1 / 9

LAL Site Report

LAL Site Report. Michel Jouvin LAL / IN2P3 jouvin@lal.in2p3.fr. 100 Go. FC. FC. HDS 9570 4 TB. ESA12000 1,5 TB. Electronic CAD (20 Sun CPUs). Alpha Experiments (8 CPUs). Linux Experiments (40 CPUs). GRID Fram (40 CPUs). Mac (100). Xterm. PC (300). Main Resources. DS20.

ginny
Télécharger la présentation

LAL Site Report

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. LAL Site Report Michel Jouvin LAL / IN2P3 jouvin@lal.in2p3.fr

  2. 100 Go FC FC HDS 9570 4 TB ESA12000 1,5 TB Electronic CAD (20 Sun CPUs) Alpha Experiments (8 CPUs) Linux Experiments (40 CPUs) GRID Fram (40 CPUs) Mac (100) Xterm PC (300) Main Resources DS20 LSF Cluster • NFS • SMB • Appletalk • www • Mail • Print DS20e Gb Ethernet 100 Mb 10 Mb LAL Site Report - HEPix - FZK 2005

  3. Main Resources Changes • No HW change since BN Hepix • 6TB on order (SATA extension to HDS 9570V), 3TB more planned in autumn • Call for tender for new CPUs (20 dual Opteron ?) • Linux upgrade to Scientific Linux • Currently installed on all new machines (i386 or amd64) • Upgrade of old RH 7.2/9 machines (25) planned shortly. Will be done with Quattor (currently being set up) • Future HW upgrades driven by Tier2 project • x3 in 2006 and 2007 for CPU and storage LAL Site Report - HEPix - FZK 2005

  4. Mail Service • Authenticated SMTP • Spam : Bayesian filtering useful • Filtering efficiency : ~95% - pretty constant • Centralized database (no per user) • Management cost very low since last summer • More than 3 months needed to reach current efficiency • Feed filter db with a few hundreds of undecteted SPAMs every month coming from 3-5 users • Move to Cyrus v2 still a project… • Plan to implement a calendar server • Based on CalDAV • Client integrated in Mulberry (and many others probably) LAL Site Report - HEPix - FZK 2005

  5. Mail Service : Blacklists • LAL mailer blacklisted because of… Squid (Web cache) • LAL faulty : Squid misconfiguration allowing to use it as a TCP relay for almost any protocol… • One exploit is to use squid to workaround relay restriction on mailer and use it to send SPAM • Misconfiguration 10 years old…!!! • LAL blacklisted by 2 DNS blacklist service : • http://opm.blitzed.org : very professional, well documented automatic procedure to be removed • http://www.spin.it (based on ???) : unable to get the reason, a nightmare to be removed from BL. • Advice : if using blacklist, use well managed ones. LAL Site Report - HEPix - FZK 2005

  6. Certificates • For 1 year, moving to certificates for Web authorization • Delivered by CNRS to every CNRS employee • Suppress traditional user/pwd auth as much as possible • More service available to LAL users outside lab • Moving to certificates for Subversion (CVS replacement) • Subversion access through HTTP + WebDav • Moving to certificated for WiKi authorization • Very successfull with Trac • Not working properly with TWiKi • Promoting use of certificate for mail signature (or encryption) LAL Site Report - HEPix - FZK 2005

  7. Windows Infrastructure • IN2P3 forest still very successfull • 11 labs in production • All IN2P3 labs should participate • An administrators group set up in April (5 persons, 1 Trac site) • Management cost very low… • Looking at MOM to get centralized alert on key infrastructure components • Move of LAL AD domain to IN2P3 forest delayed • Antivirus : moving from F-Secure to McAfee • License policy change at CNRS / french Universities • + : MSI deployment, - : signatures updates with SMS • A couple of machines infected every month : generally when user has the administrator accout…, cleaning is time consuming… LAL Site Report - HEPix - FZK 2005

  8. GRID • Paris region Tier2 project officially launched • Will be part of French MOU for LCG • Getting financial support is still a challenge… • Partnership of 3 labs : DAPNIA, LAL, LPNHE • Will be 1 unified resource from the GRID • Distributed over 3 sites • Target : simulation AND analysis • Opened to all LHC experiments + 20% non LHC (EGEE, local) • CPU capacity : 1500 CPUs • Large amount of storage planned : 300 TB of disks • Looking at LUSTRE for a distributed filesystem (HP partnership) LAL Site Report - HEPix - FZK 2005

  9. Miscellaneous Projects • Quattor : nearly in production… • Serial Console Management with SLAC/CERN tool : not yet • Presented at Hepix by C. Boeheim and H. Meinhard • Conference organization tool • InDiCo installation postponed (too many problems encountered) • EU project based on CERN Agenda, presented at Edinburgh • Agenda started and now in production for internal and external use • Automatic visitor registration : postponed • Currently done manually on request (difficult but still manageable) • No WiFi access to visitors (except for conferences) • Dedicated network (routed) for conferences and visitors, not part of the intranet (in progress) LAL Site Report - HEPix - FZK 2005

More Related