Managed Private Registry - Responsibility model (EN)

Base de connaissances

KB0058668

Managed Private Registry - Responsibility model (EN)


Icons/System/eye-open Created with Sketch. 187 vues 04.07.2023 Cloud / Managed Private Registry

Managed Private Registries allow you to focus on using Harbor to host, share and manage your cloud native artifacts while OVHcloud takes care of the required software and hardware maintenance in operational conditions.

The RACI below details shared responsibilities between OVHcloud and the customer for Public Cloud Managed Private Registry services. This shared model can help relieve the customer’s operational burden.

RACI definition

Roles
R: Is in charge of carrying out the process
A: Accountable for the successful completion of the process
C: Is consulted during the process
I: Is informed of the results of the process

For your information, a Service is considered as a Public Cloud Databases service such as a MySQL, PostgreSQL, MongoDB, Valkey or Kafka cluster.

1. Before subscription

1.1. Specify service as needed

ActivityCustomerOVHcloud
Learn about the capabilities and limitations of the Services detailed in the OVHcloud documentationRACI
Use a container or orchestrator toolRAI
Create a Public Cloud projectRAI
Choose the service locationRAI
Choose the range plan following business needs (Model : S , M or L)RAI

2. Service availability

2.1. Install service

ActivityCustomerOVHcloud
Produce, route, deliver and maintain underlying software, physical machines, hosting buildingsRA
Buy and hold licences and usage rights for softwares provided by OVHcloud (Harbor, Trivy, etc.)RA

2.2. Reversibility model

ActivityCustomerOVHcloud
Import images using any Docker images or chart helm within OCI formatRA

2.3. Customer Information System setup

ActivityCustomerOVHcloud
Deploy workloads using his imagesRA
Modify templates, helm charts, dockerfile, urls for images' names, image dockers, etc .RA

3. Service usage

3.1. Operations

3.1.1. Daily operations
ActivityCustomerOVHcloud
Leverage adequate compute and storage to deliver the service withing the plan limitsRA
Decide to upgrade plan of the existing service following business needsRAI
Define and implement an image policy (use of official and trusted public images Registry, updates, vulnerability scoring, etc.)RAI
Implement a backup policy for Registry imagesRAI
3.1.2. Access management
ActivityCustomerOVHcloud
Manage access to the OVHcloud Control PanelRAI
Manage access to management interfaces specific to the Service (Harbor UI, API, Docker command line, etc.)RAI
Manage OVHcloud teams’ physical access to infrastructuresRA
Manage OVHcloud teams’ logical access to infrastructuresRA
3.1.3. Monitoring
ActivityCustomerOVHcloud
Monitor the proper functioning of physical devices (utilities) in support of the registry serviceRA
Monitor the proper functioning of virtual devices (utilities) in support of the registry serviceIRA
Process and pay for alarms from managed devices in the Private Registry infrastructureIRA
Maintain and monitor logs generated by the Private Registry service on the management infrastructureRA
Keep logs of the Private Registry service provided in Harbor UI or by using APIRA
3.1.4. Storage
ActivityCustomerOVHcloud
Manage content hosted on the Private Registry serviceRAI
Manage data continuity and sustainabilityRA
Perform storage and device maintenanceRA
3.1.5. Connectivity
ActivityCustomerOVHcloud
Operate automatic network management systems (architecture, implementation, software and hardware maintenance for deployed public and private networks)IRA
Provide and maintain a domain name on the serviceIRA
3.1.6. Management
ActivityCustomerOVHcloud
Provide inventory of the service usedIRA
Manage risks on managed components of the Private Regitry serviceRA
Maintain the service in operational and security conditionsRA
Plan vulnerability scans on used impages (in case of subscription to M or L plan or with the client's proper tool)RAI
Manage alerts raised by vulnerability scans on imagesRA
3.1.7. Business continuity
ActivityCustomerOVHcloud
Manage automatic management systems and availability for the managed Platform serviceIRA
Maintain a business continuity and disaster recovery plan on the Registry imagesRAI

3.2. Event management

3.2.1. Incidents
ActivityCustomerOVHcloud
Notify incidents wihin the service RegistryRAI
Intervene with Public Cloud Private Registry managed elementsIRA
3.2.2. Changes
ActivityCustomerOVHcloud
Comply with the service Lifecycle PolicyRA
Deploy patches, update software and information systems hosted in Public Cloud Private RegistryIRA
Deploy patches, update and configure the information system using Public Cloud Private RegistryRA
Perform preventive interventions on managed elements of the Public Cloud Private RegistryIAR

4. Reverting

4.1. Reversibility model

ActivityCustomerOVHcloud
Schedule reversibility operationsRAI
Choose fallback infrastructuresRA
Use Docker to transfer image by image or to replicate images by using Harbor registryRA

4.2. Data recovery

ActivityCustomerOVHcloud
Manage reversibility operationsRAI
Migrate/transfer dataRA

5. End of service

5.1. Destroying configurations

ActivityCustomerOVHcloud
Delete the Private Registry service configurations (using API or user interface )RAI

5.2. Data destruction

ActivityCustomerOVHcloud
Destroy DB image registry serviceRA
Destroy project informationRA

Go further

Visit our dedicated Discord channel: https://discord.gg/ovhcloud. Ask questions, provide feedback and interact directly with the team that builds our private registry services.

Join our community of users on https://community.ovh.com/en/.

Articles associés