SysAdmin: The heart

By Randy Johnson & Harris Kern

This month, we get to the heart of system administration, outlining what services our Information Resources (IR) Unix System Administration group does and doesn't provide. System administration is (as it should be) a comprehensive responsibility for systems design, configuration, delivery, management, and support. That god-like empowerment of a centralized IT makes sense because your business needs a stable and consistent environment.

But remember, IT can't and shouldn't hide in the data center dictating practices and procedures to the organization. To be most effective in a distributed-computing environment, you've got to provide the services and support your business units need. That requires a flexible and responsive partnership between IT and the business units, and a staff and processes that give fast and effective reaction to user inquiries and problems.

To cement an efficient working relationship between our Unix System Administration group and business units, we use a Service Level Support Agreement. The formal document is aimed at three groups: business managers receiving IT services who need to ensure that the services delivered are in line with their business requirements at a cost they are prepared to pay; the system administration staff who deliver these services and need to fully understand the commitments that our customers require from us in order to provide quality service; and the IT staff who coordinate the delivery of these services to their respective business units to ensure maximum contribution to business effectiveness.

With the Agreement, we make sure our internal customers understand what kinds of service they can expect from their computer resources and how those resources are expended. On the other side of the table, we make sure our Unix System Administration personnel understand their jobs well -- what services they do provide as well as those services they don't provide.

In good hands
Often it is more important to know what services you don't provide. For example, it's common practice with Unix that the owner gets root access to their workstation, which lets them change the system at will. Obviously, that can lead to chaos and bring your systems to their knees. So, our general rule is that no user except IT staff is given root access to systems we support. If a primary customer needs root access -- granted when there is a specific application-related requirement -- then we provide service only on a "best effort" basis.

Same for applications. SunIR manages a collection of user programs that are found on departmental software servers of which we automatically manage the installation and maintenance. If a business unit uses a special application (desktop or production) and runs into difficulty, we do an initial diagnosis, but normally pass the problem to the relevant support group and take no further responsibility.

There are also responsibilities we and our business-unit customers accept as part of our Agreement. Customers are responsible for providing the list of services they need. And the levels of service should be held to as few categories as necessary.

Final configurations are our responsibility, implemented and supported as defined by IT and its associated architecture group. With facilities, we manage the server rooms to ensure an adequate environment at the lowest capital cost. And we back up the IT servers regularly, with the promise to restore data within 24 hours of a request. Faster or better response must be separately negotiated.

Users also are expected to manage their own disk space and printer resources, such as paper and toner. (We don't maintain those resources, but will diagnose the cause of problems and make recommendations.) And our customers are expected to work closely with IT to ensure that all users carefully select, control, and regularly change user passwords, according to corporate security policy.

The buck stops here
The Agreement spells out that Sun's business units, not SunIR, are responsible for obtaining funding and approval to ensure sufficient computing resources. They are responsible for "outlooking" (changes) for the future. If management doesn't allocate needed money and resources, IT and the customer negotiate a reduced level of support.

Finally, only what's included in the Agreement and budgeted for, IT provides. Our current hourly rate for special services is $60 per hour. Emergency services (nonplanned) is $120, for the cost of contracting services, and are provided only on a best-effort basis.
(See sidebar for a list of typical Sysadmin support functions)

About the authors
Harris Kern (harris.kern@advanced.com) is Sun's Open Systems Migration Consultant for the NAAFO Market Development. Randy Johnson (randyj@advanced.com) owns R&H Associates, a full-time rightsizing consultancy. © 1994 Sun Microsystems Inc. All rights reserved. Pick up a copy of their new book, Rightsizing the New Enterprise, SunSoft Press/PTR Prentice Hall.

Service Level Support Agreement

Typical inclusions Disaster recovery System security Desktop-applications support Hardware installation Hardware maintenance Software-distribution support Telecommunications Local network services (NIS management) User training Software configuration Software installation Selected optional software Database administration OS support Backups/restores Systems analysis Performance tuning Third-party hardware troubleshooting

At Sun, we also support the following resources and equipment. Client/servers Software-distribution servers Network servers Disk usage /home directories Electronic mail

These are services provided on a "best effort" basis with no guarantees: Nonstandard software installation Ad hoc technical assistance, training, and consultancy User-specific backups/restores General support for root login users

If you have problems with this magazine, contact webmaster@sunworld.com
URL: http://www.sunworld.com/asm-12-1994/asm-12-unix.html
Last updated: 1 December 1994