stoney maintenance: OpenLDAP directory data organisation

From stoney cloud
Revision as of 12:21, 11 April 2021 by Michael (Talk | contribs)


Jump to: navigation, search

Abstract

This document describes the OpenLDAP directory data organisation for the stoney maintenance service.

Data Organisation

The following chapters explain the data organisation of the stoney cloud OpenLDAP directory, in this case we looking at the stoney maintenance service.

Maintenance

The following LDIF shows the maintenance entry of the whole OpenLDAP directory tree for the stoney cloud:

dn: ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
ou: maintenance
description: The sub tree for the maintenance (configuration management) service.

Maintenance - Configuration

The sub tree for the configuration of the maintenance service:

dn: ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
ou: configuration
description: The sub tree for the configuration of the maintenance service.

Maintenance - Configuration - Reseller

The sub tree for the reseller specific maintenance service settings:

dn: ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
ou: reseller
description: The sub tree for the reseller specific maintenance service settings.

The sub tree for the specific maintenance service settings for the reseller Reseller Ltd. with the uid 4000000.

dn: uid=4000000,ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: sstReseller
objectclass: sstServiceConfigurationObjectClass
uid: 4000000
o: Reseller Ltd.
description: The sub tree for the specific maintenance service settings for the reseller Reseller Ltd. with the uid 4000000.
sstIsCompany: TRUE
sstIsActive: TRUE
sstIsDefault: TRUE
sstBelongsToResellerUID: 4000000

The following table describes the different attributes:

Attribute
Existence
Mandatory
Self-Service
Changeable
Description
uid
MUST
x
A unique integer value with 7 digits or more. For example: 4000000.
o
MUST
x
The company name, for example: Reseller Ltd..
description
MAY
x
The description of the leaf.
sstIsCompany
MUST
x
Is the entry a company? Either true (yes) or false (no).
sstIsActive
MUST
x
Is the entry active? Either TRUE (yes) or FALSE (no).
sstIsDefault
MAY
Contains the leaf a default entry? Either TRUE (yes) or FALSE (no). If sstIsDefault is set to TRUE, this entry acts as a fall back configuration. In other words: If a reseller doesn't have his own maintenance service configuration, then this on will be used.
sstBelongsToResellerUID
MUST
x
Stores the reseller UID the leaf belongs to. A unique value with 7 digits or more. For example: 4000000.

Legend:

  • x: Mandatory in all cases.

Maintenance - Configuration - Reseller - Defaults

This sub tree stores the default settings for the stoney maintenance service for the reseller Reseller Ltd. with the uid 4000000.

The configuration below tells us the following:

  • We have a maintenance window range (as sstCronMinuteEnd and sstCronHourEnd are set).
  • The maintenance window is executed every 2nd Tuesday of every month.
  • The maintenance windows can start a 09:30 and must end at 13:45 and takes 1 hour (60 minutes).
  • A reminder will be sent to 'Support stepping stone AG <support@stepping-stone.ch>'.

The lookup of the default settings for the stoney maintenance service is as follows:

  1. Service roles: ou=defaults,ou=stoney_office,ou=roles,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  2. OpenStack project: ou=defaults,uid=4100000,ou=projects,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  3. Customer: ou=defaults,uid=4000001,ou=customers,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  4. Reseller: ou=defaults,uid=4000000,ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.

For example: If no maintenance values or only a subset of maintenance values are set by the provisioning api (or provisioning script), an missing values are first looked up in the service roles sub tree. If there are still missing values, the next lookup occurs in the OpenStack project subtree. Once again, if there are still missing values, the next lookup occurs in the customer sub tree. If there are still missing values, the final lookup occurs in the reseller sub tree. If there are still missing values, the provisioning api (or provisioning script) must inform the calling instance (this would normally be a human).

dn: ou=defaults,uid=4000000,ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
objectclass: sstMaintenanceDefaultsObjectClass
objectclass: sstNotificationObjectClass
objectclass: sstRelationship
ou: defaults
description: This sub tree stores the default settings for the stoney maintenance service for the reseller Reseller Ltd. with the uid 4000000.
sstIsActive: TRUE                       # MUST: The default is always TRUE, otherwise why bother? 
sstServicePriority: 3                   # MAY: We always set this, in case sstServiceAutomated is set to FALSE (as a fall-back position)
sstServiceAutomated: TRUE               # MAY: Depending on the reseller, we either have TRUE or FALSE. If sstServiceAutomated is not set, we presume FALSE
sstCronRepeatType: monthly              # MAY: repeat type is monthly
sstCronInterval: 1                      # MAY: repeat every month
sstCronOccurrenceInMonth: 2             # MAY: second occurence
sstCronDayOfWeek: 2                     # MAY: Tuesday
sstCronMinute: 30                       # MAY: 30 Minutes past the hour
sstCronMinuteEnd: 45                    # MAY: 45 Minutes past the hour (new attribute, for if we have a range: 09:30 - 13:45)
sstCronHour: 9                          # MAY: 9 am
sstCronHourEnd: 13                      # MAY: 1 pm (new attribute, for if we have a range: 09:30 - 13:45)  
sstCronDuration: 60                     # MAY: 60 minutes (one hour)
sstNotificationWarning: reminder        # MAY: We alway set this (Multi-valued attribute).
sstInformPersonUID: 1000482             # MAY: Support stepping stone AG (support@stepping-stone.ch)
sstResponsiblePersonUID: 1000482        # MAY: Support stepping stone AG (support@stepping-stone.ch)
sstResponsibleDeputyPersonUID: 1000482  # MAY: Support stepping stone AG (support@stepping-stone.ch)
sstBelongsToResellerUID: 4000000
sstBelongsToCustomerUID: 4000001

The following table describes the different attributes:

Attribute Objectclass
Existence
Mandatory
Description
description sstMaintenanceDefaultsObjectClass
MAY
x
The description of the leaf.
sstIsActive sstMaintenanceDefaultsObjectClass
MAY
x
Is the entry active? Either TRUE (yes) or FALSE (no).
sstServicePriority sstMaintenanceDefaultsObjectClass
MAY
x
The maintenance service level. The possible maintenance service levels (1, 2 or 3):
  • 3: Maintenance P3 [per Unit]: The Security Advisories will be installed once a month at the desired moment during the working hours (Monday to Friday from 09:00 - 12:00 and 13:00 - 17:00).
  • 2: Maintenance P2 [per Unit]: The Security Advisories will be installed once a month at the desired moment during the extended working hours (Monday to Friday from 07:00 - 12:00 and 13:00 - 19:00).
  • 1: Maintenance P1 [per Unit]: The Security Advisories will be installed once a month at the desired moment around the clock (Monday to Sunday from 00:00 - 24:00).

For more information on these maintenance service levels, visit stepping stone GmbH web page.

If the attribute sstServiceAutomated is set to TRUE, the sstServicePriority will be ignored. And we will have automated maintenance windows in the form of:

  • Maintenance Automated (vcs_gitlab) [per Unit]: The Security Advisories will be installed once a month at the desired moment around the clock (Monday to Sunday from 00:00 - 24:00).
sstServiceAutomated sstMaintenanceDefaultsObjectClass
MAY
A maintenance window is either executed automatically:
  • sstServiceAutomated: TRUE

or manually:

  • sstServiceAutomated: FALSE

If the attribute sstServiceAutomated does not exist, presume FALSE.

sstCronRepeatType sstMaintenanceDefaultsObjectClass
MAY
How often is a cron job to be repeated. Valid values are: daily, weekly, monthly, yearly.
sstCronInterval sstMaintenanceDefaultsObjectClass
MAY
The interval of a cron job. This attribute is dependant on the attribute sstCronRepeatType. Valid values are: 1 - 12. For example: 2 could be every two days, weeks, months or years (depending on the value of the attribute sstCronRepeatType.
sstCronOccurrenceInMonth sstMaintenanceDefaultsObjectClass
MAY
The occurence of the day in a month a cron job is to be executed. Valid values are: 1 - 4. For example: 3 would be the third occurence. If you use a value higher than 4, the calculation will fail in months, which only have 4 same days (for example February will never have 5 Mondays ...).
sstCronDayOfWeek sstMaintenanceDefaultsObjectClass
MAY
Day of week (0 - 6), where Sunday is 0. For example: 1, which means Monday.
sstCronMinute sstMaintenanceDefaultsObjectClass
MAY
The number of minutes past the hour that the maintenance window must start.

Valid values are: 0 - 59. For example: 30, which means 30 minutes past the hour.

If the attribute sstCronMinuteEnd is set, then sstCronMinute is interpreted as the start of a maintenance window minute range.

sstCronMinuteEnd sstMaintenanceDefaultsObjectClass
MAY
The number of minutes past the hour that the maintenance window must end (minus the duration defined with attribute sstCronDuration>/code>). Valid values are: <code>0 - 59.

For example: 45, which means 45 minutes past the hour.

If this attribute is set, it is interpreted as the end of a maintenance window minute range, while sstCronMinute is interpreted as the start of a maintenance window minute range.

sstCronHour sstMaintenanceDefaultsObjectClass
MAY
The hour the maintenance window must start.

Valid values are: 0 - 23. For example: 9, which means 9 am, while 17 means 5 pm.

If the attribute sstCronHourEnd is set, then sstCronMinute is interpreted as the start of a maintenance window hour range.

sstCronHourEnd sstMaintenanceDefaultsObjectClass
MAY
The hour the maintenance window must end (minus the duration defined with attribute sstCronDuration>/code>).

Valid values are: <code>0 - 23. For example: 9, which means 9 am, while 17 means 5 pm.

If this attribute is set, it is interpreted as the end of a maintenance window hour range, while sstCronHour is interpreted as the start of a maintenance window hour range.

sstCronDuration sstMaintenanceDefaultsObjectClass
MAY
The duration of the maintenance window in minutes. Valid values are: 15 - 1440 (15 minutes to 24 hours). For example: 60, which means 60 minutes (one hour).
sstNotificationWarning sstNotificationObjectClass
MAY
This multi-valued attribute will be used to turn single notifications on or off. Currently, the only allowed value is reminder. The value (name) corresponds with the template dn.
sstInformPersonUID sstRelationship
MAY
Stores the UID of the person to be informed if necessary. This UID can be used to look up the persons mail address, preferred language, name, surname or other information.
sstResponsiblePersonUID sstRelationship
MAY
Stores the UID of the person who is responsible for the system or service. This UID can be used to look up the persons mail address, preferred language, name, surname or other information.
sstResponsibleDeputyPersonUID sstRelationship
MAY
Stores the UID of the deputy of the person who is responsible for the system or service. This UID can be used to look up the persons mail address, preferred language, name, surname or other information.
sstBelongsToResellerUID sstRelationship
MAY
x
Stores the reseller UID the leaf belongs to. A unique integer value with 7 digits or more. In the case of OpenStack Domains (resellers), the value of sstBelongsToResellerUID corresponds with the value of uid.

For example: sstBelongsToResellerUID: 4000000 corresponds with uid: 4000000.

sstBelongsToCustomerUID sstRelationship
MAY
x
Stores the customer UID the leaf belongs to. A unique value with 7 digits or more, must correspond with the uid entry. Each reseller is also a customer in the LDAP directory. Therefore, the value of the attribute sstBelongsToCustomerUID should always be set to the customer UID, that reflects the reseller for the OpenStack Domains.

For example: sstBelongsToCustomerUID: 4000001.

Legend:

  • x: Mandatory in all cases.

Maintenance - Configuration - Reseller - Notification settings

The sub tree stores the notification information for the maintenance service for the reseller Reseller Ltd. with the uid 4000000. This information is used as a fallback. The lookup is as follows:

  1. Unit: uid=4000003,ou=units,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  2. Customer: ou=notifications,uid=4000001,ou=customers,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  3. Reseller: ou=notifications,uid=4000000,ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  4. Default Reseller: ou=notifications,uid=4000000,ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.

The idea is, that even if somebody forgot to define something, no maintenance window will be lost or forgotten.

dn: ou=notifications,uid=4000000,ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
objectclass: sstNotificationObjectClass
ou: notifications
description: The sub tree stores the notification information for the maintenance service for the reseller Reseller Ltd. with the uid 4000000.
sstInformPersonUID: 4000002
sstResponsiblePersonUID: 4000002
sstResponsibleDeputyPersonUID: 4000002
sstNotificationWarning: reminder

The following table describes the different attributes:

Attribute
Existence
Mandatory
Self-Service
Changeable
Description
ou
MUST
x
The name of this leaf.
description
MAY
x
The description of the leaf.
sstInformPersonUID
MAY
x
Stores the persons UID the notification will be sent to. For example: 4000002. This means the information of the person is stored under the dn: uid=4000002,ou=people,dc=stoney-cloud,dc=org.
sstResponsiblePersonUID
MAY
x
Stores the persons UID, who is responsible for the maintenance. The notification will be sent to this person. For example: 4000002. This means the information of the person is stored under the dn: uid=4000002,ou=people,dc=stoney-cloud,dc=org.
sstResponsibleDeputyPersonUID
MAY
x
Stores the UID of the deputy of the person who is responsible for the maintenance. The notification will be sent to this person. For example: 4000002. This means the information of the person is stored under the dn: uid=4000002,ou=people,dc=stoney-cloud,dc=org.
sstNotificationWarning
MAY
x
This multi-valued attribute will be used to turn single notifications on or off. Currently, the only allowed value is reminder. The value (name) corresponds with the template dn. For example: ou=reminder,ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.

Legend:

  • x: Mandatory in all cases.

Maintenance - Configuration - Reseller - Templates

This sub tree contains the notification templates for the maintenance service for the reseller Reseller Ltd. with the uid 4000000:

dn: ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
ou: templates
description: This sub tree contains the templates for the maintenance service for the reseller Reseller Ltd. with the uid 4000000.
Maintenance - Configuration - Reseller - Reminder mail templates

This sub tree contains the reminder templates for the stoney maintenance service for the reseller Reseller Ltd. with the uid 4000000:

dn: ou=reminder,ou=templates,uid=4000000,ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
objectclass: sstTemplateSetup
ou: reminder
description: This sub tree contains the reminder templates for the stoney maintenance service for the reseller Reseller Ltd. with the uid 4000000.
sstMailFrom: Support stepping stone GmbH <support@stoney-cloud.org>
sstMailTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.stoney-cloud.org/templates/services/maintenance/reminder/reminder_mail
sstMailTemplateFormatSource: txt
sstMailTemplateFormatTarget: txt
sstMailTemplateReseller: file:///var/www/selfcare/htdocs/themes/selfcare.stoney-cloud.org/templates/services/maintenance/reminder/reminder_mail_reseller
sstMailTemplateResellerFormatSource: txt
sstMailTemplateResellerFormatTarget: txt

The following table describes the different attributes:

Attribute
Existence
Mandatory
Self-Service
Changeable
Description
ou
MUST
x
description
MUST
x
sstMailFrom
MAY
x
The mail address, from which the maintenance reminder mails are sent from. For example:
  • Support stepping stone GmbH <support@stoney-cloud.org>.
sstMailTo
MAY
If this multi-valued attribute is set with one or mail address(es), then these recipients will receive the same information as the owner. Normally, this attribute is not set.
sstMailTemplate
MAY
x
The template, that is used to create the mail that is sent to the owner of the service if sstBackupWarningOn: TRUE and sstNotificationWarningMedium: mail. If the mail is not set, you must look for the mail in the owners person entry under uid=<UID>,ou=people,dc=stoney-cloud,dc=org.

For example:

  • sstTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.stoney-cloud.org/templates/services/maintenance/reminder/reminder_mail.
sstMailTemplateFormatSource
MAY
x
The format of the source template. Supported values:
  • txt
  • html

Place holder:

  • For both txt or html as a source and txt or html, the place holders have the form of {$placeholder}.

Default would normally be txt.

sstMailTemplateFormatTarget
MAY
x
The format of the target. Supported values:
  • txt
  • html
sstMailTemplateReseller
MAY
x1
The path and name to a template file, that is used to inform one or more people if the multi-valued attribute sstMailTo is set in the notifications sub tree of the reseller
  • ou=notifications,uid=<UID>,ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=foss-cloud,dc=org

and if <code>sstNotificationWarning is set to maintenance. In most cased, the attribute sstMailTo is set to the support organisation's mail address. For example:

  • sstMailTo: Support stepping stone GmbH <support@stepping-stone.ch>

This way, the support organisation will be pre-informed for when the customer should call or write.

The information the recipients will receive, is the same as the owner, but will formatted according to:

  • sstTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.stoney-cloud.org/templates/services/maintenance/reminder/reminder_mail
  • sstMailTemplateResellerFormatSource: txt
  • sstMailTemplateResellerFormatTarget: txt
sstMailTemplateResellerFormatSource
MAY
x1
The format of the source template. Supported values:
  • txt
  • html

Place holder:

  • For both txt or html as a source and txt or html, the place holders have the form of {$placeholder}.

The complete path and file name is a string concatenation of the values of the attributes sstTemplate, preferredLanguage and sstTemplateFormatSource (with a dot in between the values). For example:

  • sstTemplate: file:///var/www/selfcare/htdocs/themes/selfcare.stoney-cloud.org/templates/services/maintenance/reminder/reminder_mail_reseller
  • preferredLanguage: en-GB
  • sstTemplateFormatSource: txt

This gives us:

  • file:///var/www/selfcare/htdocs/themes/selfcare.stoney-cloud.org/templates/services/maintenance/reminder/reminder_mail_reseller.en-GB.txt

Default would normally be txt.

sstMailTemplateResellerFormatTarget
MAY
x1
The format of the target. Supported values:
  • txt
  • html

Default would normallb be txt.

Legend:

  • x: Mandatory in all cases.
  • x1: Must exist, if sstMailTo is set.

TODO: this is a copy and still needs checking / customizing.

Maintenance - Configuration - Reseller - Reminder mail templates: placeholders (txt/html)

An example:

{$system}            kvm-0003: stepping stone GmbH: Gentoo (stoney backup Server)
{$salutation}        Dear Mr.
{$surname}           Eichenberger
{$inform}            - Michael Eichenberger <michael.eichenberger@stepping-stone.ch>
{$responsible}       - Niklaus Hofer <niklaus.hofer@stepping-stone.ch>
{$deputy}            - Yannick Denzer <yannick.denzer@stepping-stone.ch>
{$maintenance_date}  2016-08-17
{$maintenance_start} 16:00
{$maintenance_end}   17:00

Optional Values:

none
Maintenance - Configuration - Reseller - Reminder mail templates: reminder_mail.de-CH.txt
Subject: Wartungsarbeiten am {$system}
{$salutation} {$surname}

Am {$maintenance_date} zwischen {$maintenance_start} und {$maintenance_end} finden 
die monatlichen Wartungsarbeiten auf Ihrem Server {$system} statt.

Dabei werden diverse Sicherheitsrisiken behoben.

Während den Wartungsarbeiten kann es zu kurzen Unterbrüchen der Services kommen.

Nach Abschluss der Wartungsarbeiten werden wir Sie nochmals benachrichtigen.

Diese Information geht an:
{$inform}
Falls Sie dieses Wartungsfenster nicht durchführen wollen, bitten wir Sie uns 
telefonisch darüber zu informieren.

Für Fragen stehen wir Ihnen gerne zur Verfügung.


Mit besten Grüssen,

Das Support-Team der stepping stone AG

--
stepping stone AG
Wasserwerkgasse 7
CH-3011 Bern

Telefon: +41 31 332 53 63
www.stepping-stone.ch
support@stepping-stone.ch
Maintenance - Configuration - Reseller - Reminder mail templates: reminder_mail.en-GB.txt
Subject: Maintenance Work for {$system}
{$salutation} {$surname}

The monthly maintenance window for {$system} will be held on the {$maintenance_date} 
between {$maintenance_start} and {$maintenance_end}.

Several security risks will be removed.

Short interruptions of the services can occur during the maintenance window.

We will inform you after the successful completion of the maintenance work.

This information goes to:
{$inform}
If you do not wish to perform this maintenance window, please let us know by 
telephone.

If you have any questions do not hesitate to contact us.


With best regards,

Your stepping stone AG support team

--
stepping stone AG
Wasserwerkgasse 7
CH-3011 Bern

Telefon: +41 31 332 53 63
www.stepping-stone.ch
support@stepping-stone.ch
Maintenance - Configuration - Reseller - Reminder mail templates: reminder_mail_reseller.de-CH.txt
Subject: Wartungsarbeiten am {$system}
{$salutation} {$surname}

Am {$maintenance_date} zwischen {$maintenance_start} und {$maintenance_end} finden 
die monatlichen Wartungsarbeiten auf Ihrem Server {$system} statt.

Verantwortlich für dieses System:
{$responsible}
Stellvertretung:
{$deputy}
Nach Abschluss der Wartungsarbeiten, bitte folgende Persone(n) informieren:
{$inform}

Mit besten Grüssen,

Das Support-Team der stepping stone AG

--
stepping stone AG
Wasserwerkgasse 7
CH-3011 Bern

Telefon: +41 31 332 53 63
www.stepping-stone.ch
support@stepping-stone.ch
Maintenance - Configuration - Reseller - Reminder mail templates: reminder_mail_reseller.en-GB.txt
Subject: Maintenance Work for {$system}
{$salutation} {$surname}

The monthly maintenance window for {$system} will be held on the {$maintenance_date} 
between {$maintenance_start} and {$maintenance_end}.

Responsible for this system:
{$responsible}
Deputy:
{$deputy}
After the successful completion of the maintenance work, please inform the following 
person/people:
{$inform}

With best regards,

Your stepping stone AG support team
--
stepping stone AG
Wasserwerkgasse 7
CH-3011 Bern

Telefon: +41 31 332 53 63
www.stepping-stone.ch
support@stepping-stone.ch

Maintenance - Configuration - Customers

The sub tree for the customers specific maintenance service settings:

dn: ou=customers,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
ou: customer
description: The sub tree for the customer specific maintenance service settings.

The sub tree for the specific maintenance service settings for the customer Customer Ltd. with the uid 4000001.

dn: uid=4000001,ou=customers,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: sstCustomer
objectclass: sstRelationship
objectclass: sstServiceConfigurationObjectClass
uid: 4000001
o: Customer Ltd.
description: The sub tree for the specific maintenance service settings for the customer Customer Ltd. with the uid 4000001.
sstIsCompany: TRUE
sstIsActive: TRUE
sstBelongsToResellerUID: 4000000
sstBelongsToCustomerUID: 4000001

The following table describes the different attributes:

Attribute
Existence
Mandatory
Self-Service
Changeable
Description
uid
MUST
x
A unique integer value with 7 digits or more. For example: 4000001.
o
MUST
x
The company name, for example: Customer Ltd..
description
MAY
x
The description of the leaf.
sstIsCompany
MUST
x
Is the entry a company? Either true (yes) or false (no).
sstIsActive
MUST
x
Is the entry active? Either TRUE (yes) or FALSE (no).
sstBelongsToResellerUID
MUST
x
Stores the reseller UID the leaf belongs to. A unique value with 7 digits or more. For example: 4000000.
sstBelongsToResellerUID
MAY
x
Stores the customer UID the leaf belongs to. A unique value with 7 digits or more. For example: 4000001.

Legend:

  • x: Mandatory in all cases.

Maintenance - Configuration - Customers - Defaults

This sub tree stores the default settings for the stoney maintenance service for the customer Customer Ltd. with the uid 4000001.

The configuration below tells us the following:

  • We have a maintenance window range (as sstCronMinuteEnd and sstCronHourEnd are set).
  • The maintenance window is executed every 2nd Tuesday of every month.
  • The maintenance windows can start a 09:30 and must end at 13:45 and takes 1 hour (60 minutes).
  • A reminder will be sent to 'Support stepping stone AG <support@stepping-stone.ch>'.

The lookup of the default settings for the stoney maintenance service is as follows:

  1. Service roles: ou=defaults,ou=stoney_office,ou=roles,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  2. OpenStack project: ou=defaults,uid=4100000,ou=projects,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  3. Customer: ou=defaults,uid=4000001,ou=customers,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  4. Reseller: ou=defaults,uid=4000000,ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.

For example: If now default values or only a subset of default values can be found in the 'OpenStack project' sub tree, another lookup must be executed in the 'Customer' sub tree. If we still have missing default values, repeat the lookup in the 'Reseller' sub tree. If we still have missing values, these must be filled out by the user.

dn: ou=defaults,uid=4000001,ou=customers,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
objectclass: sstMaintenanceDefaultsObjectClass
objectclass: sstNotificationObjectClass
objectclass: sstRelationship
ou: defaults
description: This sub tree stores the default settings for the stoney maintenance service for the customer Customer Ltd. with the uid 4000001.
sstIsActive: TRUE                       # MUST: The default is always TRUE, otherwise why bother? 
sstServicePriority: 3                   # MAY: We always set this, in case sstServiceAutomated is set to FALSE (as a fall-back position)
sstServiceAutomated: TRUE               # MAY: Depending on the reseller, we either have TRUE or FALSE. If sstServiceAutomated is not set, we presume FALSE
sstCronRepeatType: monthly              # MAY: repeat type is monthly
sstCronInterval: 1                      # MAY: repeat every month
sstCronOccurrenceInMonth: 2             # MAY: second occurence
sstCronDayOfWeek: 2                     # MAY: Tuesday
sstCronMinute: 30                       # MAY: 30 Minutes past the hour
sstCronMinuteEnd: 45                    # MAY: 45 Minutes past the hour (new attribute, for if we have a range: 09:30 - 13:45)
sstCronHour: 9                          # MAY: 9 am
sstCronHourEnd: 13                      # MAY: 1 pm (new attribute, for if we have a range: 09:30 - 13:45)  
sstCronDuration: 60                     # MAY: 60 minutes (one hour)
sstNotificationWarning: reminder        # MAY: We alway set this (Multi-valued attribute).
sstInformPersonUID: 1000482             # MAY: Support stepping stone AG (support@stepping-stone.ch)
sstResponsiblePersonUID: 1000482        # MAY: Support stepping stone AG (support@stepping-stone.ch)
sstResponsibleDeputyPersonUID: 1000482  # MAY: Support stepping stone AG (support@stepping-stone.ch)
sstBelongsToResellerUID: 4000000
sstBelongsToCustomerUID: 4000001

The following table describes the different attributes:

Attribute Objectclass
Existence
Mandatory
Description
description sstMaintenanceDefaultsObjectClass
MAY
x
The description of the leaf.
sstIsActive sstMaintenanceDefaultsObjectClass
MAY
x
Is the entry active? Either TRUE (yes) or FALSE (no).
sstServicePriority sstMaintenanceDefaultsObjectClass
MAY
x
The maintenance service level. The possible maintenance service levels (1, 2 or 3):
  • 3: Maintenance P3 [per Unit]: The Security Advisories will be installed once a month at the desired moment during the working hours (Monday to Friday from 09:00 - 12:00 and 13:00 - 17:00).
  • 2: Maintenance P2 [per Unit]: The Security Advisories will be installed once a month at the desired moment during the extended working hours (Monday to Friday from 07:00 - 12:00 and 13:00 - 19:00).
  • 1: Maintenance P1 [per Unit]: The Security Advisories will be installed once a month at the desired moment around the clock (Monday to Sunday from 00:00 - 24:00).

For more information on these maintenance service levels, visit stepping stone GmbH web page.

If the attribute sstServiceAutomated is set to TRUE, the sstServicePriority will be ignored. And we will have automated maintenance windows in the form of:

  • Maintenance Automated (vcs_gitlab) [per Unit]: The Security Advisories will be installed once a month at the desired moment around the clock (Monday to Sunday from 00:00 - 24:00).
sstServiceAutomated sstMaintenanceDefaultsObjectClass
MAY
A maintenance window is either executed automatically:
  • sstServiceAutomated: TRUE

or manually:

  • sstServiceAutomated: FALSE

If the attribute sstServiceAutomated does not exist, presume FALSE.

sstCronRepeatType sstMaintenanceDefaultsObjectClass
MAY
How often is a cron job to be repeated. Valid values are: daily, weekly, monthly, yearly.
sstCronInterval sstMaintenanceDefaultsObjectClass
MAY
The interval of a cron job. This attribute is dependant on the attribute sstCronRepeatType. Valid values are: 1 - 12. For example: 2 could be every two days, weeks, months or years (depending on the value of the attribute sstCronRepeatType.
sstCronOccurrenceInMonth sstMaintenanceDefaultsObjectClass
MAY
The occurence of the day in a month a cron job is to be executed. Valid values are: 1 - 4. For example: 3 would be the third occurence. If you use a value higher than 4, the calculation will fail in months, which only have 4 same days (for example February will never have 5 Mondays ...).
sstCronDayOfWeek sstMaintenanceDefaultsObjectClass
MAY
Day of week (0 - 6), where Sunday is 0. For example: 1, which means Monday.
sstCronMinute sstMaintenanceDefaultsObjectClass
MAY
The number of minutes past the hour that the maintenance window must start.

Valid values are: 0 - 59. For example: 30, which means 30 minutes past the hour.

If the attribute sstCronMinuteEnd is set, then sstCronMinute is interpreted as the start of a maintenance window minute range.

sstCronMinuteEnd sstMaintenanceDefaultsObjectClass
MAY
The number of minutes past the hour that the maintenance window must end (minus the duration defined with attribute sstCronDuration>/code>). Valid values are: <code>0 - 59.

For example: 45, which means 45 minutes past the hour.

If this attribute is set, it is interpreted as the end of a maintenance window minute range, while sstCronMinute is interpreted as the start of a maintenance window minute range.

sstCronHour sstMaintenanceDefaultsObjectClass
MAY
The hour the maintenance window must start.

Valid values are: 0 - 23. For example: 9, which means 9 am, while 17 means 5 pm.

If the attribute sstCronHourEnd is set, then sstCronMinute is interpreted as the start of a maintenance window hour range.

sstCronHourEnd sstMaintenanceDefaultsObjectClass
MAY
The hour the maintenance window must end (minus the duration defined with attribute sstCronDuration>/code>).

Valid values are: <code>0 - 23. For example: 9, which means 9 am, while 17 means 5 pm.

If this attribute is set, it is interpreted as the end of a maintenance window hour range, while sstCronHour is interpreted as the start of a maintenance window hour range.

sstCronDuration sstMaintenanceDefaultsObjectClass
MAY
The duration of the maintenance window in minutes. Valid values are: 15 - 1440 (15 minutes to 24 hours). For example: 60, which means 60 minutes (one hour).
sstNotificationWarning sstNotificationObjectClass
MAY
This multi-valued attribute will be used to turn single notifications on or off. Currently, the only allowed value is reminder. The value (name) corresponds with the template dn.
sstInformPersonUID sstRelationship
MAY
Stores the UID of the person to be informed if necessary. This UID can be used to look up the persons mail address, preferred language, name, surname or other information.
sstResponsiblePersonUID sstRelationship
MAY
Stores the UID of the person who is responsible for the system or service. This UID can be used to look up the persons mail address, preferred language, name, surname or other information.
sstResponsibleDeputyPersonUID sstRelationship
MAY
Stores the UID of the deputy of the person who is responsible for the system or service. This UID can be used to look up the persons mail address, preferred language, name, surname or other information.
sstBelongsToResellerUID sstRelationship
MAY
x
Stores the reseller UID the leaf belongs to. A unique integer value with 7 digits or more. In the case of OpenStack Domains (resellers), the value of sstBelongsToResellerUID corresponds with the value of uid.

For example: sstBelongsToResellerUID: 4000000 corresponds with uid: 4000000.

sstBelongsToCustomerUID sstRelationship
MAY
x
Stores the customer UID the leaf belongs to. A unique value with 7 digits or more, must correspond with the uid entry. Each reseller is also a customer in the LDAP directory. Therefore, the value of the attribute sstBelongsToCustomerUID should always be set to the customer UID, that reflects the reseller for the OpenStack Domains.

For example: sstBelongsToCustomerUID: 4000001.

Legend:

  • x: Mandatory in all cases.

Maintenance - Configuration - Customers - Notification settings

The sub tree stores the notification information for the maintenance service for the customer Customer Ltd. with the uid 4000001. This information is used as a fallback. The lookup is as follows:

  1. Unit: uid=4000003,ou=units,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  2. Customer: ou=notifications,uid=4000001,ou=customers,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  3. Reseller: ou=notifications,uid=4000000,ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  4. Default Reseller: ou=notifications,uid=4000000,ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.

The idea is, that even if somebody forgot to define something, no maintenance window will be lost or forgotten.

dn: ou=notifications,uid=4000001,ou=customers,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
objectclass: sstNotificationObjectClass
ou: notifications
description: The sub tree stores the notification information for the maintenance service for the customer Customer Ltd. with the uid 4000001.
sstInformPersonUID: 4000002
sstResponsiblePersonUID: 4000002
sstResponsibleDeputyPersonUID: 4000002
sstNotificationWarning: reminder

The following table describes the different attributes:

Attribute
Existence
Mandatory
Self-Service
Changeable
Description
ou
MUST
x
The name of this leaf.
description
MAY
x
The description of the leaf.
sstInformPersonUID
MAY
x
Stores the persons UID the notification will be sent to. For example: 4000002. This means the information of the person is stored under the dn: uid=4000002,ou=people,dc=stoney-cloud,dc=org.
sstResponsiblePersonUID
MAY
x
Stores the persons UID, who is responsible for the maintenance. The notification will be sent to this person. For example: 4000002. This means the information of the person is stored under the dn: uid=4000002,ou=people,dc=stoney-cloud,dc=org.
sstResponsibleDeputyPersonUID
MAY
x
Stores the UID of the deputy of the person who is responsible for the maintenance. The notification will be sent to this person. For example: 4000002. This means the information of the person is stored under the dn: uid=4000002,ou=people,dc=stoney-cloud,dc=org.
sstNotificationWarning
MAY
x
This multi-valued attribute will be used to turn single notifications on or off. Currently, the only allowed value is reminder. The value (name) corresponds with the template dn. For example: ou=reminder,ou=templates,uid=4000001,ou=customers,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.

Legend:

  • x: Mandatory in all cases.

Maintenance - Configuration - Customers - Templates

This sub tree contains the notification templates for the maintenance service for the customer Customer Ltd. with the uid 4000001:

dn: ou=templates,uid=4000001,ou=customers,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
ou: templates
description: This sub tree contains the templates for the maintenance service for the customer Customer Ltd. with the uid 4000001.

Maintenance - Configuration - OpenStack projects

The sub tree for the OpenStack projects specific maintenance service settings:

dn: ou=projects,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
ou: projects
description: The sub tree for the OpenStack projects specific maintenance service settings.

The sub tree for the specific maintenance service settings for the OpenStack project Customer Ltd. - Public Systems with the uid 4100001.

dn: uid=4100001,ou=projects,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: sstOpenStackProject
objectclass: sstRelationship
uid: 4100001
sstOpenStackId: 9ecb5bfdd4564f6ca52bba1e869eeea4
sstOpenStackName: Customer Ltd. - Public Systems
description: The sub tree for the specific maintenance service settings for the OpenStack project 'Customer Ltd. - Public Systems' with the uid 4100001.
sstIsActive: TRUE
sstBelongsToDomainID: b01822477be64c09950022486300c59c
sstBelongsToResellerUID: 4000000
sstBelongsToCustomerUID: 4000001

The following table describes the different attributes: The following table describes the different attributes:

Attribute Objectclass
Existence
Mandatory
Description
uid sstOpenStackProject
MUST
x
A unique integer value with 7 digits or more. In the case of OpenStack Domains (resellers), the value of uid corresponds with the value of sstBelongsToResellerUID.

For example: uid: 4000000 corresponds with sstBelongsToResellerUID: 4000000.

sstOpenStackId sstOpenStackProject
MAY
x
The OpenStack project id as returned from the OpenStack API.

For example: "id" : "5a3a4fd5d6e94a87815131be42d8e6d9". This gives us the LDAP entry: sstOpenStackId: 5a3a4fd5d6e94a87815131be42d8e6d9.

sstOpenStackName sstOpenStackProject
MAY
x
The OpenStack project name as returned from the OpenStack API.

For example: "name" : "Customer Ltd. - Public Systems". This gives us the LDAP entry: sstOpenStackName: Customer Ltd. - Public Systems.

description sstOpenStackProject
MAY
x
The description of the leaf.

For example: The sub tree for the specific maintenance service settings for the OpenStack project 'Customer Ltd. - Public Systems' with the uid 4100001.

sstIsActive sstOpenStackProject
MUST
x
Is the entry active? Either TRUE (yes) or FALSE (no).

The default value is TRUE.

sstBelongsToDomainID sstOpenStackProject
MUST
x
The OpenStack domain id the project belongs to.

For example: sstBelongsToDomainID: b01822477be64c09950022486300c59c.

sstBelongsToResellerUID sstRelationship
MAY
x
Stores the reseller UID the leaf belongs to. A unique integer value with 7 digits or more. In the case of OpenStack Domains (resellers), the value of sstBelongsToResellerUID corresponds with the value of uid.

For example: sstBelongsToResellerUID: 4000000 corresponds with uid: 4000000.

sstBelongsToCustomerUID sstRelationship
MAY
x
Stores the customer UID the leaf belongs to. A unique value with 7 digits or more, must correspond with the uid entry. Each reseller is also a customer in the LDAP directory. Therefore, the value of the attribute sstBelongsToCustomerUID should always be set to the customer UID, that reflects the reseller for the OpenStack Domains.

For example: sstBelongsToCustomerUID: 4000001.

Legend:

  • x: Mandatory in all cases.

Maintenance - Configuration - OpenStack projects - Defaults

This sub tree stores the default settings for the stoney maintenance service for the OpenStack project 'Customer Ltd. - Internal Systems' with OpenStack id '5a3a4fd5d6e94a87815131be42d8e6d9' and with the OpenStack project uid '4000001'.

The configuration below tells us the following:

  • We have a maintenance window range (as sstCronMinuteEnd and sstCronHourEnd are set).
  • The maintenance window is executed every 2nd Tuesday of every month.
  • The maintenance windows can start a 09:30 and must end at 13:45 and takes 1 hour (60 minutes).
  • A reminder will be sent to 'Support stepping stone AG <support@stepping-stone.ch>'.

The lookup of the default settings for the stoney maintenance service is as follows:

  1. Service roles: ou=defaults,ou=stoney_office,ou=roles,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  2. OpenStack project: ou=defaults,uid=4100000,ou=projects,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  3. Customer: ou=defaults,uid=4000001,ou=projects,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.
  4. Reseller: ou=defaults,uid=4000000,ou=reseller,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org.

For example: If now default values or only a subset of default values can be found in the 'OpenStack project' sub tree, another lookup must be executed in the 'Customer' sub tree. If we still have missing default values, repeat the lookup in the 'Reseller' sub tree. If we still have missing values, these must be filled out by the user.

dn: ou=defaults,uid=4000001,ou=projects,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
objectclass: sstMaintenanceDefaultsObjectClass
objectclass: sstNotificationObjectClass
objectclass: sstRelationship
ou: defaults
description: This sub tree stores the default settings for the stoney maintenance service for the OpenStack project 'Customer Ltd. - Internal Systems' with OpenStack id '5a3a4fd5d6e94a87815131be42d8e6d9' and with the OpenStack project uid '4000001'.
sstIsActive: TRUE                       # MAY: The default is always TRUE, otherwise why bother? 
sstServicePriority: 3                   # MAY: We always set this, in case sstServiceAutomated is set to FALSE (as a fall-back position)
sstServiceAutomated: TRUE               # MAY: Depending on the reseller, we either have TRUE or FALSE. If sstServiceAutomated is not set, we presume FALSE
sstCronRepeatType: monthly              # MAY: repeat type is monthly
sstCronInterval: 1                      # MAY: repeat every month
sstCronOccurrenceInMonth: 2             # MAY: second occurence
sstCronDayOfWeek: 2                     # MAY: Tuesday
sstCronMinute: 30                       # MAY: 30 Minutes past the hour
sstCronMinuteEnd: 45                    # MAY: 45 Minutes past the hour (new attribute, for if we have a range: 09:30 - 13:45)
sstCronHour: 9                          # MAY: 9 am
sstCronHourEnd: 13                      # MAY: 1 pm (new attribute, for if we have a range: 09:30 - 13:45)  
sstCronDuration: 60                     # MAY: 60 minutes (one hour)
sstNotificationWarning: reminder        # MAY: We alway set this (Multi-valued attribute).
sstInformPersonUID: 1000482             # MAY: Support stepping stone AG (support@stepping-stone.ch)
sstResponsiblePersonUID: 1000482        # MAY: Support stepping stone AG (support@stepping-stone.ch)
sstResponsibleDeputyPersonUID: 1000482  # MAY: Support stepping stone AG (support@stepping-stone.ch)
sstBelongsToResellerUID: 4000000
sstBelongsToCustomerUID: 4000001

The following table describes the different attributes:

Attribute Objectclass
Existence
Mandatory
Description
description sstMaintenanceDefaultsObjectClass
MAY
x
The description of the leaf.
sstIsActive sstMaintenanceDefaultsObjectClass
MAY
x
Is the entry active? Either TRUE (yes) or FALSE (no).
sstServicePriority sstMaintenanceDefaultsObjectClass
MAY
x
The maintenance service level. The possible maintenance service levels (1, 2 or 3):
  • 3: Maintenance P3 [per Unit]: The Security Advisories will be installed once a month at the desired moment during the working hours (Monday to Friday from 09:00 - 12:00 and 13:00 - 17:00).
  • 2: Maintenance P2 [per Unit]: The Security Advisories will be installed once a month at the desired moment during the extended working hours (Monday to Friday from 07:00 - 12:00 and 13:00 - 19:00).
  • 1: Maintenance P1 [per Unit]: The Security Advisories will be installed once a month at the desired moment around the clock (Monday to Sunday from 00:00 - 24:00).

For more information on these maintenance service levels, visit stepping stone GmbH web page.

If the attribute sstServiceAutomated is set to TRUE, the sstServicePriority will be ignored. And we will have automated maintenance windows in the form of:

  • Maintenance Automated (vcs_gitlab) [per Unit]: The Security Advisories will be installed once a month at the desired moment around the clock (Monday to Sunday from 00:00 - 24:00).
sstServiceAutomated sstMaintenanceDefaultsObjectClass
MAY
A maintenance window is either executed automatically:
  • sstServiceAutomated: TRUE

or manually:

  • sstServiceAutomated: FALSE

If the attribute sstServiceAutomated does not exist, presume FALSE.

sstCronRepeatType sstMaintenanceDefaultsObjectClass
MAY
How often is a cron job to be repeated. Valid values are: daily, weekly, monthly, yearly.
sstCronInterval sstMaintenanceDefaultsObjectClass
MAY
The interval of a cron job. This attribute is dependant on the attribute sstCronRepeatType. Valid values are: 1 - 12. For example: 2 could be every two days, weeks, months or years (depending on the value of the attribute sstCronRepeatType.
sstCronOccurrenceInMonth sstMaintenanceDefaultsObjectClass
MAY
The occurence of the day in a month a cron job is to be executed. Valid values are: 1 - 4. For example: 3 would be the third occurence. If you use a value higher than 4, the calculation will fail in months, which only have 4 same days (for example February will never have 5 Mondays ...).
sstCronDayOfWeek sstMaintenanceDefaultsObjectClass
MAY
Day of week (0 - 6), where Sunday is 0. For example: 1, which means Monday.
sstCronMinute sstMaintenanceDefaultsObjectClass
MAY
The number of minutes past the hour that the maintenance window must start.

Valid values are: 0 - 59. For example: 30, which means 30 minutes past the hour.

If the attribute sstCronMinuteEnd is set, then sstCronMinute is interpreted as the start of a maintenance window minute range.

sstCronMinuteEnd sstMaintenanceDefaultsObjectClass
MAY
The number of minutes past the hour that the maintenance window must end (minus the duration defined with attribute sstCronDuration>/code>). Valid values are: <code>0 - 59.

For example: 45, which means 45 minutes past the hour.

If this attribute is set, it is interpreted as the end of a maintenance window minute range, while sstCronMinute is interpreted as the start of a maintenance window minute range.

sstCronHour sstMaintenanceDefaultsObjectClass
MAY
The hour the maintenance window must start.

Valid values are: 0 - 23. For example: 9, which means 9 am, while 17 means 5 pm.

If the attribute sstCronHourEnd is set, then sstCronMinute is interpreted as the start of a maintenance window hour range.

sstCronHourEnd sstMaintenanceDefaultsObjectClass
MAY
The hour the maintenance window must end (minus the duration defined with attribute sstCronDuration>/code>).

Valid values are: <code>0 - 23. For example: 9, which means 9 am, while 17 means 5 pm.

If this attribute is set, it is interpreted as the end of a maintenance window hour range, while sstCronHour is interpreted as the start of a maintenance window hour range.

sstCronDuration sstMaintenanceDefaultsObjectClass
MAY
The duration of the maintenance window in minutes. Valid values are: 15 - 1440 (15 minutes to 24 hours). For example: 60, which means 60 minutes (one hour).
sstNotificationWarning sstNotificationObjectClass
MAY
This multi-valued attribute will be used to turn single notifications on or off. Currently, the only allowed value is reminder. The value (name) corresponds with the template dn.
sstInformPersonUID sstRelationship
MAY
Stores the UID of the person to be informed if necessary. This UID can be used to look up the persons mail address, preferred language, name, surname or other information.
sstResponsiblePersonUID sstRelationship
MAY
Stores the UID of the person who is responsible for the system or service. This UID can be used to look up the persons mail address, preferred language, name, surname or other information.
sstResponsibleDeputyPersonUID sstRelationship
MAY
Stores the UID of the deputy of the person who is responsible for the system or service. This UID can be used to look up the persons mail address, preferred language, name, surname or other information.
sstBelongsToResellerUID sstRelationship
MAY
x
Stores the reseller UID the leaf belongs to. A unique integer value with 7 digits or more. In the case of OpenStack Domains (resellers), the value of sstBelongsToResellerUID corresponds with the value of uid.

For example: sstBelongsToResellerUID: 4000000 corresponds with uid: 4000000.

sstBelongsToCustomerUID sstRelationship
MAY
x
Stores the customer UID the leaf belongs to. A unique value with 7 digits or more, must correspond with the uid entry. Each reseller is also a customer in the LDAP directory. Therefore, the value of the attribute sstBelongsToCustomerUID should always be set to the customer UID, that reflects the reseller for the OpenStack Domains.

For example: sstBelongsToCustomerUID: 4000001.

Legend:

  • x: Mandatory in all cases.

Maintenance - Configuration - Service (Puppet) roles

The sub tree for the service (Puppet) roles specific maintenance service settings:

dn: ou=roles,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
ou: roles
description: The sub tree for the service (Puppet) roles specific maintenance service settings.

The sub tree of the specific maintenance service settings for the stoney office service (Puppet) role called 'stoney_office' (Puppet roles don't contain spaces).

dn: ou=stoney_office,ou=roles,ou=configuration,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
objectclass: sstServiceConfigurationObjectClass
ou: stoney_office
description: The sub tree of the specific maintenance service settings for the stoney office service (Puppet) role called 'stoney_office'.
sstIsActive: TRUE
sstIsDefault: TRUE

The following table describes the different attributes: The following table describes the different attributes:

Attribute Objectclass
Existence
Mandatory
Description
ou organizationalUnit
MUST
x
The name of the service (Puppet) role.

For example: ou: stoney_office (Puppet roles don't contain spaces).

description organizationalUnit
MAY
x
The description of the leaf.

For example: The sub tree of the specific maintenance service settings for the stoney office service (Puppet) role called 'stoney_office'.

sstIsActive sstServiceConfigurationObjectClass
MUST
x
Is the entry active? Either TRUE (yes) or FALSE (no).

The default value is TRUE.

sstIsDefault sstServiceConfigurationObjectClass
MAY
Contains the leaf a default entry? Either TRUE (yes) or FALSE (no).

If sstIsDefault is set to TRUE, the information of this subtree must alway be used (to make sure, that all automated maintenance windows are executed in the same time frame).

Legend:

  • x: Mandatory in all cases.

Maintenance - Units

The sub tree for the units of the maintenance service:

dn: ou=units,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: organizationalUnit
ou: units
description: The sub tree for the units of the maintenance service.

Maintenance - Units example

Each maintenance unit has its own leaf. A monthly maintenance window is the norm.

Maintenance window every month on the second Tuesday of the month between 09:30 and 10:30, starting on Tuesday, the 14th of April 2015.

The sstBelongsToServiceUID lookup is as follows:

  1. OpenStack unit (server): ou=units,ou=openstack,ou=services,dc=stoney-cloud,dc=org.
  2. Virtual Machine: ou=virtual machines,ou=virtualization,ou=services,dc=stoney-cloud,dc=org.
  3. vServer: ou=vservers,ou=services,dc=stoney-cloud,dc=org.
  4. Dedicated Server: ou=dedicated servers,ou=services,dc=stoney-cloud,dc=org (not implemented yet).
  5. External Server: ou=external servers,ou=services,dc=stoney-cloud,dc=org (not implemented yet).

The idea is, that we presume, that most of the maintenance units belong to OpenStack units (servers) running on our OpenStack based stoney cloud installation.

In the example below, the service UID sstBelongsToServiceUID: 1234567 points to virtual machine with the b543f88f-dffe-426f-86d3-c7ff85c16d2a and the uid: 1234567.

dn: uid=4000003,ou=units,ou=maintenance,ou=services,dc=stoney-cloud,dc=org
objectclass: top
objectclass: sstMaintenanceObjectClass
objectclass: sstRelationship
uid: 4000003
description: The maintenance leaf for the virtual machine with the uid 1234567.
sstIsActive: TRUE
sstBillable: TRUE
sstServicePriority: 3
sstServiceAutomated: TRUE
sstCronRepeatType: monthly     # repeat type is monthly
sstCronInterval: 1             # repeat every month
sstCronStartDate: 20150414     # starting on Tuesday, the 14th of April 2015
sstCronOccurrenceInMonth: 2    # second occurence
sstCronDayOfWeek: 2            # Tuesday
sstCronMinute: 30              # 30 Minutes past the hour
sstCronHour: 9                 # 9 am
sstCronDuration: 60            # 60 minutes (one hour)
sstInformPersonUID: 4000002
sstResponsiblePersonUID: 4000002
sstResponsibleDeputyPersonUID: 4000002
sstNotificationWarning: reminder
sstIsMultiTenant: FALSE
sstBelongsToServiceUID: 1234567
sstBelongsToResellerUID: 4000000
sstBelongsToCustomerUID: 4000001

Other possible maintenance windows range from daily maintenance windows to bi yearly maintenance windows. The following examples just show the relevant attributes.

Maintenance window every day between 09:30 and 10:30, starting on Monday, the 5th of January 2015.

sstCronRepeatType: daily       # repeat type is daily
sstCronInterval: 1             # repeated every day
sstCronStartDate: 20150105     # starting on the fifth of January 2015
sstCronMinute: 30              # 30 Minutes past the hour
sstCronHour: 9                 # 9 am
sstCronDuration: 60            # 60 minutes (one hour)

Maintenance window every second day between 09:30 and 10:30, starting on Monday, the 5th of January 2015.

sstCronRepeatType: daily       # repeat type is daily
sstCronInterval: 2             # repeat every second day
sstCronStartDate: 20150105     # starting on the fifth of January 2015
sstCronMinute: 30              # 30 Minutes past the hour
sstCronHour: 9                 # 9 am
sstCronDuration: 60            # 60 minutes (one hour)

Maintenance window every two weeks on Monday between 09:30 and 10:30, starting on Monday, the 13th of April 2015.

sstCronRepeatType: weekly      # repeat type is weekly
sstCronInterval: 2             # repeat every second week
sstCronStartDate: 20150413     # starting on Monday, the 13th of April 2015
sstCronDayOfWeek: 1            # on Monday
sstCronMinute: 30              # 30 Minutes past the hour
sstCronHour: 9                 # 9 am
sstCronDuration: 60            # 60 minutes (one hour)

Maintenance window every six months on the 15. of the month between 09:30 and 10:30, starting on Wednesday, the 15th of April 2015.

sstCronRepeatType: monthly     # repeat type is monthly
sstCronInterval: 6             # repeat every six months
sstCronStartDate: 20150415     # starting on Wednesday, the 15th of April 2015
sstCronDayOfMonth: 15          # on the 15th day of the month
sstCronMinute: 30              # 30 Minutes past the hour
sstCronHour: 9                 # 9 am
sstCronDuration: 60            # 60 minutes (one hour)

Maintenance window every six months on the third Monday of the month between 09:30 and 10:30, starting on Monday, the 20th of April 2015.

sstCronRepeatType: monthly     # repeat type is monthly
sstCronInterval: 6             # repeat every six months
sstCronStartDate: 20150420     # starting on Monday, the 20th of April 2015
sstCronOccurrenceInMonth: 3    # third occurence
sstCronDayOfWeek: 1            # Monday
sstCronMinute: 30              # 30 Minutes past the hour
sstCronHour: 9                 # 9 am
sstCronDuration: 60            # 60 minutes (one hour)

Maintenance window every year on the 15th of March between 09:30 and 10:30, starting on Wednesday, the 11th of March 2015.

sstCronRepeatType: yearly      # repeat type is yearly
sstCronInterval: 1             # repeat every year
sstCronStartDate: 20150311     # starting on Wednesday, the 11th of March 2015
sstCronDayOfMonth: 11          # on the 11th day of the month
sstCronMinute: 30              # 30 Minutes past the hour
sstCronHour: 9                 # 9 am
sstCronDuration: 60            # 60 minutes (one hour)

Maintenance window every year on the third Monday of March between 09:30 and 10:30, starting on Monday, the 16th of March 2015.

sstCronRepeatType: yearly      # repeat type is yearly
sstCronInterval: 1             # repeat every year
sstCronStartDate: 20150316     # starting on Monday, the 16th of March 2015
sstCronMonthOfyear: 3          # third month of the year
sstCronOccurrenceInMonth: 3    # third occurence
sstCronDayOfWeek: 1            # Monday
sstCronMinute: 30              # 30 Minutes past the hour
sstCronHour: 9                 # 9 am
sstCronDuration: 60            # 60 minutes (one hour)

Maintenance window every two years on the third Monday of March between 09:30 and 10:30, starting on Monday, the 16th of March 2015.

sstCronRepeatType: yearly      # repeat type is yearly
sstCronInterval: 2             # repeat every two years
sstCronStartDate: 20150316     # starting on Monday, the 16th of March 2015
sstCronMonthOfyear: 3          # third month of the year
sstCronOccurrenceInMonth: 3    # third occurence
sstCronDayOfMonth: 1           # Monday
sstCronMinute: 30              # 30 Minutes past the hour
sstCronHour: 9                 # 9 am
sstCronDuration: 60            # 60 minutes (one hour)

The following table describes the different attributes:

Attribute Objectclass
Existence
Mandatory
Description
uid sstMaintenanceObjectClass
MUST
x
A unique integer value with 7 digits or more. For example: 4000003.
description sstMaintenanceObjectClass
MAY
x
The description of the leaf.
sstIsActive sstMaintenanceObjectClass
MUST
x
Is the entry active? Either TRUE (yes) or FALSE (no).
sstBillable sstRelationship
MAY
x
It the entry billable? Either TRUE (yes) or FALSE (no). All hierarchical levels must have sstBillable: TRUE to actually have an invoice generated and sent. If the attribute sstBillable doesn't exist, the default is TRUE. This way, we are forced to set a reseller, customer or product manually to sstBillable: FALSE if we want to avoid sending them an invoice.
sstCancellationDate sstRelationship
MAY
The cancellation date of a reseller, customer or service in the form of [YYYY][MM][DD] (ISO 8601). For example: 20201231.

The attribute sstCancellationDate is used in a logical AND combination with sstIsActive. With other words: Once the cancellation date has passed, it overrides the sstIsActive value.

sstServicePriority sstMaintenanceObjectClass
MAY
x
The maintenance service level. The possible maintenance service levels (1, 2 or 3):
  • 3: Maintenance P3 [per Unit]: The Security Advisories will be installed once a month at the desired moment during the working hours (Monday to Friday from 09:00 - 12:00 and 13:00 - 17:00).
  • 2: Maintenance P2 [per Unit]: The Security Advisories will be installed once a month at the desired moment during the extended working hours (Monday to Friday from 07:00 - 12:00 and 13:00 - 19:00).
  • 1: Maintenance P1 [per Unit]: The Security Advisories will be installed once a month at the desired moment around the clock (Monday to Sunday from 00:00 - 24:00).

For more information on these maintenance service levels, visit stepping stone GmbH web page.

If the attribute sstServiceAutomated is set to TRUE, the sstServicePriority will be ignored. And we will have automated maintenance windows in the form of:

  • Maintenance Automated (vcs_gitlab) [per Unit]: The Security Advisories will be installed once a month at the desired moment around the clock (Monday to Sunday from 00:00 - 24:00).
sstServiceAutomated sstMaintenanceObjectClass
MAY
A maintenance window is either executed automatically:
  • sstServiceAutomated: TRUE

or manually:

  • sstServiceAutomated: FALSE

If the attribute sstServiceAutomated does not exist, presume FALSE.

sstCronRepeatType sstMaintenanceObjectClass
MAY
x
How often is a cron job to be repeated. Valid values are: daily, weekly, monthly, yearly.
sstCronInterval sstMaintenanceObjectClass
MAY
x
The interval of a cron job. This attribute is dependant on the attribute sstCronRepeatType. Valid values are: 1 - 12. For example: 2 could be every two days, weeks, months or years (depending on the value of the attribute sstCronRepeatType.
sstCronStartDate sstMaintenanceObjectClass
MAY
x
The first time a cron job is executed. This date is stored in the form of [YYYY][MM][DD] (ISO 8601). For example: 2010314 (the 14th of March 2015).
sstCronDuration sstMaintenanceObjectClass
MAY
x
The duration of the maintenance window in minutes. Valid values are: 15 - 1440 (15 minutes to 24 hours). For example: 60, which means 60 minutes (one hour).
sstCronMinute sstMaintenanceObjectClass
MAY
The number of minutes past the hour that the maintenance window must start.

Valid values are: 0 - 59. For example: 30, which means 30 minutes past the hour.

If the attribute sstCronMinuteEnd is set, then sstCronMinute is interpreted as the start of a maintenance window minute range.

sstCronMinuteEnd sstMaintenanceObjectClass
MAY
The number of minutes past the hour that the maintenance window must end (minus the duration defined with attribute sstCronDuration>/code>). Valid values are: <code>0 - 59.

For example: 45, which means 45 minutes past the hour.

If this attribute is set, it is interpreted as the end of a maintenance window minute range, while sstCronMinute is interpreted as the start of a maintenance window minute range.

sstCronHour sstMaintenanceObjectClass
MAY
The hour the maintenance window must start.

Valid values are: 0 - 23. For example: 9, which means 9 am, while 17 means 5 pm.

If the attribute sstCronHourEnd is set, then sstCronMinute is interpreted as the start of a maintenance window hour range.

sstCronHourEnd sstMaintenanceObjectClass
MAY
The hour the maintenance window must end (minus the duration defined with attribute sstCronDuration>/code>).

Valid values are: <code>0 - 23. For example: 9, which means 9 am, while 17 means 5 pm.

If this attribute is set, it is interpreted as the end of a maintenance window hour range, while sstCronHour is interpreted as the start of a maintenance window hour range.

sstCronDayOfWeek sstMaintenanceObjectClass
MAY
Day of week (0 - 6), where Sunday is 0. For example: 1, which means Monday.
sstCronDayOfMonth sstMaintenanceObjectClass
MAY
The day of the month a cron job is to be executed. Valid values are: 1 - 31. For example: 3 is the third of the month.
sstCronMonthOfyear sstMaintenanceObjectClass
MAY
The month of the year a cron job is to be executed. Valid values are: 1 - 12. For example: 3 would be March.
sstCronOccurrenceInMonth sstMaintenanceObjectClass
MAY
The occurence of the day in a month a cron job is to be executed. Valid values are: 1 - 4. For example: 3 would be the third occurence. If you use a value higher than 4, the calculation will fail in months, which only have 4 same days (for example February will never have 5 Mondays ...).
sstInformPersonUID sstRelationship
MAY
x
Stores the UID of the person to be informed if necessary. This UID can be used to look up the persons mail address, preferred language, name, surname or other information.
sstResponsiblePersonUID sstRelationship
MAY
x
Stores the UID of the person who is responsible for the system or service. This UID can be used to look up the persons mail address, preferred language, name, surname or other information.
sstResponsibleDeputyPersonUID sstRelationship
MAY
Stores the UID of the deputy of the person who is responsible for the system or service. This UID can be used to look up the persons mail address, preferred language, name, surname or other information.
sstNotificationWarning sstMaintenanceObjectClass
MUST
x
This multi-valued attribute will be used to turn single notifications on or off. Currently, the only allowed value is reminder. The value (name) corresponds with the template dn.
sstIsMultiTenant sstMaintenanceObjectClass
MAY
If this singe-valued attribute is set to TRUE, we know that this is a multi tenant capable system or service. For example stoney backup, stoney storage or stoney wiki). The maintenance notification system will therefore know, that it must inform the tenants differently.
sstBelongsToServiceUID sstMaintenanceObjectClass
MAY
x
Stores the UID of the service the leaf belongs to. This UID can be used to look up other information. A unique value with 7 digits or more. 4000123.
sstBelongsToResellerUID sstRelationship
MUST
x
Stores the reseller UID the leaf belongs to. A unique value with 7 digits or more. For example: 4000000.
sstBelongsToCustomerUID sstRelationship
MUST
x
Stores the customer UID the leaf belongs to. A unique value with 7 digits or more. For example: 4000001.

Legend:

  • x: Mandatory in all cases.