DESY Site Report Wolfgang Friebel DESY Nov 1, 2000 HEPiX Fall 2000@JLAB Nov 1, 2000 Site report DESY.
Download ReportTranscript DESY Site Report Wolfgang Friebel DESY Nov 1, 2000 HEPiX Fall 2000@JLAB Nov 1, 2000 Site report DESY.
DESY Site Report Wolfgang Friebel DESY Nov 1, 2000 HEPiX Fall 2000@JLAB Nov 1, 2000 Site report DESY 1 Contents Linux Automated installation Fileserver with IDE disks Project Disk Cache LDAP and User registry Security update DESY Certificate Authority Port filtering Bastion host Misc topics Nov 1, 2000 Site report DESY 2 Linux Automated Linux Installation and Configuration with YaST2 see also talk by T. Kleinwort Draft of the YaST2 enhancements worked out (SuSE, DESY) Prototype of new inst/config tool expected by mid Nov. Installation of large file servers with IDE disks Nov 1, 2000 similar systems as proposed (and installed) by CERN (F. Collin) one test system 1.5 TB ordered for H1 (Hamburg) installation and first tests since two weeks smaller system 600 GB ordered for Zeuthen After successful tests further file servers for other experiments planned Site report DESY 3 Project Disk Cache Driven by increasing demands of data storage and access (HERA Luminosity upgrade) Project objectives - experiments view Project objectives - technical view Staging of data for analysis and reconstruction, fast and efficient access efficient usage of staging pools and bandwidth by importance caching centrally maintained and fully transparent user work space optimized usage of existing tape drives, use of cheaper drives possible automatic exploration of optimal location for data no explicit staging required any longer data access independent from data placement Realisation in cooperation with FNAL Major goals should be reached at HERA restart (III/2001) Nov 1, 2000 Site report DESY 4 LDAP and User registry New LDAP version 3 servers installed (HH+Ztn) openldap 2.0.6, scheme with minor DESY enhancements Plans to have NIS functionality with LDAP (1 Linux box in Zeuthen running already for one year with LDAP) Plans to write (or purchase) a new DESY wide user registry Nov 1, 2000 goal: automation of account related system administration User registry should be base for LDAP, active directory and further data collections Site report DESY 5 Security update DESY Certificate Authority created (9/2000) Very strict port filtering in WAN router (5/2000) signed by DfN (German research network provider) two CA’s under the top level DESY CA first use for web (https) and mail (simap) servers ports only for encrypted protocols open (exceptions http, afs) opening of further ports only on well founded request reduction of scans observed, attack against computer with many open ports seen, since then fewer exceptions from policy Bastion hosts based on Mindterm ssh java applet Nov 1, 2000 in production for Hamburg, in test for Zeuthen Site report DESY 6 Misc topics Status batch system CODINE company Gridware acquired by Sun in July freely available for Solaris, other platforms to come source code will be put under open source code license (I/2001?) more infos under http://www.sun.com/gridware farms in Zeuthen and few linux boxes in Hamburg equipped with Codine Status trouble ticket system (Zeuthen) Nov 1, 2000 more than 4500 tickets resolved since May 1998 proved successful, only minor „social“ problems not related to SW Site report DESY 7 Misc topics (2) Status of free precompiled software from TWW very responsive small company (The Written Word) security updates as fast as possible (sometimes before we heard of the security holes) one package manager (pkg-inst) for ALL platforms new platforms Solaris 8, AIX 4.3.2, Digital UNIX 4.0A TWW tried to improve their distribution including feedback of my talk at the HEPiXspring meeting we are willing to use TWW for more platforms, decision for Hamburg site not yet taken Experimental Kerberos 5 infrastructure (HH) Nov 1, 2000 Site report DESY 8 Trends Rise in compute power mostly Linux Increasing number of Solaris boxes for service functions 127+27 --> 139+36 High and rising demands in storage capacity April:304(HH)+66(Ztn)Systems, Oct:446+80 Luminosity upgrade for HERA in 2001 taking APEMille parallel computers into production Decreasing number of System Administrators Increasing average age of Sysadmins Nov 1, 2000 Site report DESY 9