october,18-22 2004 site report roberto gomezel infn
TRANSCRIPT
2October,18-22 2004
Outline of PresentationOutline of Presentation
Computing Computing EnvironmentEnvironment
SecuritySecurity ServicesServices NetworkNetwork AFS AFS BBSBBS INFN FarmsINFN Farms Tier 1 at CNAFTier 1 at CNAF
3October,18-22 2004
Computing Environment and Computing Environment and securitysecurity
95% of boxes are PCs running Linux or 95% of boxes are PCs running Linux or Windows Windows
Mac OS boxes keep on livingMac OS boxes keep on living Just a few commercial unix boxes only used for Just a few commercial unix boxes only used for
specific tasks or needsspecific tasks or needs VPNs available in many sites VPNs available in many sites
Cisco boxes using IPsecCisco boxes using IPsec NetScreen boxes using IPsecNetScreen boxes using IPsec SSL VPNs are under evaluationSSL VPNs are under evaluation
The use of SSL eliminates the need of installing client The use of SSL eliminates the need of installing client software software
it enables instant access for users simply using a Web it enables instant access for users simply using a Web browserbrowser
Network SecurityNetwork Security Dedicated Firewall machines just in a few sitesDedicated Firewall machines just in a few sites Implemented with access lists on router connected Implemented with access lists on router connected
to WANto WAN
INFN Site Report – R.Gomezel
4October,18-22 2004
DesktopDesktop
PCs running Linux and Windows PCs running Linux and Windows Automatic installation using Kickstart for Automatic installation using Kickstart for
Linux and RIS for WindowsLinux and RIS for Windows Metaframe Citrix or Vmware used to Metaframe Citrix or Vmware used to
reduce the need to install Windows OS on reduce the need to install Windows OS on all PCs for desktop applicationsall PCs for desktop applications
A few sites chose to outsource support for A few sites chose to outsource support for desktop environment due to lack of desktop environment due to lack of personnelpersonnel
INFN Site Report – R.Gomezel
5October,18-22 2004
BackupBackup Tape Libraries used:Tape Libraries used:
AIT2 – a few sitesAIT2 – a few sites IBM Magstar – just used at LNFIBM Magstar – just used at LNF DLT, LTO – wide spreadDLT, LTO – wide spread
Backup tools:Backup tools: IBM Tivoli – quite usedIBM Tivoli – quite used HP Omniback – quite usedHP Omniback – quite used Atempo Time Navigator – just a few sitesAtempo Time Navigator – just a few sites Domestic tool - widespreadDomestic tool - widespread
INFN Site Report – R.Gomezel
6October,18-22 2004
Wireless LANWireless LAN Access point running standard 802.11b,gAccess point running standard 802.11b,g All sites are using wireless connection as All sites are using wireless connection as
meeting or conferences are runningmeeting or conferences are running Most of them use it to give connection to Most of them use it to give connection to
laptop computers laptop computers Security issues:Security issues:
Permission based on Secure Port filtering (MAC Permission based on Secure Port filtering (MAC Address) – poor securityAddress) – poor security
No encryption usedNo encryption used Some sites are using 802.1XSome sites are using 802.1X
INFN Site Report – R.Gomezel
7October,18-22 2004
E-mailE-mail Mail Transfer AgentMail Transfer Agent
Sendmail – widespread and more used (86%)Sendmail – widespread and more used (86%) Postfix – a few sites (14%)Postfix – a few sites (14%)
But there is an increasing number of sites planning to But there is an increasing number of sites planning to move from sendmail to postfixmove from sendmail to postfix
Hardware and OSHardware and OS
INFN Site Report – R.Gomezel
17%
9%
57%
17%
Alpha
Solaris
Intel/Linux
Intel/BSD
8October,18-22 2004
E-mail user agentE-mail user agent
All INFN sites provide an HTTP mail All INFN sites provide an HTTP mail user agent user agent One-third uses IMPOne-third uses IMP One-third uses SQUIRRELOne-third uses SQUIRREL Others:Others:
IMHO, Open WebMail, Cyrus+Roxen…IMHO, Open WebMail, Cyrus+Roxen…
Other mail user agentsOther mail user agents Pine, Internet Explorer, Mozilla…Pine, Internet Explorer, Mozilla…
INFN Site Report – R.Gomezel
9October,18-22 2004
E-mail antivirus E-mail antivirus
None32%
Rav27%
Amavis18%
Sophos9%
Clamav5%
Other68%
Vexira9%
None Rav Amavis
Sophos Vexira Clamav
INFN Site Report – R.Gomezel
10October,18-22 2004
E-mail antispam E-mail antispam
75% of INFN sites are using SPAM 75% of INFN sites are using SPAM Assassin as tool to reduce junk e-mailAssassin as tool to reduce junk e-mail
Some sites use RAV or SophosSome sites use RAV or Sophos Just a few sites (5%) are using nothingJust a few sites (5%) are using nothing An acl filter was set on port 25 in order An acl filter was set on port 25 in order
to avoid that hosts not authorized can to avoid that hosts not authorized can act as mail relay act as mail relay
Only authorized mail relay are allowed to Only authorized mail relay are allowed to send and receive mail for a specific sitesend and receive mail for a specific site
INFN Site Report – R.Gomezel
11October,18-22 2004
Security issuesSecurity issues
Monitored by GARR-CERT Incidents coming from INFN hosts (percentage)
• Goal by the end 2004: •define a new policy for ACL setting•Input filter: default deny
services just on hosts checked very strictly Output filter:
port 25
INFN Site Report – R.Gomezel
12October,18-22 2004
INFN networkINFN network LAN backbone network mainly LAN backbone network mainly
based on Gigabit Ethernetbased on Gigabit Ethernet Layer 2 and 3 switchingLayer 2 and 3 switching No layer 4 switchingNo layer 4 switching
The The INFNINFN WAN network is WAN network is completely integrated into the completely integrated into the GARR, nation-wide infrastructure, GARR, nation-wide infrastructure, providing a backbone connectivity providing a backbone connectivity at 2.5 Gigabitat 2.5 Gigabit POP typical access bandwidth for INFN sites: POP typical access bandwidth for INFN sites:
34Mbps, 155 Mbps, Gigabit ethernet34Mbps, 155 Mbps, Gigabit ethernet There is a trend to have a Gigabit Ethernet There is a trend to have a Gigabit Ethernet
access in any site with a bandwidth access in any site with a bandwidth management through rate limiting management through rate limiting mechanism (CAR) according to the needs of mechanism (CAR) according to the needs of the specific sitethe specific site
INFN Site Report – R.Gomezel
13October,18-22 2004
AFSAFS INFN sites keep on using AFS services to INFN sites keep on using AFS services to
share data and software throughout sitesshare data and software throughout sites Most of local cells have completely moved Most of local cells have completely moved
server functionality to Linux boxes running server functionality to Linux boxes running OpenAFS softwareOpenAFS software
Authentication and file server functionalities Authentication and file server functionalities of the nation-wide cell INFN.IT are running on of the nation-wide cell INFN.IT are running on Linux boxes with OpenAFS Linux boxes with OpenAFS
The migration of INFN.IT authentication The migration of INFN.IT authentication servers from Kerberos IV to Kerberos V is servers from Kerberos IV to Kerberos V is expected to be accomplished by the end of the expected to be accomplished by the end of the yearyear
INFN Site Report – R.Gomezel
14October,18-22 2004
BBS - Bologna Batch SystemBBS - Bologna Batch System
The Bologna Batch System (BBS) is a The Bologna Batch System (BBS) is a software tool that allowssoftware tool that allows users from INFN Bologna to submit batch jobs to a set of well users from INFN Bologna to submit batch jobs to a set of well defined machines, from any INFN defined machines, from any INFN Bologna machines with Condor installedBologna machines with Condor installed..
Collaboration between the C. S. Dept., Univ. of Collaboration between the C. S. Dept., Univ. of Wisconsin-Wisconsin-Madison and the INFN Bologna.Madison and the INFN Bologna.
Main features of BBSMain features of BBS::
Any executable can be submitted to the system (scripts, Any executable can be submitted to the system (scripts, compiled and linked programs, etc.).compiled and linked programs, etc.).
Two different 'queues' , short and long. Short and long Two different 'queues' , short and long. Short and long jobs have a different priority (nice) when running on the jobs have a different priority (nice) when running on the same machine.same machine.
Short jobs may run for no longer than an hour, but run at Short jobs may run for no longer than an hour, but run at a higher priority.a higher priority.
BBS tries to balance the load of the BBS CPUsBBS tries to balance the load of the BBS CPUs. .
P.Mazzanti
15October,18-22 2004
BBSBBS
Presently the system consists of 16 2-CPU servers, Linux RedHat 9 and a single CPU machine. 7 machines are from ALICE experiment.
BBS machines belong to the large INFN WAN Pool; they may be accessed from outside when no BBS job is running, while becoming IMMEDIATELY available when a BBS job asks to be run.
Only short jobs will be accepted by the 7 ALICE machines if submitted non ALICE group user.
P.Mazzanti
18October,18-22 2004
INFN Site Farm: a new INFN Site Farm: a new challengechallenge
Some sites are planning to reconfigure and Some sites are planning to reconfigure and integrate computing facilities and local experiment-integrate computing facilities and local experiment-specific farm into a unique computing farmspecific farm into a unique computing farm Reason: in order to avoid the increasing deployment of a Reason: in order to avoid the increasing deployment of a
lot of little and private farms for each single experiment in lot of little and private farms for each single experiment in addition to the general purpose computing facilityaddition to the general purpose computing facility
Introduction of SAN infrastructure to connect Introduction of SAN infrastructure to connect storage systems and computing unitsstorage systems and computing units GFS file system is under evaluation as an efficient way of GFS file system is under evaluation as an efficient way of
providing a cluster file sytem and volume managerproviding a cluster file sytem and volume manager Interesting because it is part of the SL3 distributionInteresting because it is part of the SL3 distribution
A lot of work for designing a mechanism to provide A lot of work for designing a mechanism to provide computing resources to different experiments computing resources to different experiments according to their needs in a dynamic wayaccording to their needs in a dynamic way We can learn from the experience coming from CNAF Tier1 We can learn from the experience coming from CNAF Tier1
and other Labsand other Labs
INFN Site Report – R.Gomezel
19October,18-22 2004
Hardware solutions Hardware solutions for the Tier1 at CNAFfor the Tier1 at CNAF
Luca Luca dell’Agnello dell’Agnello Stefano ZaniStefano Zani(INFN – CNAF, Italy)(INFN – CNAF, Italy)
Luca dell’Agnello -Stefano Zani
20October,18-22 2004
Tier1Tier1 INFN computing facility for HEP communityINFN computing facility for HEP community
Ending prototype phase last year, Ending prototype phase last year, now fully operationalnow fully operational Location: INFN-CNAF, Bologna (Italy)Location: INFN-CNAF, Bologna (Italy)
One of the main nodes on GARR networkOne of the main nodes on GARR network Personnel: ~ 10 FTE’sPersonnel: ~ 10 FTE’s
~ 3 FTE's dedicated to experiments~ 3 FTE's dedicated to experiments Multi-experimentMulti-experiment
LHC experiments(Alice, Atlas, CMS, LHCb), Virgo, CDF, BABAR, LHC experiments(Alice, Atlas, CMS, LHCb), Virgo, CDF, BABAR, AMS, MAGIC, ...AMS, MAGIC, ...
Resources dynamically assigned to experiments according to their Resources dynamically assigned to experiments according to their needsneeds
50% of the Italian resource for LCG50% of the Italian resource for LCG Participation to experiments data challengeParticipation to experiments data challenge Integrated with Italian Grid Integrated with Italian Grid Resources accessible also in traditional wayResources accessible also in traditional way
Luca dell’Agnello -Stefano Zani
21October,18-22 2004
Logistics Logistics Moved to a new location (last January)Moved to a new location (last January)
Hall in the basement (-2Hall in the basement (-2ndnd floor) floor)~ 1000 m~ 1000 m22 of total space of total space
Computing Nodes Computing Nodes Storage DevicesStorage Devices Electric Power System (UPS)Electric Power System (UPS) Cooling and Air conditioning systemCooling and Air conditioning system Garr GPopGarr GPop
Easily accessible with lorries from the roadEasily accessible with lorries from the roadNot suitable for office use (remote control Not suitable for office use (remote control needed)needed)
Luca dell’Agnello -Stefano Zani
22October,18-22 2004
Electric PowerElectric Power Electric Power GeneratorElectric Power Generator
1250 KVA (~ 1000 KW)1250 KVA (~ 1000 KW) up to 160 racksup to 160 racks
Uninterruptible Power Supply (UPS)Uninterruptible Power Supply (UPS)Located into a separate room (conditioned and Located into a separate room (conditioned and
ventilated)ventilated)800 KVA (~ 640 KW)800 KVA (~ 640 KW)
380 V three-phase distributed to all racks (Blindo)380 V three-phase distributed to all racks (Blindo)Rack power controls output 3 independent 220 V Rack power controls output 3 independent 220 V
lines for computerslines for computersRack power controls sustain burden up to 16 or 32 A Rack power controls sustain burden up to 16 or 32 A
32 A power controls needed for Xeon 36 bi-processors racks32 A power controls needed for Xeon 36 bi-processors racks
3 APC power distribution modules (24 outlets each) 3 APC power distribution modules (24 outlets each)
Luca dell’Agnello -Stefano Zani
23October,18-22 2004
Cooling & Air Cooling & Air ConditioningConditioning
RLS (Airwell) on the roof RLS (Airwell) on the roof ~ ~ 700 KW700 KW Water coolingWater cooling Need “booster pump” (20 mts T1 Need “booster pump” (20 mts T1 roof) roof) Noise insulationNoise insulation
1 Air Conditioning Unit (uses 20% of RLS 1 Air Conditioning Unit (uses 20% of RLS refreshing power and controls humidity)refreshing power and controls humidity)
12 Local Cooling Systems (Hiross) in the 12 Local Cooling Systems (Hiross) in the computing roomcomputing room
Luca dell’Agnello -Stefano Zani
24October,18-22 2004
WN typical Rack WN typical Rack CompositionComposition
Power Controls (3U)Power Controls (3U) 1 network switch (1-1 network switch (1-
2U)2U) 48 FE copper 48 FE copper
interfacesinterfaces 2 GE fiber uplinks2 GE fiber uplinks
34-36 1U WNs34-36 1U WNs Connected to network Connected to network
switch via FEswitch via FE Connected to KVM Connected to KVM
system system
Luca dell’Agnello -Stefano Zani
25October,18-22 2004
Remote console Remote console controlcontrol
Paragon UTM8 (Raritan) Paragon UTM8 (Raritan) 8 Analog (UTP/Fiber) output connections 8 Analog (UTP/Fiber) output connections Supports up to 32 Supports up to 32 daisy chainsdaisy chains of 40 nodes of 40 nodes
(UKVMSPD modules needed) (UKVMSPD modules needed) Costs: 6 KEuro + 125 Euro/server (UKVMSPD Costs: 6 KEuro + 125 Euro/server (UKVMSPD
module)module) IP-reach (expansion to support IP transport) IP-reach (expansion to support IP transport)
evaluted but not usedevaluted but not used Autoview 2000R (Avocent)Autoview 2000R (Avocent)
1 Analog + 2 Digital (IP transport) output 1 Analog + 2 Digital (IP transport) output connections connections
Supports connections up to 16 nodes Supports connections up to 16 nodes Optional expansion to 16x8 nodesOptional expansion to 16x8 nodes
Compatible with Paragon (“gateway” to IP)Compatible with Paragon (“gateway” to IP)
Luca dell’Agnello -Stefano Zani
26October,18-22 2004
Networking (1)Networking (1) Main Network infrastructure based on optical Main Network infrastructure based on optical
fibres (~ 20 Km)fibres (~ 20 Km) To ease adoption of new (High Performances) To ease adoption of new (High Performances)
transmission technologiestransmission technologies To insure a better electrical insulation on long To insure a better electrical insulation on long
distancesdistances Local (Rack wide) links with UTP (copper) cablesLocal (Rack wide) links with UTP (copper) cables
LAN has a “classical” star topologyLAN has a “classical” star topology GE core switch (Enterasys ER16)GE core switch (Enterasys ER16) NEW core switch (Black Diamond 10808 ) is in pre NEW core switch (Black Diamond 10808 ) is in pre
productionproduction 120 Gbit Fiber (Scale up to 480 ports)120 Gbit Fiber (Scale up to 480 ports) 12 10 Gbit Ethernet (Scale up to max 48 ports)12 10 Gbit Ethernet (Scale up to max 48 ports)
Farms up-link via GE trunk (Channel) to core switchFarms up-link via GE trunk (Channel) to core switch Disk Servers directly connected to GE switch (mainly fibre)Disk Servers directly connected to GE switch (mainly fibre)
Luca dell’Agnello -Stefano Zani
27October,18-22 2004
Networking (2)Networking (2) WN's connected via FE to rack switch (1 switch per WN's connected via FE to rack switch (1 switch per
rack)rack) Not a single brand for switches (as for wn's)Not a single brand for switches (as for wn's)
3 Extreme Summit 48 FE + 2 GE ports3 Extreme Summit 48 FE + 2 GE ports 3 3550 Cisco 48 FE + 2 GE ports3 3550 Cisco 48 FE + 2 GE ports 8 Enterasys 48 FE 2GE ports8 Enterasys 48 FE 2GE ports 10 switch Summit400 48 GE copper + 2 GE ports + 10 switch Summit400 48 GE copper + 2 GE ports +
(2x10Gb ready) (2x10Gb ready) Homogeneous characteristics Homogeneous characteristics
48 Copper Ethernet ports48 Copper Ethernet ports Support of main standards (e.g. 802.1q)Support of main standards (e.g. 802.1q) 2 Gigabit up-links (optical fibers) to core switch2 Gigabit up-links (optical fibers) to core switch
CNAF interconnected to GARR-G backbone at 1 Gbps.CNAF interconnected to GARR-G backbone at 1 Gbps.
Luca dell’Agnello -Stefano Zani
28October,18-22 2004
FarmSW3(IBM)
NA
S4
FarmSWG1
SSR8600
FarmSW1
FarmSW2(Dell)
LHCBSW1
NA
S2
NA
S3
S.Zani
FarmSW4(IBM3)Catalyst3550
FarmSW5(3Com)
DE
LL
A
XU
S
SA
N
Disk Servers
F.C.
F.C.
F.C.
F.C.
FarmSW9
FarmSW12131.154.99.121
FarmSW6
FarmSW7
FarmSW8 FarmSW10
FarmSW11
FarmSWG2
ST
K
F.C.
1st Floor
Internal services
T1
Babar SW
NA
S1
Network Network ConfigurationConfiguration
Info
rtrend
F.C.
IBM
FasT
900
GARR
1 Gb/s
29October,18-22 2004
L2 ConfigurationL2 Configuration Each Experiment has its own VLANEach Experiment has its own VLAN Solution adopted for complete Solution adopted for complete
granularitygranularityPort based VLAN Port based VLAN VLAN identifiers are propagated across VLAN identifiers are propagated across switches (802.1q)switches (802.1q)
Avoid recabling (Avoid recabling (or physical movingor physical moving) of ) of machines to change farm topologymachines to change farm topology
Level 2 isolation of farmsLevel 2 isolation of farms Possibility to define multi-tag (Trunk) Possibility to define multi-tag (Trunk)
ports (for servers)ports (for servers)
Luca dell’Agnello -Stefano Zani
30October,18-22 2004
Power SwitchesPower Switches 2 models used at Tier1:2 models used at Tier1:
• ““Old” APC MasterSwitch Old” APC MasterSwitch Control Unit AP9224 Control Unit AP9224 controlling 3x8 outlets controlling 3x8 outlets 9222 PDU from 1 Ethernet9222 PDU from 1 Ethernet
• ““New” APC PDU Control New” APC PDU Control Unit AP7951 controlling Unit AP7951 controlling 24 outlets from 1 Ethernet24 outlets from 1 Ethernet
““zero” Rack Unit (vertical zero” Rack Unit (vertical mount)mount)
Access to the Access to the configuration/control menu configuration/control menu via serial/telnet/web/snmpvia serial/telnet/web/snmp
1 Dedicated machine 1 Dedicated machine running APC running APC Infrastruxure Infrastruxure Manager SoftwareManager Software (in (in progress)progress)
Luca dell’Agnello -Stefano Zani
31October,18-22 2004
Remote Power Remote Power Distribution UnitDistribution Unit
Screenshot of APC Infrastruxure Manager Software with the status of all TIER1 PDU
Luca dell’Agnello -Stefano Zani
32October,18-22 2004
Computing unitsComputing units ~ 800 1U rack-mountable Intel dual ~ 800 1U rack-mountable Intel dual
processor serversprocessor servers 800 MHz – 3.06 GHz 800 MHz – 3.06 GHz ~ 700 wn’s (~ 1400 CPU’s) available for LCG~ 700 wn’s (~ 1400 CPU’s) available for LCG
Tendering:Tendering: HPC farm with MPIHPC farm with MPI
Servers interconnected via InfinibandServers interconnected via Infiniband Opteron farm (near future)Opteron farm (near future)
Luca dell’Agnello -Stefano Zani
33October,18-22 2004
Storage ResourcesStorage Resources~200 TB RAW Disk Space ON LINE.~200 TB RAW Disk Space ON LINE.
NASNAS NAS1+NAS4 (3Ware low cost) NAS1+NAS4 (3Ware low cost) Tot 4.2 TBTot 4.2 TB NAS2+NAS3 (Procom)NAS2+NAS3 (Procom) Tot 13.2 TBTot 13.2 TB
SAN SAN Dell Powervault 660fDell Powervault 660f Tot 7Tot 7TBTB Axus (Brownie)Axus (Brownie) Tot 2Tot 2TBTB STK BladestoreSTK Bladestore TotTot 9 9 TBTB Infortrend ES A16F-R Infortrend ES A16F-R TotTot 1212 TBTB IBM Fast-T 900IBM Fast-T 900 Tot 150 TBTot 150 TB
Luca dell’Agnello -Stefano Zani
34October,18-22 2004
STORAGE resourceSTORAGE resourceCLIENT SIDE
WAN or TIER1 LAN
PROCOM NAS2Nas2.cnaf.infn.it8100 GbyteVIRGO ATLAS
Fileserver CMS diskserv-cms-1
PROCOM NAS3Nas3.cnaf.infn.it4700 GbyteALICE ATLAS
IDE NAS1,NAS4Nas4.cnaf.infn.it1800+2000 GbyteCDF LHCB
AXUS BROWIECirca 2200 GByte 2 FC interface
DELL POWERVAULT7100 GByte2 FC interface
FAIL-OVERsupport
Gadzoox SlingshotFC Switch 18 port
RAIDTEC1800 Gbyte2 SCSI interfaces
CASTORServer+staging
STK180 with 100 LTO (10Tbyte Native)
Fileserver Fcds2
Alias diskserv-ams-1 diskserv-atlas-1
STK BladeStoreCirca 10000 GByte 4 FC interface
STK L5500 robot (max 5000) 6 LTO-2
InfortrendES A16F-R12 TB
Luca dell’Agnello -Stefano Zani
35October,18-22 2004
Storage management and Storage management and access (1)access (1) Tier1 storage resources accessible as Tier1 storage resources accessible as
classical storage or via grid classical storage or via grid Non grid disk storage accessible via NFSNon grid disk storage accessible via NFS Generic WN’s also have AFS client Generic WN’s also have AFS client NFS mount volumes configured via autofs NFS mount volumes configured via autofs
and ldap and ldap unique configuration repository eases unique configuration repository eases maintenancemaintenance
in progress: integration of ldap configuration in progress: integration of ldap configuration with Tier1 db datawith Tier1 db data
Scalability issues with NFSScalability issues with NFSExperienced stalled mount pointsExperienced stalled mount points
Luca dell’Agnello -Stefano Zani
36October,18-22 2004
Storage management and Storage management and access (2)access (2)
Part of disk storage used as front-end to CASTORPart of disk storage used as front-end to CASTOR Balance between disk and CASTOR according to Balance between disk and CASTOR according to
experiments needsexperiments needs 1 stager for each experiment (installation in 1 stager for each experiment (installation in
progress)progress) CASTOR accessible both directly or via gridCASTOR accessible both directly or via grid
CASTOR SE availableCASTOR SE available ALICE Data Challenge used CASTOR ALICE Data Challenge used CASTOR
architecturearchitecture Feedback to CASTOR teamFeedback to CASTOR team Need optimization for file restagingNeed optimization for file restaging
Luca dell’Agnello -Stefano Zani
37October,18-22 2004
Tier1 DatabaseTier1 Database Resource database and Resource database and management interfacemanagement interface
Postgres database as back endPostgres database as back end Web interface (apache+mod_ssl+php)Web interface (apache+mod_ssl+php) Hw servers characteristics Hw servers characteristics Sw servers configurationSw servers configuration Servers allocationServers allocation
Possible direct access to db for some applicationsPossible direct access to db for some applications Monitoring systemMonitoring system NagiosNagios
Interface to configure switches and interoperate Interface to configure switches and interoperate with installation system.with installation system.
Luca dell’Agnello -Stefano Zani
38October,18-22 2004
Installation Installation issuesissues
Centralized installation systemCentralized installation systemLCFG (EDG WP4)LCFG (EDG WP4)Integration with a central Tier1 db Integration with a central Tier1 db Moving from a farm to another Moving from a farm to another implies just changes in IP implies just changes in IP address (not name)address (not name)
Unique dhcp server for all VLANsUnique dhcp server for all VLANsSupport for DDNS (cr.cnaf.infn.it)Support for DDNS (cr.cnaf.infn.it)
Investigating Quattor for future Investigating Quattor for future needsneeds
Luca dell’Agnello -Stefano Zani
39October,18-22 2004
Our Desired Solution for Our Desired Solution for Resource AccessResource Access
SHARED RESOURCES among all experimentsSHARED RESOURCES among all experiments Priorities and reservations managed by the Priorities and reservations managed by the
schedulerscheduler Most of Tier1 computing machines installed as Most of Tier1 computing machines installed as
LCG Worker Nodes, with light modifications to LCG Worker Nodes, with light modifications to support more VOssupport more VOs
Application Software not directly installed on Application Software not directly installed on WNs but accessed from outside (NFS, AFS, …)WNs but accessed from outside (NFS, AFS, …)
One or more Resource Manager to manage all One or more Resource Manager to manage all the WNs in a centralized waythe WNs in a centralized way
Standard way to access Storage for each Standard way to access Storage for each applicationapplication
Luca dell’Agnello -Stefano Zani