Presentation on theme: "VOMS server resilience Voms.gridpp.ac.ukS.Dolgobrodov Manchester Tier2 22nd GridPP Collaboration Meeting."— Presentation transcript:
VOMS server resilience Voms.gridpp.ac.ukS.Dolgobrodov Manchester Tier2 22nd GridPP Collaboration Meeting
Main vulnerable components Computer hardware Computer hardware Main power Main power Network access Network access Database Database Hosting about 20 regional Vos, more than 300 users in total PowerNet VO DBs MySQL
Hardware resilience Machine hardware Machine hardware Backup machine with alias NI device and IP address # This is /etc/sysconfig/network-scripts/ifcfg-eth0:1 DEVICE=eth0:1IPADDR=126.96.36.199 188.8.131.52 voms01.gpp.hep.man.ac.uk 184.108.40.206 voms02.gpp.hep.man.ac.uk 220.127.116.11 voms.gridpp.ac.uk Power supply Power supply Separate power lines for the front and backup servers Emergency power backup generator for the farm, air conditioners maintained round the clock. Loss of network Loss of network Separate switch for the front and back up servers.
Software resilience etc Data base backup Data base backup MySQL data bases (one per each VO) daily backing up on the backSecoup servers (3 replicas) keeping them mirrored. The only records under risk are those created during the day. Currently more than 300 records in 19 VOs Security Security ssh access restricted based on IP addresses ssh host keys are not used for access distinctive password from other farm nodes Human factor Human factor A second administrator with documented procedures for recovery.