PaaS Team Manual

Incident management

• Incident process
• Responding to alerts

Monitoring and alerting

• Prometheus

Support

• User management
• Finding activity
• Finding route owners
• Restoring Elasticsearch Backups
• Responding to security issues
• Support roles and responsibilities
• Investigating rsyslog issues
• Support manual
• Zendesk

Accounts and Billing

• Account lifecycle
• Getting data about trial accounts
• Tenant personal data
• Billing process for GOV.UK PaaS paid accounts

Team

• Orientation
• Working practices
• Service Targets
• Dashboard mac mini
• Managing AWS access
• Our networking in AWS
• How to notify tenants
• Our orgs on the paas
• Pagerduty
• Platform alerting
• Responding to aws alert
• Rotating credentials
• Statuspage

Guides

• Cloud Foundry debugging tips
• Connecting to Concourse and BOSH
• Documentation for tenants (paas-tech-docs)
• How to use GPG
• How to enable Github OAuth for your dev environment
• IPSec debugging
• Restoring the CF databases
• Tenant Application Penetration Testing
• How to sign into your CF admin account
• Common support tasks
• Enhancing kibana
• Releasing bosh blobs
• Spruce (for merging YAML)
• upgrading CF, bosh and stemcells
• Updating Logstash filters in Logit
• VPC Peering
• Running tests on paas-cf locally

Styleguides

This section contains some team-specific styleguides. These should be used in addition to the GDS styleguides.

• YAML
• Concourse pipelines

Architecture decision records

This section contains Architecture Decision Records (ADR) as described in this blog post http://thinkrelevance.com/blog/2011/11/15/documenting-architecture-decisions.

• ADR001 manifest management
• ADR002 concourse pool resource
• ADR003 AWS credentials
• ADR004 domain naming scheme
• ADR005 pingdom healthchecks
• ADR006 rds broker
• ADR007 terminating tls at elbs
• ADR008 haproxy for request rewriting
• ADR009 x forwarded headers
• ADR010 postgres bind behaviour
• ADR011 security group structure
• ADR012 haproxy healthcheck
• ADR013 building bosh releases
• ADR014 hsts preload using api gateway
• ADR015 rds storage encryption plans
• ADR016 end to end encryption
• ADR017 cell capacity assignment
• ADR018 rds broker restore last operation
• ADR019 accessing user provided services
• ADR020 deletion of ci environment
• ADR021 cell capacity assignment 2
• ADR022 web app language and framework selection
• ADR023 idle cpu alerting change
• ADR024 web app language and framework selection
• ADR025 Service plan naming conventions
• ADR026 DNS layout for UK hosting
• ADR027 pipeline locking
• ADR028 Move platform logs to Logit
• ADR029 Aiven project structure
• ADR030 single staging environment in London
• ADR443 ssl only for applications and cf endpoints
• ADR444 redirect http for applications