| Action | Description | Status | Due Date | Assigned to |
|---|---|---|---|---|
Service Architecture Documented | Make a reference drawing of service architecture | DONE | Marina, consult with Leif | |
| Update the requirements for service operations | To reflect the service architecture that was documented | DONE | Marina, consult with Leif | |
| Deploy beta service | First node deployed by end of November. Docker environment was prepared and remaining nodes deployment should be an easy exercise. Two production nodes in SUNET network are created. Maria to check with Leif on creating the AWS machines. | IN PROGRESS Two production nodes are done | Maria, Leif | |
| Definition for the hosting environment firewall capabilities | That will be implemented in all different environment. This becomes part of the service definition for baseline operations. | DONE | Leif | |
| Prepare the OLA | Marina received the GEANT template OLA https://docs.google.com/document/d/1vw-V9VsdRmiGa4lAI-wZlaHzHwSZ9GSMXcXRcg1JfA4/edit Draft OLA prepared: https://wiki.geant.org/pages/resumedraft.action?draftId=114921107&draftShareId=f423f5ac-a6c2-40a8-8e97-7220fbf6ccb7& Marina created draft, was checked with GEANT ops team. It was shared on 26th Nov with Jonny from sunet noc. | IN PROGRESS | First draft till 10th October | Marina (consult with Jonny) |
| Pen testing of the beta service | Agreed with DFN cert that the pen testing will be 3rd week of November. We should let them know about our readiness on first week of November. 2 types of pen testing will be done: no info then full info. First just give the domain. End then we give them the zone file. Talk to heather - report of the audit that was alreday done for the privacy audit. WAYF Cloud and P3W Security & Privacy Recommendations First round done in 28th Nov. Marina Adomeit to arrange with Klaus/dfn cert for the next pen testing round. | IN PROGRESS | Dependent on deploying beta service | Marina via DFN cert (consult Leif, inform Jonny of results) |
| Code testing of code that is running as web app | Audit for modern Java Script. Marina is checking with Marcin. There seams to be capability for Java Script testing. Waiting to get info from Leif. Marina Adomeit to check again! | DONE IPR testing and security testing done by white source tool | Marina via Marcin (consult Leif, inform Jonny of results) | |
| Get budget for the monitoring, and clean up the ops budget | status.io, pingdom.com Marina will prepare the CR from Elena ... use 20 k and move to monitoring and VMs Marina Adomeit to do the budget assignment Marina Adomeit remind Leif to agree which kind of licence we need for those | WP5 leaders approved the 10k budget, need to make the CR | First week October | Marina |
| Configure internal monitoring | Setup an idenpendent Nagios instance in SUNET. Maria did the most of the work. Some minor things and integration with Slack is left over. | DONE | Maria | |
| Organise purchase of supporting services | DONE for status.io and pingdom.con NOT STARTED for CDN | End November.... | Marina to initiate via Task 3 | |
| Configure external monitoring | Nagios - done!!!, integration in slack in progress status.io - Pingdom - Once licence is available move to the licensed instance | DONE | End October (with deployment of beta service) | Maria |
| Prepare the financial consumption reporting | when all supporting services are purchased | Marina | ||
| Prepare the ops reporting | Marina regular checks with Maria, every Friday 12:00 | DONE | Marina | |
| Check the GDPR | User never touches any of the nodes that are maintained by seamless access.org. The only interaction point is the CDN. Their privacy policy and DPA should be checked!!! Document the data flow for Seamless Access https://docs.google.com/presentation/d/1emWsyTn6trMRCCNbTHrGHYHrajtHfOZl0--T70BFe_o/edit?usp=sharing Based on the data flow, Magdalena can review the GDPR external audit on privacy statements - in 2020 as service proves viable | DONE | Marina via GEANT project GDPR | |
| Check the IPR | Leif needs to put the SUNET licence and check the the libraries Magdalena organised code scanning for the libraries used and on 06.12.2019 confirmed all is in order:
| DONE | Leif, Marina to connect Leif to Magdalena | |
| Configuration change, Release management, Regular updates process | Define the configuration change process. Should be reflected in the OLA. Have in mind other ops regions Marina Adomeit to start writing this! | DONE | Marina (consult with Jonny) | |
| Support process | Define who the support process flow, the actors etc. Should be reflected in the OLA. Have in mind other ops regions. | IN PROGRESS | Marina (consult with Jonny) and take up with Heather | |
| Service on boarding process | IN PROGRESS | |||
| Formulate the L3 support | Leif + certain members from the Technical Sterring group | IN PROGRESS | Marina to take up with Heather | |
| Service operations definition | Prepare a definition of the service ops baseline for additional operators of the service. Security groups and firewall | NOT STARTED | Marina and Maria, consult with Leif, Tech Steerting group for approval. | |
| For service production move all service components to stabile environment |
| IN PROGRESS | ||
| Handover to Noc | OLA review - in progress Change management - in process Monitoring:
Finalize move of the DNS Define test procedure for the Change management process Add the escalation paths for the TTP Limit access to geant wiki... Add references in sunet ops wiki to geant wiki Other documentation missing:
| |||
Marina Adomeit to enable that Heather can cover when on vacation for deployment - enable heather to publish the maintenance ... Marina Adomeit registration process - look at the airtable and registration form
|
Other ideas: talk to leif about moving away trom ssl/tls certificates provided by fastly to our own?