MySQL Database Service Level Agreement

Objective

It is the goal of the Office of Information Technology (OIT) to provide an enterprise quality MySQL database hosting service to any campus unit needing such capability.  To that end, OIT has implemented a MySQL-based database service using disk mirroring and replication technologies to provide a highly available, redundant service for the University community’s use.

Due to the resource requirements of this service, it is necessary that it be provided on a “for charge” basis while OIT subsidizes a significant share of the cost.

Glossary

For the purpose of clarity, the following terms will have these specified meanings:

  • Database Service: a program that houses data and accepts SQL commands to store and retrieve that data.
  • Server:  a computer upon which one or more database(s) and database servers reside.
  • OIT Shared Services:  The group that supports this service.

Terms

  • All servers are connected to the NC State campus fiber backbone via Ethernet connections.
  • The database service is owned, provided, and operated by OIT.
  • The data or content delivered by the database service is owned by the customer.
  • The database service will be initiated when a request is approved via Web Registry (https://webregistry.ncsu.edu).

Details of Service Agreement

OIT will be responsible for:

  • Implementing a MySQL database that will house the customer’s data and respond to SQL commands submitted by the customer or the customers programs.
  • Providing the customer with a database with a 100Mb soft quota.
  • Configuring two database accounts that will be able to:
    • Access the database for read-only purposes
    • Access the database for read and write purposes.
  • Performing change requests – requested through the email address oit_mysql@remedy.ncsu.edu – implemented within 3 business days of receipt.
  • Backing up the customer’s database(s):
    • Taken on a daily basis
    • Retained for 28 days.
  • Restoring customer database upon request within 3 business days.
  • Monitoring database services for availability.
  • Taking immediate action to correct issues when service availability falls below an acceptable level.
  • Communicating to campus by posting the following at SysNews:
    • Announcing any upcoming changes
    • Announcing any planned outages
    • Providing information regarding any unplanned outages that may have occurred.

OIT will not be responsible for:

  • Maintaining or creating any content to be delivered by the service.
  • Granting access or creating database userids for individuals.  All access will be via the userids provided.
  • Any copyright infringements caused by the unauthorized use of copyrighted material.
  • Providing ODBC connectivity or support to the database service or server.
  • Providing SQL, PHP or ColdFusion support or training.

The customer will be responsible for:

  • Controlling the distribution of the database userids provided.
  • Designing and implementing the database schema and any associated tables.
  • Loading data into the database and any associated tables.
  • Creating and maintaining any contents or scripts that may access the service.
  • Implementing appropriate business practices so as to minimize any OIT Shared Services recovery or repair requests.
  • Abiding by REG 08.00.02 Computer Use Regulation.
  • Making sure that your application and data storage must be compliant with:
    • Requirements of University policies.
    • FERPA, HIPPA, GLBA, ECPA, CFAA, and all other applicable federal and state laws regarding confidentiality of information.
  • Ensuring that your service should not contain any system components that are in either PCI DSS primary or secondary scope.
    • Primary PCI scope includes any system component that processes, transmits and/or stores Payment Card Numbers (including the Credit Card Security Code).
    • Secondary PCI scope is any system component that either provides services to primary scope components, or attaches to the primary scope directly.
  • Providing OIT Shared Services the names, phone numbers, and email addresses of critical contact personnel.
  • Updating Web Registry immediately (within one week) if any of the above contact information has changed.
  • Renewing annual SLA before the due date and providing complete renewal information

Other Notes

This Agreement will be in force until the end of the current fiscal year (June 30th).

OIT Shared Services can provide, in a very limited manner, assistance in database design.

Communications between the Customer and OIT Shared Services staff will be through the email address oit_mysql@remedy.ncsu.edu.  This address delivers mail to a problem-tracking system that enables the OIT Shared Services staff to quickly and easily respond to requests and questions.

OIT reserves the right to revoke access to the database and database server if—in the opinion of the Executive Director of Shared Services (or a designate):

  • There appear to be application(s) that are misbehaving, run-away, or consuming excessive CPU resources on the database server or associated web server(s)
  • There appear to be programs that access filespace not directly associated with the application or other unit/division/department.

If, in the opinion of OIT’s Executive Director of Shared Services (or a designate), the number of restoration requests become excessive, OIT may reserve remedies, including, but not limited to:

  • Charging on a per-request basis
  • Request of justification for restoration.

OIT will send MySQL Database renewal notification 45 calendar days before the database needs to be renewed using the contact information provided and maintained by the customer in the Web Registry. If no response is received from the customer by the due date, OIT will, at the discretion of the Executive Director of Shared Services (or a designate), shut down and decommission the corresponding database.  All data in the database will not be recoverable beyond the regular database backup retention period.

Cost of Service

This service is being provided on a partial cost recovery basis.

The details of the costing methodology will be provided upon request.

The cost of this service is $300 per year.  If applicable, the cost is pro-rated from the date the service is initiated until the end of the fiscal year, June 30.

IMPORTANT NOTE: General Ledger 5 accounts cannot be used for payment of this service. By providing the account information, an IDT will be processed and posted automatically.  Please note that the IDT will not require further approval from your unit.