Security and Maintenance Planning and Procedures - Githubissues

lsst-uk / somerville-operations

User issue reporting and tracking for the Somerville Cloud

0 stars 0 forks source link

Security and Maintenance Planning and Procedures #12

Open astrodb opened 2 years ago

astrodb commented 2 years ago

Plan and document the maintenance schedule (issues for tracking, docs on Somerville wiki)

Rolling OS updates
Instance vulnerability scans
OpenStack service upgrades
Ceph service upgrades

astrodb commented 2 years ago

Rolling OS updates will be done once a month as soon as we have sufficient capacity for migrating instances
Chatting to RAL about what they use, waiting to hear back
Upgrade in November?
Ceph will be updated in 18 months, jumping up 2 versions.

astrodb commented 2 years ago

Scheduled at-risk period will be last Wednesday of each month.

Need to update user wiki docs.

astrodb commented 1 year ago

Meeting with David Crooks last week of March to discuss policies and procedures.

astrodb commented 1 year ago

Find security tool from RAL for scanning OS images on upload.

astrodb commented 1 year ago

Trivy - scan images

astrodb commented 1 year ago

Ask specific questions to Donald Scobbie EIDF

astrodb commented 1 year ago

Started a basic explanation of Somerville security here: https://lsst-uk.atlassian.net/wiki/spaces/LUSC/pages/3225944065/Somerville+Security

astrodb commented 1 year ago

Awaiting word from StackHPC on updated deployment of intrustion detection and service monitoring

astrodb commented 10 months ago

Met with David Crooks, and sounds like we are following IRIS guidelines. Plans for a meeting of cloud providers to discuss site practices is in the works for Q2-3 next year.

Waiting on discussion with StackHPC about intrusion detecting and service monitoring once we're on Antelope.