EUDAT - tools and solutions for federated service management
Wednesday, September 28, 2016 - 14:00
Presenter: Johannes Reetz, EUDAT
The EUDAT Collaborative Data Infrastructure (CDI) is a network of collaborating, cooperating centres, combining the richness of numerous data repositories that hold data specific to particular research disciplines with the permanence of some of Europe’s largest data and computing centres for research. Since 2011 EUDAT has operated the CDI as a federation of thematic and generic service providers and implemented a service management framework covering most of the 14 structured FitSM service management processes. In this context central services and operational tools are employed that have been either developed or which are adaptations of existing solutions used and developed by other infrastructures. Beside of the federated Identity and Access Management solution (B2ACCESS) these service management tools comprise, among others, the Data Project and CDI Configuration Management Tool DPMT (based on PLONE), the Service Portfolio and SLA management tool SPMT, the CDI Configuration Information Service (currently based on the GOCDB), the A&R Monitoring system based on ARGO, a Storage Usage Accounting system, a Helpdesk service that uses a Trouble Ticketing System and a Data Project Consultancy Service that uses the DPMT. In our contribution to the session we will highlight a few of these tools which may be of particular interest.
DPMT. The Data Project Management Tool (DPMT) registers Service Providers and their Service Component and Resources offers as well as the Customers and Data Project Requests. The Service Catalogue (via an interface to the SPMT, see below) is used by the Service Providers to choose those services and service components which they can offer or which have to be installed in the course of the implementation of a Data Project; and Customers, supported by CDI consultants, can select the services from the catalogue which are useful for implementing their Data Project. A Data Project can be viewed as a particular service instance as deployed and tailored for a particular user community.
The Data Project Management Tool is a “drop-in” replacement for the GOCDB. It captures details of all resources, service endpoints and particular configurations deployed in support of individual communities’ data management requirements.
SPMT. EUDAT has defined a Service Portfolio Management process (SPM) which formalizes the management of its various IT services, along with their performance and support features reflected in SLAs. EUDAT uses a new developed Service Portfolio/Catalogue Management tool (SPMT) that provides interfaces (API and a GUI) to the database that stores the service portfolio information and makes it available for other management tools, particularly the DPMT. The SPMT stores service descriptions in some detail, including relevant implementation and configuration details about service components. In this way the SPMT informs other interested systems within the infrastructure about actual supported software versions and the service component configuration parameters as defined by the service developers. We will briefly discuss the functionality of the SPMT in the context of federated service management and describe the workflow in combination with the DPMT.
Availability and Reliability Monitoring. The EUDAT Monitoring Service monitors the status, availability and reliability of the distributed customer-facing “B2”-Service instances which are configured per community Data Project. In the session, we briefly present how EUDAT has implemented its monitoring service using the ARGO monitoring framework in connection with service configuration information from the DPMT which provides the GOCDB-compatible RESTful API that ARGO needs. We will outline the challenges and will make suggestions for a cross-e-Infrastructure service availability monitoring.
B2ACCESS. EUDAT’s common central authentication and authorisation service developed by EUDAT on top of the Unity Identity Management framework. B2ACCESS simplifies both service management and user interaction with EUDAT services by offering multiple-credential single sign-on which can be integrated straightforwardly with any service. B2ACCESS supports multiple technologies to integrate external IdPs: (1) SAML, (2) OAuth2 and OpenID Connect, (3) X.509 certificate, (4) ldap, and (5) username/password. From the service provider perspective B2ACCESS supports multiple technologies to integrate backend services: (1) SAML, (2) OAuth2 and (3) X.509. Users have the freedom to sign in with institutional, social or individual credentials; service managers can connect their services into B2ACCESS using authentication mechanisms supported naturally by the service software components.