eduroam Managed IdP service should transition from its pilot under the JRA3, into the SA2 production operations. The exit pilot gate was approved by the PLM on 25th of June , officially marking the start of transition.
What is the relations to pilot - something to move or install from scratch
The transition generally consist of the following areas of work:
- Documentation preparation and signoff
- Test and Validation
- GDPR compliance checking
- IPR compliance checking
- Operational team establishment
- Operational team training
- Support team establishment
- Support team training
- Operational deployment
- Service promotion
Teams/people:
- Operations accountable: Marina Adomeit, Miroslav Milinović
- Development accountable: Ann Harding
- Development team: Stefan Winter, Justin Knight
- GEANT T&I operation support/Core team: Nicole Harris, Dick Visser
- PLM product manager
- Test team: Marcin Wolski
- Service manager (SM): Miroslav Milinović
- IPR accountable: Shaun Cairns
- GDPR accountable: Ana Alves
ON HOLD
IN PROGRESS
DONE
No | Work item | Responsible | Comment | Status | Start date | End date |
|---|---|---|---|---|---|---|
| 1 | Preparation of documentation - based on the SA2 Service Template | |||||
| Service Description | -Development team prepares -SM signs off | See section 1 of eduroam Managed IdP Service Description | IN PROGRESS (DEV TEAM DONE, awaiting sign-off) | |||
Service policy (Terms of use, SLA) | -Development team prepares -GEANT T&I operation support/Core team signs off | Separte policies for NROs, eduroam Managed IdP administrators and end users are described at eduroam Managed IdP Service Policy. GEANT should sign it off as a legal body that is responsible for the service. | IN PROGRESS (dev team done, awaiting sign-off) | |||
| Branding and Visibility | -Development team prepares -SM signs off | Web page text at https://www.eduroam.org/eduroam-managed-idp/ | IN PROGRESS (dev team done, awaiting sign-off) | |||
| Operational Requirements | -Development team prepares -SM and core team sign off | |||||
| OLA | -Development team prepares -SM and GEANT T&I operation support/Core team sign off | There is no OLA template at the moment, but potentially Nicole's core team can help out. | ||||
| Operational documentation | -Development team prepares -SM signs off, test team can validate | Dev team prepared this in the corresponding Wiki page | IN PROGRESS (dev team done, awaiting sign-off) | |||
| Operational processes | -Development team prepares -SM signs off, test team can validate | Need to define: service order (what happens from point of interest to service availability for a customer) and support process - Marina will send the questionnaire prepared by the Task 4 to Stefan to provide the info and Task 4 can draw the flow charts. | ||||
| User documentation | -Development team prepares -SM signs off, test team can validate | |||||
| User support | -Development team prepares -SM signs off, test team can validate | Prepare the FAQ for the first level support. Add them to the current FAQ that service desk uses + enable service desk to check by themselves if a user's IdP is managed eduroam IdP | ||||
| GDPR - data inventory, privacy notice, DPA | -Development team prepares -GDPR accountable and SM signs off | Data inventory prepared as part of the eduroam one | IN PROGRESS (dev team done, awaiting sign-off) | |||
| 2 | Test and validation | |||||
| Make a test plan | Development team and Test team prepares | Testing of the code was done Penetration testing on the production deployment before "cutting the ribbon" | ||||
| 3 | IPR compliance checking | |||||
| IPR compliance | IPR accountable Route the request through GEANT T&I operation support/Core team | Define with Stefan and Miro on what needs to go through the IPR check and send a request to Nicole to field through GEANT. Stefan Winter to prepare the IPR request (what are the software components, libraries, tools used) | should start ASAP! Most info exists from what Stefan already sent to Alan. | |||
| 4 | GDPR compliance checking | GDPR accountable | ||||
| Data inventory and mapping | Data inventory is already prepared; with Nicole and Ana to carry out assessment | DONE | ||||
| Update the privacy notice | Update the eduroam privacy notice to include the managed eduroam IdP as well. Publish once the production gate is passed. | |||||
| Prepare the data processing agreement | ||||||
| 5 | Operational team establishment | |||||
| Appoint service manager | Operations accountable | It comes under the eduroam service family and existing service manager. | DONE | |||
| Define roles, skills, manpower needed | Development team | |||||
Appoint operational team members | SM | It could be done by the Srce & Maja/Tomasz team - for GN4-2, for GN4-3 it should be defined and clarified. (Dubravko could be Radius, Dragan for the system upgrades). The development support will be needed by Stefan&Tomasz | IN PROGRESS | |||
| 6 | Operational team training | |||||
| Training the operational team | Development team prepares eduroam-OT is trained | TBD,over couple of VC should suffice | ||||
| 7 | Support team establishment | |||||
| Establish the support team | Level 1 will done by the SD, L2 will be over the eduroam-ot, L3 will be via the development team | DONE | ||||
| 8 | Support team training | |||||
| Training of the support team | Development team prepares eduroam-OT is trained | TBD,over couple of VC should suffice | ||||
| 9 | Deployment in production environment | |||||
| Central monitoring set up | GEANT T&I operation support/Core team | Plan A : monitoring core team Plan B can be covered by Miro - Nagios by Srce Specific monitoring need to be scribed by the development team | ON HOLD | |||
| Back up and restore | core team | ON HOLD | ||||
| Resource inventory configured | core team | ON HOLD | ||||
| VM provision | GEANT T&I operation support/Core team | Plan A: GEANT IT VMs (if in place till the end of July) Plan B: Cloud VMs (if in place till end of August) Plan C: SURFNet | ||||
| Installation of the components | ON HOLD | |||||
| Raspberry Pi for the root CA | Development team GEANT T&I operation support/Core team | Needs to be procured - Stefan will buy over Restena and claim over the project JRA3 / SA2 GEANT T&I operation support/Core team: can organise the root CA creation ceremony, and safe offline storing og the Raspberry PI (in a safe) | ||||
| stefan/miro needs to write up this in details ... | ||||||
| 10 | Service Promotion | |||||
| Web site update | PR team Development team to provide the text Marina can share a narrative template Justin to check with Karl what is prepared | Prepare all in the eduroam PR site, but publish when the production gate is passed. Web page draft at https://www.eduroam.org/eduroam-managed-idp/ A new page describing the service offering (similar to CAT). Link that new page from the NRO page and Institution page. | IN PROGRESS | |||
| Promotion of the service | Justin | Talk to Nathalie/Silvie Francisci silvie.Francisci@geant.org about the Partner Portal and getting the service in there. Promotion via the eduroam-SG, by the service manager | Emailed Nathalie 10.07.18 | |||