Introduction to NAIS¶
GCP is now in General Availability, and we recommend everyone to deploy new apps there.
We've also made a migration guide, for moving old apps from SBS and FSS to GCP!
Head over to the Slack channel #nais-i-sky if you have any questions.
What is NAIS?¶
NAIS is NAV's Application Infrastructure Service, an open source application platform that aims to provide our developers with the best possible tools needed to develop and run their applications.
Getting started with NAIS¶
If you are just starting out developing applications and wish to deploy them to NAIS, it is highly recommended to read through the Getting started section!
Why NAIS exists¶
When you have a large development organisation, providing the developers with turn-key solutions for their most common needs can be a good investment.
Within each of these aspects, we leverage open source projects best suited for our needs and provide them with usable abstractions, sane defaults and the required security hardening.
GitOps is a way of implementing Continuous Deployment for cloud native applications. It focuses on a developer-centric experience when operating infrastructure, by using tools developers are already familiar with, including Git and Continuous Deployment tools.
Read more over at gitops.tech.
GitOps: versioned CI/CD on top of declarative infrastructure. Stop scripting and start shipping.
About security and privacy when using platform services¶
In general, the necessary agreements and assessments regarding security and privacy for use of the NAIS platform in GCP are in place. The summary of this can be read in: NAIS on GCP - privacy and security. This document is only available for NAV employees and in Norwegian.
For services from NAIS, a security assessment (ROS) has already been carried out. Teams who wish to use the service are responsible for assessing whether the security is sufficient for their use. Most safety assessments are documented in the PowerApps application TryggNok. Contact the NAIS team if you can´t find a relevant security assessment.
In NAV, we conduct Privacy Impact Assessments (PVK) to document that we operate in accordance with GDPR. Each team must have a PVK for the processing of personal data that they do. When a team adopts new technology, it may trigger a change in the privacy impact. If so, the team should update the PVK. ROS will often include information security, and can provide support in the completion of the PVK.
When a team wants to process personal data in a whole new way, the existing PVK might not cover this purpose. In this case, a new PVK is required in order to document the purpose and legal basis for the treatment. A legal coach from "juridisk seksjon" can assist with such an assessment.
NAIS has a 24/7 on-call service for operation and troubleshooting of the on-premises and GCP platforms, as well as third-party suppliers Aiven.
The on-call service is to be used for production environment events outside regular working hours only. Use slack mention @nais-team during regular working hours.
The on-call service is rotated, but the person on-call at the moment can be found in the slack user group "nais-vakt". The on-call phone number can be found in the header of the nais slack.
Response time for a request should be no more than 30 minutes for slack mentions (@nais-vakt).
Contact the NAIS team¶
The team can be found on Slack.
If your team would like closer follow-up for a period (or permanently), we would happily dedicate someone from NAIS as your NAM(s) - short for "NAIS Account Managers". This means we will create a dedicated slack channel for nais/team-communication and have meetings when/if required to discuss your concerns, issues, or wishes for the platform.
Also, follow us on Twitter @nais_io!