Upload
kathlyn-bailey
View
215
Download
1
Embed Size (px)
Citation preview
Nov 1, 2000 Site report DESY 1
DESY Site Report
Wolfgang Friebel
DESY
Nov 1, 2000 HEPiX Fall 2000@JLAB
Nov 1, 2000 Site report DESY 2
Contents
Linux Automated installation Fileserver with IDE disks
Project Disk Cache LDAP and User registry Security update
DESY Certificate Authority Port filtering Bastion host
Misc topics
Nov 1, 2000 Site report DESY 3
Linux
Automated Linux Installation and Configuration with YaST2 see also talk by T. Kleinwort Draft of the YaST2 enhancements worked out (SuSE, DESY) Prototype of new inst/config tool expected by mid Nov.
Installation of large file servers with IDE disks similar systems as proposed (and installed) by CERN (F. Collin) one test system 1.5 TB ordered for H1 (Hamburg) installation and first tests since two weeks smaller system 600 GB ordered for Zeuthen After successful tests further file servers for other experiments planned
Nov 1, 2000 Site report DESY 4
Project Disk Cache Driven by increasing demands of data storage and access
(HERA Luminosity upgrade) Project objectives - experiments view
Staging of data for analysis and reconstruction, fast and efficient access efficient usage of staging pools and bandwidth by importance caching centrally maintained and fully transparent user work space
Project objectives - technical view optimized usage of existing tape drives, use of cheaper drives possible automatic exploration of optimal location for data no explicit staging required any longer data access independent from data placement
Realisation in cooperation with FNAL Major goals should be reached at HERA restart (III/2001)
Nov 1, 2000 Site report DESY 5
LDAP and User registry
New LDAP version 3 servers installed (HH+Ztn) openldap 2.0.6, scheme with minor DESY enhancements Plans to have NIS functionality with LDAP (1 Linux box in
Zeuthen running already for one year with LDAP)
Plans to write (or purchase) a new DESY wide user registry goal: automation of account related system administration User registry should be base for LDAP, active directory and
further data collections
Nov 1, 2000 Site report DESY 6
Security update
DESY Certificate Authority created (9/2000) signed by DfN (German research network provider) two CA’s under the top level DESY CA first use for web (https) and mail (simap) servers
Very strict port filtering in WAN router (5/2000) ports only for encrypted protocols open (exceptions http, afs) opening of further ports only on well founded request reduction of scans observed, attack against computer with many
open ports seen, since then fewer exceptions from policy
Bastion hosts based on Mindterm ssh java applet in production for Hamburg, in test for Zeuthen
Nov 1, 2000 Site report DESY 7
Misc topics
Status batch system CODINE company Gridware acquired by Sun in July freely available for Solaris, other platforms to come source code will be put under open source code license (I/2001?) more infos under http://www.sun.com/gridware farms in Zeuthen and few linux boxes in Hamburg equipped with
Codine
Status trouble ticket system (Zeuthen) more than 4500 tickets resolved since May 1998 proved successful, only minor „social“ problems not related to
SW
Nov 1, 2000 Site report DESY 8
Misc topics (2)
Status of free precompiled software from TWW very responsive small company (The Written Word) security updates as fast as possible (sometimes before we heard
of the security holes) one package manager (pkg-inst) for ALL platforms new platforms Solaris 8, AIX 4.3.2, Digital UNIX 4.0A TWW tried to improve their distribution including feedback of my
talk at the HEPiXspring meeting we are willing to use TWW for more platforms, decision for
Hamburg site not yet taken
Experimental Kerberos 5 infrastructure (HH)
Nov 1, 2000 Site report DESY 9
Trends
Rise in compute power mostly Linux April:304(HH)+66(Ztn)Systems, Oct:446+80
Increasing number of Solaris boxes for service functions 127+27 --> 139+36
High and rising demands in storage capacity Luminosity upgrade for HERA in 2001 taking APEMille parallel computers into production
Decreasing number of System Administrators Increasing average age of Sysadmins