Versions Compared

Old Version 26

changes.mady.by.user Paul McCullough

Saved on

compared with

New Version 27

changes.mady.by.user Paul McCullough

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Until we are better staffed to administer a public facing site, we shall allow only traffic from the city and county to access the site and web services.
TODO - Will, can I ask you to do this work?

...

Hardware failures are handled by applogic. As long as we do not use too many resources on a given grid, the hardware failover is automatic.
TODO - Will, is there a way we can be notified when there is a hardware failure?

...

We will not be taking any meaures measures to detect or to mitigate a DOS attack.

...

Should we/can we enforce strong passwords?
TODO - Paul, check and see if we can do this.
Should we/can we force password changes?
TODO - Paul, check and see if we can do this.
Each year we will conduct a user account audit and disable or remove all accounts that are not in use.
DEFER

System Administration Credential Security

...

  • insure that default passwords are not used
  • insure that passwords are strong
    TODO - Paul
Viruses

We will not be scanning for viruses.

...

With each version release we will back up the entire application to a secondary data center. We will make database backups every 24 hours day and copy them to the secondary data center. Should we loose the primary data center, we will bring up the application using the most recent database backup. Performance of the application for the first day will be sluggish because the map cache will be empty/out of date. It will take overnight to reseed the map cache.

TODO - add job to completely reseed the map cache (Paul)

Database Integrity

We are using the Postgres database which is know for stability and robustness.
In any event, every 24 hours we

  • run consistency checks to insure integrity
  • run a full vacuum/analyze to guarantee good performance
  • backup the database
  • copy the backup to offsite grid
  • report any issues to application support

TODO - Paul with help from DBA and Will

Deployment practices

The MAD application includes a data server, a map server and a web server. The application deployment are managed using standard practices with 3 separate environments (DEV, QA, PROD). Changes of any sort are first tested in the DEV environment. If the tests pass, we apply the changes to QA where business users conduct testing. Only after the business users approve the changes do we release any changes to PROD. This includes everything from OS upgrades through to our own application code, minor and major.

For various legacy oriented reasons, we were unable to employ standard practices for the extract, transform, and load (ETL) processes. While this process has been coded to support DEV, QA, and PROD environments, none of the participating systems have more than a single environment. (Is this correct?) This includes each of the data servers (SFGIS, DPW, ASR). The workstation that execute the ETL is virtualized but is not backed up and has no failover plan in place. (Is this correct?)
TODO - Jeff, please do what you can to bolt this down. Add details here.

Development Practices

The software development team uses version control (Subversion), bug tracking (Jira), wiki collaboration (Confluence), all of which is hosted by Atlassian. All source code, ddl, dml, design documents, etc are stored on Atlasian. When a version is released, the repository is tagged. When bug fixes are made to production, a branch is create in the repository.

...

  • check that there are no disk space issues
  • notify application support if there are any issues
    TODO - Will, can I ask you to look at this? Paul can help.

...

Failover

...

Before we go into production and once every year, we will conduct a failover exercise to ensure that we are able to provide business continuity.
TODO - Paul

Recovery Time Objective

Without MAD, DBI will not be able to issue permits. (Is this correct?) The recovery time objective for the application is 2 hours. Hema, is this acceptable?

...

We need some wiki pages and some bodies - detailed below

user administration

TODO - Hema, can DBI help with this?

linux system admin

sfgis will do this
todo - Paul - wiki pages

postgres db admin

sfgis will do this
We should have a real DBA sign on.
todo - Paul - wiki pages

production support

sfgis will do this
todo - Paul - wiki pages