EGI - tools and solutions for federated service management

Presenter: Diego Scardaci, EGI Foundation/INFN

EGI
The EGI Core platform is the layer of the EGI infrastructure that provides all the operational tools and processes in compliance with the FitSM service management standard such as the service catalogue, monitoring, accounting, information service, the helpdesk, operations support, security coordination, etc.
All these services and processes have reached a good level of maturity and are continuously evolved according to the latest enhancements of the technology and the requirements collected by resource providers and user communities. In the following, the EGI AAI CheckIn service, the service catalogue, the accounting system and the monitoring engine are detailed.

The EGI AAI CheckIn Service enables research communities to access the EGI services in a user-friendly way, while preserving security and user privacy. Researchers from home organizations that participate in one of the eduGAIN federations are able to access the EGI services using the same credentials they are using at their home organization. Furthermore, the EGI AAI CheckIn Service supports user authentication with social media identities, enabling even those users who do not have a federated account at a home organization (such as many users that belong to the “Long Tail of Science”), to be able to access the EGI services in a seamless way without compromising the security of the EGI platform. The EGI AAI CheckIn service can connect to existing community based AAIs and it can be offered as an “Identity Access Management as a Service” to those communities, which do not have or do not want to operate their own AAIs.

The service catalogue feature is offered by the GOCDB, a central registry to record information about the topology of an e-Infrastructure. It is currently used by EGI, WLCG, and EUDAT. Information includes entities such as Operations Centres, Resource Centres, service endpoints and their downtimes, contact information and roles of users responsible for operations at different levels. The service enforces a number of business rules and defines different grouping mechanisms and object-tagging for the purposes of fine-grained resource filtering. A role-based permissions model allows resource owners to manage their own resources user roles. Both a user facing web interface and a read programmatic interface are provided. A write programmatic interface is currently under development. The EGI instance of GOCDB can be found at https://goc.egi.eu/portal/, whilst the source code can be viewed on GitHub.

APEL is the EGI accounting tool that collects resource usage accounting data from sites participating in the EGI and WLCG infrastructures as well as from sites belonging to other organisations that collaborate with EGI, including OSG. Accounting information is gathered from different sensors into a central accounting repository where it is processed to generate statistical summaries that are available through the EGI Accounting Portal. Statistics are available for viewing at different levels of detail by Users, VO Managers, Site Administrators and anonymous users according to well-defined access rights. More information is available from the EGI wiki (https://wiki.egi.eu/wiki/Accounting_Repository) and the source code is available on GitHub (https://github.com/apel/apel).

The EGI Availability and Reliability Monitoring Service monitors and tracks Service Availability, Reliability and SLA metrics for all services on the EGI platform. It is implemented on top of the ARGO Framework, which comprises a Monitoring Engine, the Messaging Service, the Consumer Service, the Compute Engine, the Web API and the Visualisation Engine. Through the integration with the EGI GOCDB, the EGI Availability and Reliability Monitoring Service automatically tracks any service changes and is configured automatically for any new or updated services. The Messaging Service at the core of the ARGO framework is highly available, scalable and resilient and is used as the message transport layer by other EGI infrastructure services (e.g. accounting). Other notable features of the EGI Availability and Reliability Monitoring service are its support for custom monitoring and availability profiles, composite services, sites and services downtimes and custom weight factors when aggregating A/R results.