Presentation is loading. Please wait.

Presentation is loading. Please wait.

LAL Site Report Michel Jouvin LAL / IN2P3

Published byChrystal Lawson Modified over 8 years ago

Similar presentations

Presentation on theme: "LAL Site Report Michel Jouvin LAL / IN2P3"— Presentation transcript:

1 LAL Site Report Michel Jouvin LAL / IN2P3 jouvin@lal.in2p3.fr

2 9/5/2005 LAL Site Report - HEPix - FZK 2005 Main Resources NFS SMB Appletalk www Mail Print LSF Cluster Gb Ethernet DS20 PC (300)Mac (100) Linux Experiments (40 CPUs) DS20e 10 Mb Alpha Experiments (8 CPUs) Electronic CAD (20 Sun CPUs) 100 Mb 100 Go Xterm ESA12000 1,5 TB FC HDS 9570 4 TB FC GRID Fram (40 CPUs)

3 9/5/2005 LAL Site Report - HEPix - FZK 2005 Main Resources Changes No HW change since BN Hepix –6TB on order (SATA extension to HDS 9570V), 3TB more planned in autumn –Call for tender for new CPUs (20 dual Opteron ?) Linux upgrade to Scientific Linux –Currently installed on all new machines (i386 or amd64) –Upgrade of old RH 7.2/9 machines (25) planned shortly. Will be done with Quattor (currently being set up) Future HW upgrades driven by Tier2 project –x3 in 2006 and 2007 for CPU and storage

4 9/5/2005 LAL Site Report - HEPix - FZK 2005 Mail Service Authenticated SMTP Spam : Bayesian filtering useful –Filtering efficiency : ~95% - pretty constant –Centralized database (no per user) –Management cost very low since last summer More than 3 months needed to reach current efficiency Feed filter db with a few hundreds of undecteted SPAMs every month coming from 3-5 users Move to Cyrus v2 still a project… Plan to implement a calendar server –Based on CalDAV –Client integrated in Mulberry (and many others probably)

5 9/5/2005 LAL Site Report - HEPix - FZK 2005 Mail Service : Blacklists LAL mailer blacklisted because of… Squid (Web cache) LAL faulty : Squid misconfiguration allowing to use it as a TCP relay for almost any protocol… –One exploit is to use squid to workaround relay restriction on mailer and use it to send SPAM –Misconfiguration 10 years old…!!! LAL blacklisted by 2 DNS blacklist service : –http://opm.blitzed.org : very professional, well documented automatic procedure to be removedhttp://opm.blitzed.org –http://www.spin.it (based on ???) : unable to get the reason, a nightmare to be removed from BL.http://www.spin.it –Advice : if using blacklist, use well managed ones.

6 9/5/2005 LAL Site Report - HEPix - FZK 2005 Certificates For 1 year, moving to certificates for Web authorization –Delivered by CNRS to every CNRS employee –Suppress traditional user/pwd auth as much as possible –More service available to LAL users outside lab Moving to certificates for Subversion (CVS replacement) –Subversion access through HTTP + WebDav Moving to certificated for WiKi authorization –Very successfull with Trac –Not working properly with TWiKi Promoting use of certificate for mail signature (or encryption)

7 9/5/2005 LAL Site Report - HEPix - FZK 2005 Windows Infrastructure IN2P3 forest still very successfull –11 labs in production –All IN2P3 labs should participate –An administrators group set up in April (5 persons, 1 Trac site) –Management cost very low… –Looking at MOM to get centralized alert on key infrastructure components –Move of LAL AD domain to IN2P3 forest delayed Antivirus : moving from F-Secure to McAfee –License policy change at CNRS / french Universities –+ : MSI deployment, - : signatures updates with SMS –A couple of machines infected every month : generally when user has the administrator accout…, cleaning is time consuming…

8 9/5/2005 LAL Site Report - HEPix - FZK 2005 GRID Paris region Tier2 project officially launched –Will be part of French MOU for LCG –Getting financial support is still a challenge… Partnership of 3 labs : DAPNIA, LAL, LPNHE –Will be 1 unified resource from the GRID –Distributed over 3 sites Target : simulation AND analysis –Opened to all LHC experiments + 20% non LHC (EGEE, local) –CPU capacity : 1500 CPUs –Large amount of storage planned : 300 TB of disks Looking at LUSTRE for a distributed filesystem (HP partnership)

9 9/5/2005 LAL Site Report - HEPix - FZK 2005 Miscellaneous Projects Quattor : nearly in production… Serial Console Management with SLAC/CERN tool : not yet –Presented at Hepix by C. Boeheim and H. Meinhard Conference organization tool –InDiCo installation postponed (too many problems encountered) EU project based on CERN Agenda, presented at Edinburgh –Agenda started and now in production for internal and external use Automatic visitor registration : postponed –Currently done manually on request (difficult but still manageable) –No WiFi access to visitors (except for conferences) –Dedicated network (routed) for conferences and visitors, not part of the intranet (in progress)

Download ppt "LAL Site Report Michel Jouvin LAL / IN2P3"

Similar presentations

HEPIX May 2004 Edinburgh Linux/Unix highlights.

HEPIX May 2004 Edinburgh Linux/Unix highlights.
LAL Site Report Michel Jouvin LAL / IN2P3

LAL Site Report Michel Jouvin LAL / IN2P3
Anti-SPAM experience at LAL Michel Jouvin LAL / IN2P3

Anti-SPAM experience at LAL Michel Jouvin LAL / IN2P3
SUS Feature Pack for SMS Michel Jouvin LAL / IN2P3

SUS Feature Pack for SMS Michel Jouvin LAL / IN2P3
Andrew McNab - Manchester HEP - 22 April 2002 EU DataGrid Testbed EU DataGrid Software releases Testbed 1 Job Lifecycle Authorisation at your site More.

Andrew McNab - Manchester HEP - 22 April 2002 EU DataGrid Testbed EU DataGrid Software releases Testbed 1 Job Lifecycle Authorisation at your site More.
Forschungszentrum Karlsruhe in der Helmholtz-Gemeinschaft Torsten Antoni – LCG Operations Workshop, CERN 02-04/11/04 Global Grid User Support - GGUS -

Forschungszentrum Karlsruhe in der Helmholtz-Gemeinschaft Torsten Antoni – LCG Operations Workshop, CERN 02-04/11/04 Global Grid User Support - GGUS -
4/2/2002HEP Globus Testing Request - Jae Yu x2814 1 Participating in Globus Test-bed Activity for DØGrid UTA HEP group is playing a leading role in establishing.

4/2/2002HEP Globus Testing Request - Jae Yu x Participating in Globus Test-bed Activity for DØGrid UTA HEP group is playing a leading role in establishing.
Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.

Cross Platform Single Sign On using client certificates Emmanuel Ormancey, Alberto Pace Internet Services group CERN, Information Technology department.
LAL Site Report Michel Jouvin LAL / IN2P3

LAL Site Report Michel Jouvin LAL / IN2P3
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
1/11/2000LDAP Status Report - HEPix - JLab 2000 LDAP Status Report Michel Jouvin LAL / IN2P3

1/11/2000LDAP Status Report - HEPix - JLab 2000 LDAP Status Report Michel Jouvin LAL / IN2P3
Homework 3.2 Clients Hub What’s wrong with this picture? Clients Using 100TX.

Homework 3.2 Clients Hub What’s wrong with this picture? Clients Using 100TX.
Site report: CERN Helge Meinhard (at) cern ch HEPiX fall SLAC.

Site report: CERN Helge Meinhard (at) cern ch HEPiX fall SLAC.
GRIF Status Michel Jouvin LAL / IN2P3

GRIF Status Michel Jouvin LAL / IN2P3
STTC 20/08/2002 Eva Sánchez-Corral 1 ST Division W2000 Migration status report Organisation and Management Strategy and Planning Review of experience Status.

STTC 20/08/2002 Eva Sánchez-Corral 1 ST Division W2000 Migration status report Organisation and Management Strategy and Planning Review of experience Status.
Managing CERN Desktops with Systems Management Server (SMS 2003) Michel Christaller Internet Services Group Department of Information Technology CERN May.

Managing CERN Desktops with Systems Management Server (SMS 2003) Michel Christaller Internet Services Group Department of Information Technology CERN May.
Storage Survey and Recent Acquisition at LAL Michel Jouvin LAL / IN2P3

Storage Survey and Recent Acquisition at LAL Michel Jouvin LAL / IN2P3
Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.

Module 10: Designing an AD RMS Infrastructure in Windows Server 2008.
Database Services for Physics at CERN with Oracle 10g RAC HEPiX - April 4th 2006, Rome Luca Canali, CERN.

Database Services for Physics at CERN with Oracle 10g RAC HEPiX - April 4th 2006, Rome Luca Canali, CERN.
Southgrid Status Report Pete Gronbech: February 2005 GridPP 12 - Brunel.

Southgrid Status Report Pete Gronbech: February 2005 GridPP 12 - Brunel.

Similar presentations

Ads by Google