On Monitoring Diagnostics and Measurement in edu GAIN

On Monitoring, Diagnostics and Measurement in edu. GAIN and Beyond Miroslav Milinović University Computing Centre, University of Zagreb, Croatia <miro@srce. hr> Zurich, Switzerland, July 12, 2016

The problem space. . . v monitoring continuous, automated testing w to check the health of the service (or a component or a feature) w simple vs. functional w v testing on demand w to verify compliance to a standard / specification w to check the functionality w v diagnostics to resolve incidents w to enhance user experience w v measurement (statistics) facilitate maintenance / management w compute service performance indicators w

An inventory … v Wiki pages listing tools: https: //wiki. refeds. org/display/MON/Monitoring+Home w https: //wiki. geant. org/display/gn 41 sa 5/SAML+Testing+Tool+Comparison w … w v Web pages with tools collections: http: //fed-lab. org/ w www. edugain. org/technical w … w v The tools we know about: w w w w w edu. GAIN Access Check Service (EACS) https: //access-check. edugain. org/ edu. GAIN Connectvity Check Service (ECCS) https: //technical. edugain. org/eccs/ edu. GAIN is. Federated Check Service (IFCS) https: //wiki. edugain. org/is. Federated. Check/ edu. GAIN Attribute Release Check Service (EARCS) http: //earc. eduid. hu/ Co. Co monitor (+on demand check) https: //monitor. edugain. org/coco SAML and OIDC testing tools (Roland Hedberg / fed-lab) MET ? F-Ticks (eduroam, SWAMID, AAI@Edu. Hr) …

Proposal for monitoring and testing v Build a web page (portal/catalogue) w list all recognized tools • • w grouped according to the purpose and scope basic info/description Link to appropriate tool page/service (if in place) link to SW repository (if available) use fed-lab. org or edugain. org or refeds. org ? • currently we have too many pages that list tools v Identify the missing tools and build them

Measurement and statistics v Some work has been done: w http: //www. geant. org/Resources/Documents/Issues%20 and%20 Solutions%20 for %20 SAML%20 Identity%20 Federation%20 Statistics. pdf w F-ticks based tools • https: //tools. ietf. org/html/draft-johansson-fticks-00 • https: //portal. nordu. net/display/SWAMID/SAML+f-ticks+for+Shibboleth • SSP tool internally used by AAI@Edu. Hr may be used … w Other tools • RAPTOR • AMAAIS • …

Proposal for measurement and statistics v v Step 1: w Standardise the F-ticks (aka log entry) format w Finish the work on f-ticks RFC Step 2: w Build the edu. GAIN F-ticks service (based on positive experience and tools of eduroam, AAI@Edu. Hr, SWAMID, …) • Ticks – will be sent by the Id. Ps (even one per federation can sufice in pilot phase? ) – can be collected by more than one aggregator • Aggregator – Will provide public stats (popular SPs per Id. P, popular Id. Ps per SP, …) – Will provide additional stats for Id. P/SP » Stats of failed AA might be used for diagnostics • Value for actors (Id. Ps in particular) – ready to consume measurement dana – Logs in f-ticks format might be processed with other (common) tools