Networks ∙ Services ∙ People Ann Harding + Marina Adomeit GÉANT Symposium 2016 What’s changed, what stays the same? Project future - services dev & ops Vienna Activity leaders Trust and identity Development & Ops
Networks ∙ Services ∙ People GN4-2 April – The Ground Rules EC Rule 1 – Separate “User Driven Development” and “Platform Driven Development” in two projects User – AARC/AARC2Platform – GÉANT EC Rule 2 – GÉANT to develop within “Technology Readiness Levels” Framework Start TRL6 “technology demonstrated in relevant environment (industrially relevant environment in the case of key enabling technologies)” End TRL 8-9 within 3 years “system complete and qualified/actual system proven in operational environment” GÉANT Rule: Clear Handover from Development to Operations One JRA for T&I development One SA for T&I and Applications operations
Networks ∙ Services ∙ People GN4-2 Planning – The Story so Far June Workshop Task Leaders from all T&I areas July White Paper A GÉANT Project Planning Committee appointed Sept NRENs score topics in White Papers eduroam and eduGAIN topics scored highest in priorities Oct Draft Project Structure, Budgets and Task Structure created Nov Activity Leaders appointed, January Task Leaders appointed February Description of Work Finalised for Assembly Review
Networks ∙ Services ∙ People So, what does it look like? Inherits from current JRA3 and SA5 Bring from demonstration (TRL6) to System Complete (TRL7/8) JRA3: Trust and Identity development: Ann Harding, SWITCH Inherits from current SA5 and SA4 Prove readiness for service, operate and continuously improve SA2: T&I + Service Delivery Operations: Marina Vermezovic Adomeit, AMRES
Networks ∙ Services ∙ People Who’s who – JRA3 Trust and Identity Development Task 1: eduGAIN Development - Federation and Campus: Daniela Pöhn, LRZ/DFN Task 2: eduGAIN Development - e- Research and SPs: Lukas Hammerle, SWITCH Task 3: Trust & Identity technology development: Maarten Kremers, SURFnet Task 4: eduroam development: Stefan Winter, RESTENA Trust and Identity Business Development: Brook Schofield, GÉANT
Networks ∙ Services ∙ People What is what – JRA3 Trust and Identity Development Liason with NAs for Marketing and User Liason Liason with SA for Product Management aspects, esp eduGAIN Finding and bringing in new users for eduGAIN, eduroam, FaaS etc. Task 0: Business Development eduGAIN legal review, eduGAIN Metadata and Attribute Management, Development of Supporting Services for Campus Identity Providers, eduGAIN Incident Management development (handover of SIRTIFI) Task 1: eduGAIN Development - Federation and Campus: enhanced e-Science support team in eduGAIN, InAcademia, Service Provider simplified Registration to eduGAIN, (Identity) Assurance Service, Virtual Organisation Platform Service Development, liason with AARC/AARC2 Task 2: eduGAIN Development - e-Research and SPs: Federated Identity, the next generation, Two factor Authentication in eduGAIN, Services to support mobile federated identity, Cross-sector interoperability (eduGAIN) Task 3: Trust & Identity technology development: eduroam as a Service, improving delivery of eduroam to end users - enhancements to the supporting services tools to facilitate user self support, creation of new Configuration Assistant Tool profiles Task 4: eduroam development
Networks ∙ Services ∙ People Who’s who – SA2 Trust & Identity and Multi-domain services Task 1:Service Transition and Software Management Marcin Wolski, PSNC Task 2: Trust & Identity operations Alessandra Scicchitano, GEANT Association Task 3: Multi- domain services Ivana Golub, CARnet Task 4: Production Optimisation Branko Marović, UoB
Networks ∙ Services ∙ People What is what – SA2 Trust & Identity and Multi-domain services Service validation and testing when transitioning to production. Regular and on-demand software security and quality audits and penetration testing. Organise training for software developers - S4D, SCT Software management services for software development and release teams across GÉANT services. Task 1: Service Transition and Software Management Operations of T&I services. Beginning with eduroam, eduGAIN, FaaS, eduPKI. Taking in T&I services from JRA3: in perspective for SGA2 Moonshot, VOPaaS, inAcademia, eduroam as a service, DJNRO Task will ensure that all operations is performed with high quality, effectively and securely fulfilling operations baseline and requested availability. Task 2: Trust & Identity Operations: Operations of Multi-domain services. Beginning with Brokerage Cloud Catalogue, MDVPN supporting tools and perfSONAR. Taking in Multi-domain services from respective JRAs Task will ensure that all operations is performed with high quality, effectively and securely fulfilling operations baseline and requested availability. Task 3: Multi-domain services Analyse services in production and propose opportunities for service improvement that would result in optimised operations and increased efficiency and effectiveness. Supervise all services in production from the perspective of usage, users’ and support teams’ feedback, and the feeding of information into the respective JRAs and SAs. Task 4: Production Optimisation
Networks ∙ Services ∙ People How will we work together? Case Study 1: Introducing a brand new service JRA designs and develops service Include design for how the service should look in operations Provisional targets for availability/perform ance JRA provides service design documentation and all relevant product components to SA SA transitions services into operations, following Product Lifecycle Management (PLM) Process JRA still participates actively in handover e.g. delivering training Frequent, detailed communication needed Three way final agreement between JRA/SA/PLM SA provides DevOps teams and infrastructure Discussion point – also provide ops-like- environment for end stage pilots?
Networks ∙ Services ∙ People How will we work together? Case Study 2: Introducing an enhancement Make sure to involve ops teams in requirements gathering Include design for how the enhancement should be integrated operations Provisional targets for availability/performance JRA provides documentation and all relevant components to SA SA transitions services into operations, following PLM Process JRA still participates actively in handover e.g. delivering training Frequent, detailed communication needed Three way final agreement between JRA/SA/PLM for large enhancements, JRA/SA only for smaller ones (TBD ) SA provides DevOps teams and necessary infrastructure Ops say on integration method will get highest weight (TBD) JRA designs and develops enhancements to existing services
Networks ∙ Services ∙ People How will we work together? Case study 3: Daily business JRA to provide 3 rd level escalation for services May provide 2 nd level in some edge cases until SA builds up experience SA will carry out routine maintenances/patches of underlying systems Schedule, notify, carry out JRA may need to be on standby for some edge cases until SA builds up experience SA may carry out minor operational enhancements to applications without JRA needing to do development Both teams will have to be notified to sync on the known good production standard Significant operational enhancements required by SA will be passed to JRA as new feature requests.
Networks ∙ Services ∙ People In summary It is getting harder and harder to fill existing projects with experienced, qualified people Spread knowledge of operating T&I services more widely development user engagement operations Enabling people to be a little more specialist Work flexibly together Speak together lots, and often, even if not actively handing something over Keep the advantages of unified teams as much as possible A bigger team, not more silos
Networks ∙ Services ∙ People Thank you Networks ∙ Services ∙ People This work is part of a project that has received funding from the European Union’s Horizon 2020 research and innovation programme under Grant Agreement No (GN4-1). 13