC to start the validation process.
How to start the integration process for an NGI (or NGI group)
- The integration of a new NGI starts when the COO opens an NGI validation ticket to the IPC (via GGUS).
- Once the COO ticket is filed, the IPC can start the validation process. In order to trigger the actions described in this document the IPC creates a set of new child tickets that are assigned to the individual partners that are responsible for the various validation steps. Thereby, the integration process should be as transparent as possible to all parties involved. The required actions are described below.
An example/template for the NGI creation ticket is provided here:
Subject: Creation of NGI_XXX Required information for the creation of the NGI: Management mailing list : management@xxx.org NGI manager contact data : Person Surname (email) +phone contact, Deputy: Person Surname (email) +phone contact, NGI security officer contact data : Person Surname (email) +phone contact, NGI security mailing list : abuse@xxx.org ROD team mailing list : ngi-support@xxx.org NGI nagios monitoring system details : https://mon-ngi.xxx.org/nagios Mailing list for GGUS tickets if using GGUS directly : xxxticket@xxx.org The FAQ document for the NGI provided by the GGUS team is in the attached file (GGUS_1800_FAQ_for_NGI_xxx.pdf) (see extra document provided)
New NGI prerequisities
Before opening an NGI creation GGUS ticket, the NGI should:
- Decide whether to use the NGI's own help desk system or use GGUS directly. If the NGI wants to set up their own system they need to provide an interface for interaction to GGUS with the local ticketing system and follow the recommendations available at https://gus.fzk.de/pages/ggus-docs/interfaces/docu_ggus_interfaces.php.
- Set the following contact points:
- Management mailing list
- NGI operations manager contact data
- NGI security officer contact data
- NGI security mailing list
- ROD team mailing list (including people responsible for monitoring and supporting the NGI infrastructure)
- Mailing list for GGUS tickets IF GGUS is used directly for the helpdesk system
- Deploy an NGI Nagios instance if the NGI is going to run its own instance (see https://twiki.cern.ch/twiki/bin/view/EGEE/GridMonitoringNcgYaim and https://twiki.cern.ch/twiki/bin/view/EGEE/ValidateROCNagios)
- Fill the FAQ document for the NGI. The template is provided by the GGUS team: https://gus.fzk.de/pages/ggus-docs/DOC/1800_FAQ_for_TEMPLATE.doc
- Staff in the NGI that should be granted a management role (manager, deputy manager, security officer) should first register a user account in the GOCDB. The user registration procedure is described in the GOCDB user documentation at http://goc.grid.sinica.edu.tw/gocwiki/GOCDB_User_Documentation, section 3.1.1
NGI creation process steps
Some steps of the process can be done in parallel as they are independent, so all steps grouped within the same task number can be performed concurrently (several different child tickets will be created in order to speed up the process). The general idea is that these tickets must be closed before being able to move on to the next step.
Validation steps:
| Step | Substep | Action on | Action |
|---|---|---|---|
| 1 | IPC | Verification of the validity of the request (were all needed data provided?) | |
| 2 | IPC | Create child tickets in the order given as follows: | |
| 1 | GOCDB | Creation of a new NGI entry in the GOCDB (with no site attached). | |
Include the following into the GOCDB ticket:
| |||
| 2 | CE ROC | Enter the new NGI in SAMAP (required for certification of new sites in NGI) | |
| 3 | Operations Portal | Enter the new NGI in the Operations dashboard | |
| 4 | GGUS | Create a new support unit in GGUS : NGI_XXX
NOTE: (attach the FAQ document for the NGI to this ticket.) | |
| 5 | COD | Certification of new ROD team – https://wiki.egi.eu/wiki/Procedure_to_handle_new_ROD_certification_GGUS_tickets | |
| 3 | The newly created NGI_XXX | Include the NAGIOS host in the GOCDB as a 'National-Nagios' service.
(This step only applies to NGIs running an NGI Nagios instance) | |
| 4 | [If the NGI was part of a ROC]
IPC |
Configure the NGI in the ROC Nagios instance | |
| 5 | The newly created NGI_XXX | Final confirmation that the new NGI can start the operations | |
| 6 | GOCDB | * [If the NGI was part of a ROC]
GOCDB transfers related sites from the source ROC to the new NGI structure NOTE: If this is a Group of NGIs, please indicate the sites moving across to the new NGI in the ticket. | |
| * [If the NGI wasn't part of a ROC]
Newly created NGI_XXX can insert new sites | |||
| 7 | OPTIONAL | Newly created NGI_XXX | All sites should be reconfigured according to the instructions at: http://goc.grid.sinica.edu.tw/gocwiki/How_to_publish_my_site_information |
change the old information from:
SITE_OTHER_EGEE_ROC="XX" SITE_OTHER_GRID="EGEE" to: SITE_OTHER_EGI_NGI="NGI_XXX" SITE_OTHER_GRID="EGEE|EGI" Step 7 can be performed at any time from this point. | |||
| 8 | Newly created NGI_XXX | Transfer all open operational tickets to the new NGI in GGUS. | |
| 9 | Nagios team | Include the NGI level Nagios in the central ops-monitor Nagios instance.
(This step only applies to NGIs running an NGI Nagios instance) | |
| 10 | IPC | Validation process of the new NGI Nagios, as described at the step 5.3 of: https://twiki.cern.ch/twiki/bin/view/EGEE/ValidateROCNagios#Validation_Process.
(This step only applies to NGIs running an NGI Nagios instance) | |
| 11 | Nagios team | Validation that sites/NGI shown up correctly in Central DBs | |
| 12 | [If the NGI was part of a ROC]
Nagios team |
Migrating alerts from ROC to NGI Nagios instance.
(This step only applies to NGIs running an NGI Nagios instance) | |
| 13 | IPC | Final checks by the IPC.
(Were all steps taken and finished properly? Close the parent ticket.) | |
| 14 | Newly created NGI_XXX | Final checks should be verified and then a broadcast of the information by NGI officials. (Broadcast should be send to VO managers and NOC/ROC managers) |
Subject: NGI_XXX is operational Dear All, We would like to announce that NGI_XXX is now fully operational and that we have finished its integration procedure. All necessary operational teams and tools are established in our NGI and we are ready for production. This NGI is visible in all operational tools as NGI_XXX and is responsible for all <COUNTRY> sites. Best regards,