Introduction

This article contains three sections with information related to the Co-Managed service:

• Definitions related to elements of the Co-Managed service.
• An overview of the Co-Managed service, in the context of the definitions provided.
• A breakdown of ITS-EI and Customer Responsibilities.

Definitions

Platform – For purposes of this service, “platform”, in the context of responsibility for EI-TPS, refers to software or hardware systems that are used in the delivery of Co-Managed systems.  This includes the following:

• Physical platform systems:
  • KVM
  • Power controls
  • Server hardware
• Virtual platform systems
  • Any hardware that is used to run hypervisor software
  • VMware hypervisors and vCenter management software
  • Hyper-V hypervisors and VMM management software
• Cloud platform systems
  • The context of responsibility for cloud platform systems ends with the global security, identity, and configuration policies for AWS or Microsoft Azure that are put in place for every cloud account, regardless of function.
• Storage platform systems
  • Any storage hardware that is used to provide storage services to virtual or physical systems
  • Any management software that is used to manage storage hardware
• OS Management systems
  • Any hardware used to run central OS patch management software
  • Any software used to centrally manage OS patching functions
• Support systems
  • Monitoring for any of the previously mentioned platform systems
  • Backup and Disaster recovery for any of the previously mentioned platform systems

NOTE:  Networking infrastructure is managed by the Network Engineering Services team.

Co-Managed Service – This service is provided with the following:

• For physical servers:
  • We will work with the customer to determine hardware for their need, including ordering and purchasing.
    • The customer owns the hardware, which must be purchased up front.
  • We will coordinate the installation of the hardware in the datacenter and installation and initial configuration of the OS of your choice (Linux or Windows)
  • We will maintain and monitor the hardware for failures
• For virtual servers:
  • We will deploy a virtual server conforming to the customer specifications in the request
  • We will coordinate the installation and configuration of the virtual machine with the OS of your choice (Linux or Windows)
• For all servers:
  • We will provide security patching services for the OS only (not the applications) on an approximately monthly basis (emergency security incidents may warrant out of band patching with very short notice)
  • We will ensure that backups and disaster recovery processes are functional and in place
  • We will respond to requests for resource changes, questions, and ticket escalations as necessary.
  • Data Levels 1 and 2 are available.  Levels 3 and 4 are not currently available to co-managed users.
• Additional information:
  • https://its.uiowa.edu/systemservices (Co-Managed Service column)
  • https://its.uiowa.edu/support/article/119866#ComanagedServiceDetail
  • https://its.uiowa.edu/support/article/119861

Overview of the Co-Managed Service

The Co-Managed service is similar to the Customer-Managed service (formerly known as Co-Lo), except that this service also provides OS installation and OS security patching.  This service is a collaborative service where the administration of the server and its applications (outside of OS and Security updates), falls to the end customer.  Customers who choose this service should be aware of the following parameters:

• There is no dedicated ITS-EI support staff.  Responsibility for administration, installation, security updates and ongoing maintenance of any application or updates to any related tools or software (i.e. specialty browsers, software applications, etc...) will fall to the customer.
• Monitoring and alerting is only done at the platform level. Customers who wish to monitor their application will need to contact ITS-EI-SAS to configure monitoring and alerting.
• 24x7 support is included and available only for platform level issues (see definition above).  Support for application issues is not included in the cost of this service.  However, support from the ITS-EI-SAS team may be obtained at an hourly billable rate if desired.
• SSL Certificate management is the responsibility of the customer

ITS and Customer Responsibilities

ITS-EI Responsibilities

• Provide shared root / administrator to customer.
• Install OS patches during predetermined maintenance windows.
• Monitoring and alerting for the platforms that support the system (Hypervisors, storage hardware, etc).
• Drive size adjustments upon customer request.
• System backup and restore capabilities, including snapshots or other DR services.
  • This does not explicitly include database backups in the default configuration.
  • In some cases, backups and restores will be full-system / crash-consistent
  • Additional detail can be found in the article on Backup and Recovery of Virtual Server

Customer Responsibilities

• Create and maintain service accounts according to IAM policies
• Coordination with ISPO for datacenter firewall changes (all OSes)
• All application related items, including installation, configuration, monitoring, troubleshooting, and security patching.  Customers are responsible for adhering to and understanding the terms and obligations of any software licenses for applications they install
• TLS certificate installation and renewal
• Filesystem changes related to disk size changes
• Database backups, administration, configuration, and patching, if required
• Adherence to all applicable University IT policies

Please see the FAQ page for additional information about this service.