Difference between revisions of "PROC16 Decommissioning of unsupported software"
Line 17: | Line 17: | ||
Unsupported software decommission procedure was created to define steps which have to be taken to remove unsupported software from the production infrastructure. | Unsupported software decommission procedure was created to define steps which have to be taken to remove unsupported software from the production infrastructure. | ||
<br> | |||
= Definitions = | = Definitions = | ||
Line 51: | Line 51: | ||
<br>Unsupported software '''MUST be retired no later than 1 month after its End of Security Updates and Support'''. After this date, if a critical vulnerability were to emerge in the software, EGI CSIRT can request the service to be turned off immediately | <br>Unsupported software '''MUST be retired no later than 1 month after its End of Security Updates and Support'''. After this date, if a critical vulnerability were to emerge in the software, EGI CSIRT can request the service to be turned off immediately | ||
== Preparation phase == | |||
{| class="wikitable" | {| class="wikitable" | ||
|- | |- | ||
! <br> | ! <br> | ||
! Responsible | ! Responsible | ||
! Action | ! Action | ||
|- valign="top" | |- valign="top" | ||
| 0 | | 0 | ||
| COO<br> | | COO<br> | ||
| During an OMB meeting the COO announces '''End of Security Updates and Support '''and '''Decommission deadline''' for service migration. | | During an OMB meeting the COO announces '''End of Security Updates and Support '''and '''Decommission deadline''' for service migration. | ||
|- valign="top" | |- valign="top" | ||
| 1<br> | | 1<br> | ||
| COO | | COO | ||
| The broadcast is send to NGI operations managers, Site administrators, CSIRT, ROD teams. | | The broadcast is send to NGI operations managers, Site administrators, CSIRT, ROD teams. | ||
|- valign="top" | |- valign="top" | ||
| 2 | | 2 | ||
| NGI managers<br> | | NGI managers<br> | ||
| Propagate the information about migration to their own sites. | | Propagate the information about migration to their own sites. | ||
|- valign="top" | |- valign="top" | ||
| 3 | | 3 | ||
| Nagios team<br> | | Nagios team<br> | ||
| A new probe is developed for the MW SAM for deployment. It extracts information about deployed software versions from Information discovery service (e.g. BDII).<br> | | A new probe is developed for the MW SAM for deployment. It extracts information about deployed software versions from Information discovery service (e.g. BDII).<br> | ||
|} | |||
<br> | |||
== Escalation phase == | |||
{| class="wikitable" | |||
|- | |||
! <br> | |||
! Timeline | |||
! Responsible | |||
! Action | |||
|- valign="top" | |- valign="top" | ||
| | | 1 | ||
| | | | ||
'''Decommissioning '''<br> | '''Decommissioning '''<br> | ||
Line 87: | Line 94: | ||
| Nagios team | | Nagios team | ||
| | | New probe is deployed into the MW SAM and starts returning WARNING. | ||
|- valign="top" | |||
| 2 | |||
| | |||
'''Decommissioning '''<br> | |||
'''start date + 1 month''' | |||
| Nagios team | |||
| The probe starts returning CRITICAL. | |||
|- valign="top" | |- valign="top" | ||
| | | 3 | ||
| (without delay) | | (without delay) | ||
| ROD<br> | | ROD<br> | ||
Line 103: | Line 119: | ||
|- valign="top" | |- valign="top" | ||
| | | | ||
4 | |||
| '''After''''''2 weeks''''''<br>''' | |||
| ROD | | ROD | ||
| Follow up the migration and if needed start putting the affected service end-points in downtime for sites which didn't provide information on migration plans and/or failed to put affected service end-points in downtime. | | Follow up the migration and if needed start putting the affected service end-points in downtime for sites which didn't provide information on migration plans and/or failed to put affected service end-points in downtime. | ||
|- valign="top" | |- valign="top" | ||
| | | 5 | ||
| After '''Decommissioning deadline''' | | After '''Decommissioning deadline''' | ||
| COD | | COD | ||
Line 119: | Line 131: | ||
|} | |} | ||
<br> | <br> | ||
= Revision history = | = Revision history = |
Revision as of 12:01, 4 December 2012
Main | EGI.eu operations services | Support | Documentation | Tools | Activities | Performance | Technology | Catch-all Services | Resource Allocation | Security |
Documentation menu: | Home • | Manuals • | Procedures • | Training • | Other • | Contact ► | For: | VO managers • | Administrators |
Title | Decommissioning of unsupported software |
Document link | https://wiki.egi.eu/wiki/PROC16 |
Last modified | v1.0 20.11.2012 |
Policy Group Acronym | OMB |
Policy Group Name | Operations Management Board |
Contact Group | operations at mailman.egi.eu |
Document Status | Approved |
Approved Date | 20.11.2012 |
Procedure Statement | A procedure for removal of unsupported software from production infrastructure. |
Owner | Owner of procedure |
Overview
Unsupported software decommission procedure was created to define steps which have to be taken to remove unsupported software from the production infrastructure.
Definitions
Please refer to the EGI Glossary for the definitions of the terms used in this procedure.
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", “MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC 2119.
Steps
Unsupported software MUST be retired no later than 1 month after its End of Security Updates and Support. After this date, if a critical vulnerability were to emerge in the software, EGI CSIRT can request the service to be turned off immediately
Preparation phase
Responsible | Action | |
---|---|---|
0 | COO |
During an OMB meeting the COO announces End of Security Updates and Support and Decommission deadline for service migration. |
1 |
COO | The broadcast is send to NGI operations managers, Site administrators, CSIRT, ROD teams. |
2 | NGI managers |
Propagate the information about migration to their own sites. |
3 | Nagios team |
A new probe is developed for the MW SAM for deployment. It extracts information about deployed software versions from Information discovery service (e.g. BDII). |
Escalation phase
Timeline | Responsible | Action | |
---|---|---|---|
1 |
Decommissioning start date |
Nagios team | New probe is deployed into the MW SAM and starts returning WARNING. |
2 |
Decommissioning start date + 1 month |
Nagios team | The probe starts returning CRITICAL. |
3 | (without delay) | ROD |
Follow up the service migration by creating operations ticket through Operations Dashboard until the decommissioning deadline. Escalation steps for problems with unsupported MW at site must be applied. Site admins must provide migration or decommission plan within 2 weeks from Decomissioning start date. The plan must take into account Decommissioning deadline and site plans to migrate before this date. Resource centres who fail to provide information about migration plans are subject to suspension. |
4 |
After'2 weeks' |
ROD | Follow up the migration and if needed start putting the affected service end-points in downtime for sites which didn't provide information on migration plans and/or failed to put affected service end-points in downtime. |
5 | After Decommissioning deadline | COD | Follow up the migration and if needed suspend sites which didn't provide information on migration plans and/or failed to put affected service end-points in downtime. |
Revision history
Version | Authors | Date | Comments |
---|---|---|---|