Alert.png The wiki is deprecated and due to be decommissioned by the end of September 2022.
The content is being migrated to other supports, new updates will be ignored and lost.
If needed you can get in touch with EGI SDIS team using operations @ egi.eu.

PROC14 VO Registration

From EGIWiki
Revision as of 13:25, 28 September 2012 by Krakow (talk | contribs)
Jump to navigation Jump to search
Main EGI.eu operations services Support Documentation Tools Activities Performance Technology Catch-all Services Resource Allocation Security


 


Title VO Registration Procedure
Document link https://wiki.egi.eu/wiki/PRO14
Version - last modified
Policy Group Acronym OMB
Policy Group Name Operations Management Board
Contact Person operational-documentation@mailman.egi.eu
Document Status Draft
Approved Date
Procedure Statement The document describes the process of enabling a Virtual Organisation (VO) on the European Grid Infrastructure (EGI) and the parties who are involved in process execution. Users of EGI are organised into Virtual Organisations (VO).'

VO Registration Procedure

The document describes the process of enabling a Virtual Organisation (VO) on the European Grid Infrastructure (EGI) and the parties who are involved in process execution.

Users of EGI are organised into Virtual Organisations (VO). A VO is a group of people (typically application scientists and application developers) who share similar interests and have similar goals and who need to work collaboratively and/or need to share resources (e.g. data, software, expertise, CPU, storage space) through a grid infrastructure regardless of their geographical location.

The focus of this document is on the tasks that VO representatives and the EGI staff have to accomplish in order to register and validate a new VO on EGI. The purpose of this page is to capture the VO registration workflow so it can be learned by VO representatives, by EGI staff as well as it can be improved in order to meet new requirements.

For other aspects of VO management (e.g. operation support, resource/service allocation, decommissioning) please consult with the VO services Wiki pageor contact the VO services team via EGI Helpdesk.

Definitions

Eentities involved in this procedure are defined in the EGI Glossary.

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", “MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.

Entities involved in the procedure

  • VO Manager: person who is responsible for initiating the registration process.
  • Resource Infrastructure Operations Manager: person who is responsible for approving the integration of a new Resource Centre into the respective Infrastructure.
  • Operations Centre: entity which is technically responsible for carrying out the Resource Centre certification part of the procedure, once the membership is approved.
  • Response Team: entity which is technically responsible for carrying out the security certification



Actions and responsibilities



VO registration

Requirements

  1. A Resource Centre MUST be part of a Resource Infrastructure and gets operational services offered by a Operations Centre. If a provider is not yet available for your country, then an alternative existing Operations Centre can be contacted. A procedure exists for this, and it is documented in the Operations Centre creation procedure.
  2. To satisfy Grid security requirements during the registration procedure the following information must be collected. The comprehensive list of required information is available (here).
    • The full name of the Resource Centre.
    • An abbreviated name for the Resource Centre, which must be unique within the Grid, and preferably globally unique.
    • The name, email address and telephone number of the Resource Centre Operations Manager and Resource Centre Security Contact in accordance with the requirements of the Resource Centre Operations Policy.
    • The email address of a managed list for contact with Resource Centre Administrators at the Resource Centre.
    • The email address of a managed list for contact with the Resource Centre security incident response team.

Steps

The following steps are only applicable if the Resource Centre is not already registered in GOCDB. They describe the steps for a Resource Centre Operations Manager that is requesting the respective Resource Centre to join the EGI infrastructure.

  • Actions tagged RC are the responsibility of the Resource Centre Operations Manager.
  • Actions tagged RP are the responsibility of the Resource Infrastructure Operations Manager.
  • Actions tagged OC are the responsibility of the Operations Centre
# Responsible Action
0 RC
  1. Contact your Resource Infrastructure Operations Manager (contact information is available at http://www.egi.eu/community/resource-providers/).
  2. Provide your Resource Infrastructure Operations Manager the required information according to the template available in the Required information page.
1 RP
  1. Parse the Resource Centre registration request, decide to accept or reject it, and communicate this result back to applicant.
  2. If the Resource Centre is accepted, notify the relevant Operations Centre, handle the Resource Centre information received, and put the Operations Centre in contact with the Resource Centre Operations Manager.
2 OC
  1. The following actions can be done in parallel:
    • Forward all necessary and required documentation to install and configure the Resource Centre services to the Resource Centre Operations Manager.
    • Communicate with the Operations Manager to clarify any doubts or questions. Include the Operations Centre ROD, CSIRT,  or help-desk teams in the step if necessary.
3 OC
  1. Add the Resource Centre to the GOCDB and flag it as "Candidate". Note that all users with a GOCDB role at regional level can add a Resource Centre in scope (this includes Operations Manager, deputy and regional staff). Currently, GOCDB applies the same permissions to all of the "regional level roles".
  2. Notify the Resource Centre Operations Manager that he/she should request for grid certificate, register in Dteam VO, register in the GOCDB and request the 

'Resource Centre Operations Manager' role. Approve it when done.

  1. Notify the Resource Centre Operations Manager that person responsible for security should request for grid certificate, register in Dteam VO, register in the GOCDB and request the 

'Resource Centre Security Officer' role. Approve it when done.

4 RC
  1. Complete any missing information for the Resource Centre's entry in the GOCDB, including services that are to be integrated into the infrastructure.
  2. Request in the GOCDB (or ask the relevant Resource Centre security staff to request) the mandatory Resource Centre Security Officer role. A security expert is the most appropriate actor for this role. See the GOCDB Input System User Documentation for more information on roles.
  3. Accept or deny all the requested roles under the Resource Centre scope. Note: If the Resource Centre Operations Manager can not approve roles, they should request the Operations Centre to do so. This is a current flaw in GOCDB.
  4. Notify the Operations Centre that the Resource Centre information update is concluded.
5 RC or OC
  1. Check whether the Resource Centre appears in the "Notified Site" field in https://ggus.eu/ws/ticket_search.php
  2. Note that this step should happen automatically when the Resource Centre is correctly entered into the GOCDB. If this is still not visible 2 days after the GOCDB entries have been created, the Operations Centre should be informed and should then contact GGUS administrators through GGUS.
  3. A new Resource Centre Administrator should register in GGUS (https://ggus.eu/admin/get_account.php?accounttype=support) but not specify any role, unless directed to by the Operations Centre.
6 OC
  1. Check that the Resource Centre's information is correct (Resource Centre (site) roles and any other additional information.)
  2. Check that contacts receive email (if they are mailing lists, check that outside EGI members are allowed to post there). Site administrator MUST reply to the test email.
  3. Check that the required services for a Resource Centre are properly registered. Note that for Resource Centre adopting APEL, by registering a new glite-APEL node in GOCDB as gLite-APEL service including the correct DN, the APEL broker Access Control List gets automatically updated and Resource Centres can start publishing usage records in about two hours (for more information see the gLite-APEL documentation).
  4. Check domain names and forward and reverse DNS.
7 OC
  1. Any other Operations Centre-specific requirements (e.g. join a certain VO and/or mailing list, etc.)
8 OC
  1. If all previous actions have been completed with success, notify the Resource Centre Operations Manager that the Registration is completed, and contact the Resource nfrastructure Operations Manager to notify that a new candidate Resource Centre exists and is ready to be certified.



Revision History

  • 25/09/2012: (editorial, M. Krakowian) CSIRT team added into the certyfication process (step 7), step 5 modified according to UNICORE request
  • 7/09/2012: (editorial, M. Krakowian) typos and adding links where necessary, Gridview link removed from #8 'Site Certification'
  • 25/10/2011: (editorial, T. Ferrari) Replacement of RIP with "RP" standing for Resource infrastructure Provider

Template:Creative commons

Retrieved from "https://wiki.egi.eu/w/index.php?title=PROC14_VO_Registration&oldid=40944"