Service Manager Handbook

This handbook is written for LinkedData.Center Enterprise service managers. The users of LinkedData.Center services do not need to bother with this kind of topics.

LinkedData.Center ontology

To describe our things, we use a pretty common jargon that, more or less, is consistent with ITIL glossary. This chapter wants to give you a semantic context for main terms (in bold) used in LinkedData.Center service management processes. When available, a link to a formal ontology is also provided.

LinkedData.Center is a service provider that provides IT digital services designed for a  multitenancy system architecture.
Subscribers are customers (i.e. Business Entities) that sign to one or more service offerings also called subscription plans. Each subscriber must register to the LinkedData.Center subscription portal with a personal account protected by a password. The subscription portal provides customers with account password management,  service catalog,  service subscriptions,  payments & invoices management,  etc. etc.

A service subscription is a  Service Level Agreement (SLA) with a defined duration (e.g. lifetime or monthlyand a subscription state
  • pending activation: a subscription is in this state during the service activation process. Depending on the service requested, subscriptions can remain pending for few seconds if automated provisioning task is in place, for some hours or even days when manual activities are involved in the provisioning process.
  • active: a subscription is in this state during the service operation process. In this state, SLA apply.
  • expiring: a subscription is in this state during service retirement process.
  • expired: a subscription is in this state during after the end of service subscription agreement

The service manager is a role responsible for the provisioning of all the resources needed to activate the subscriptions. It is also responsible for the service operation and for the service retirement processes. Subscribers can contact the service manager using the LinkedData.Center support center that acts as service desk and as a single point of contact.

Beside the service plans, LinkedData.Center offers LinkedData.Center Enterprisetm. This offering is about the whole or part  LinkedData.Center Enterpriseservice Platform (LDCEP).  licensed, installed and maintained at customer premises. LDCEP requires a custom SLA where authorized service managers are appointed.

The main feature of LDCEP is to provide  RDF Graph Database Instances that are managed through Elastic Knowledge Base APIs (EKB APIs). When a customer subscribes a  plan  that  includes a graph database instance, the following resources are needed:

  • profile: a web resource that contains the configuration of the LDCEP:  the technology of the graph database engine to use (i.e. the driver), the storage capability, the access control list (ACL) rules, etc, etc. The subscriber MAY be allowed to view/change the profile according to the signed SLA through EKB APIs only. The profile name is part of endpoint URL.
  • user: is an identity credential (i.e.. username and password) to use to gain access EKB APIs.  User password can be changed through EKB APIS. Very often (but this is not mandatory) user and profile have the same name.
  • endpoint: a URL pointing to a server that exposes EKB APIs pro a specific profile.
Please note that the concept of  user has nothing to do with account. A user  is  a resource owned by the service provider and leased to the subscriber for all the subscription duration. It can be used by a software agent or by people under the sole responsibility of the subscriber.  Service Manager can reset the user password on explicit subscriber request. On the other side, an  account is owned by the subscriber and it is self managed through the features of LinkedData.Center subscription portal.

The service manager allocates required profile and user resources to all pending activation subscriptions, generating them manually or automatically. The service manager communicates user credentials (i.e. username and password) and service endpoint URL to the subscriber before to change the service status to active.

At the end of the subscription agreement, the service manager disposes the subscription resources cleaning user and profile data and all other related resources (.e. graph DB instance, backups, etc, etc).

Resource  management

LinkedData.Center describes and manages core resources accordingly to the RESTful architecture. Specifically, every core resource is described by an hypermedia schema (JSON-Schema) and managed by REST profiler APIs. There are three core resource types:
All the resources are completely indipendent. The Service Manager maintains the links between subscriptions, accounts, users and profiles in the administration panel .

Every service manager owns a credential that grants access to the profiler endpoint. The service Manager is free to use his/her preferred tool (any RESTful client is compliant) or to use the Jsonary.LinkedData.Center service that allows to application to browse the resources.

Profiler sandbox

Practice with the profiler APIs connecting to the profiler sandbox endpoint using the shared credential admin/password. Please note that data are stored in clear and the sandbox server is shared and public. DO NOT STORE REAL OR PRIVATE DATA IN THE JSONARY SANDBOX!!

Using jsonary

Jsonary is a simple interactive web tool used to manipulate RESTful resources. Linked data jsonary implementation is available at Think to jsonary as a browser in a browser. Put your profiler endpoint URL in the resource bar, add to it the resource you need to view/edit/delete and click the go button. At the beginning of the session, you will be asked for your credential. Close the browser to log off. All network traffic is encrypted with SSL. Jsonary is able to manage your resource even if they are not exposed to the internet.

To use jsonary with profiler sandbox  just point your browser  to  URL.

Profile resources

To create a new profile type your profile listing ( https://your.profiler.endpoint/profile/) in the URL bar and click on the go button.

Then press "new profile" button to display the popup:

Fill the form completing all wanted data. If not provided, the system will use proper defaults. Of course, you have also to configure the graph engine to setup a proper user space (this step depends on the RDF technology you decided to adopt). 

User resources

To create a new profile type your profile listing ( https://your.profiler.endpoint/user/) in the URL bar and click on the go button.

Then press "New user" button to display the popup:

The password field is a bit tricky. For security reasons, the password will never be stored in plain text. You can choose the encoding algorithm, but the most secure is the CRYPT_BLOWFISH algorithm. We suggest to use one of the good online generators or write your own according to the PHP password_hash specification. You can provide unencoded passwords to your customers while storing the encoded ones in the user resource.

Task resources (only for beta Enterprise users)

Administrative tasks free service managers to manually create users, profiles, and graph engine configurations. The service manager creates administrative tasks using the profiler APIs and then a provision orchestrator will launch the proper task processor to consume the task allocating all required resources. Task processors are custom developed for LDCEP.

Tasks required few mandatory fields:

  • the subscriber notification recipient  (e-mail or message queue) where the task processor will send a task report.
  • the service manager notification recipient  (e-mail or message queue)  the task processor will be informed about the success or the failure of the task.
Beside this, other data depending on the task type could be required.  Following task types are defined:
  • GDaaS activation
  • GDaaS retirement
  • GDaaS suspension
  • GDaaS backup
  • GDaaS restore
  • GDaaS transfer

Enrico Fagnoni,
Nov 5, 2016, 8:31 AM