Contents
Index

Editorial
Forum for Readers
Announcements Physics Computing Desktop Computing Internet Services and Network Technical Computing Desktop Publishing Education & Documentation Just For Fun ... If you need help
Editorial Information
Previous:DataGrid Toward its Final Run
Next:Desktop Computing
 (If you want to print this article)



HEPiX-HEPNT - TRIUMF, Vancouver (October 2003)

Alan Silverman , IT/PS
(with help from Helge Meinhard and others)


Abstract

This article is intended to give a global picture of the last HEPiX-HEPNT meeting which took place at TRIUMF, Vancouver, in October 2003. We apologize for the fact that, due to the number of talks and the quite high level technically, this summary looks more like a series of bullets which covers only some of the most important points. A complete and detailed "Trip Report" is available at: http://www.triumf.ca/hepix2003/pres/24-03/summary/summary.pdf


Highlights

  • High attendance for a meeting in North America - the attraction of Vancouver as a site and security as a subject were cited as possible reasons, as well as the increasing visibility of HEPiX
  • Excellent organisation
  • Redhat discussions: although the Redhat speaker did not tell us anything new (and several attendees expressed disappointment that he did not announce the solution to our current problem), he did impress some of us with his sense of commitment to finding a solution for the current support situation. It seems clear that Redhat themselves are still working through the ramifications of their new release policy. [And discussions continue by e-mail since the meeting.]
  • The internal discussion on Redhat the following day seemed to confirm that the negotiations being undertaken by SLAC, FNAL and CERN as representatives of the wider HEP community are supported (although not all sites were represented by decision makers)
  • First (?) appearance of vendor exhibits at HEPiX plus talks from commercial vendors (especially Redhat and Microsoft).
  • Sharing of code among HEP sites (CERN's print manager in use in LAL; SLAC's console management tool being adopted by CERN via a collaboration; SLAC's monitoring tool used in DESY Zeuthen; etc)
  • A very interactive Large Security SIG all-day session on the topic of Security. The security officers of all the major sites were present and the atmosphere often was more of an interactive workshop.
  • The forming of a forum for Mass Storage Systems' interoperability.

Site Reports

As usual the meeting started with site reports from all the different laboratories. Various HEP institutes have reported on their internal solution and implementation regarding:
  • Central and distributed computing: Unix is represented with Linux and Solaris. For Linux both Red Hat (different versions) and SuSE (at DESY) are implemented. For desktop computing migration to Windows XP has been done, or is being done in most sites,
  • Batch services,
  • Backup, disk storage and mass storage,
  • Central mail services (including problems with spam) - most of the laboratories are using central Exchange servers,
  • Security,
  • Grid activities: LCG integration, test bed for EDG, etc.
Specific points that have been raised by the laboratories in their respective site report, in no particular order:
  • Oxford University Particle Physics: plans are to continue network security and reduce number of Operating Systems. Problems are the choice for laptops and Red Hat version.
  • IN2P3: There are no on-site users, no accelerators or experiments. All resources are shared and common, except for a small dedicated grid testbed for software development.
  • SLAC: BaBar experiment has resumed data taking in September. This was seen as a good startup at high rates. They are converting to a new computing model: Babar events are stored in Root, but conditions and some metadata are still based on Objectivity.
  • Triumf/UBC is the first HEP site to install a large blade cluster (WestGrid). They are involved in the 10 Gbps link to CERN and achieved 5.5 Gbps sustained.
  • LAL: an important issue they have to address is about home machines connecting to the Lab, despite the instructions that are provided.
  • RAL: they have a new helpdesk, replacing Remedy by Request Tracker. Outstanding issues are many new developments and services, P4 Xeon experience giving poor performance, and the Red Hat support policy.
  • GSI: AIX and Windows servers (mail, DHCP, DNS) are being migrated to Linux.
  • BNL: Their future plans are the expansion of the Linux farm, more scalable solutions for file serving (Panasys, dCache), and to provide grid services (US Atlas Grid Testbed).
  • DESY: Linux will be based on SuSE (mainly on user demand): new setup routines are being prepared, and new central software distribution concept will be defined (no longer AFS based). For future releases, they are considering Debian as well. Grid activities: centrally supported pool (EDG 1.4) for all Hera groups, based on SuSE (all tools ported). DESY is a cooperating member of EGEE, and a founding member of dGrid.
  • Jefferson Lab: future plans are standard windows builds (server, IIS server, desktop, laptop), backup migration to Reliaty, ssh v2 study. They will continue development for JASMine (batch farm management and monitoring).
  • NIKHEF: they have phased out HP, SGI, and SuSE (keeping only Solaris and Red Hat Linux). Some parts of the network infrastructure in the Computer Center have been migrated to Gigabit Ethernet. They provide a development and application testbed for EDG (140 nodes, 5 TB), contributing to data challenges of D0 and LHC experiments. They will be involved in LCG and EGEE.

Presentations

More specific presentations were given on:
  • Castor evolution at CERN (by Jean-Damien Durand),
  • First experience with Windows Terminal Services at CERN (by Alberto Pace),
  • New fabric management tools in production at CERN (by Thorsten Kleinwort),
  • Mail service at GSI (by Karin Miers),
  • CVS status and tools at CERN (by Sebastian Lopienski),
  • CERN's Solaris Service Update (porting of EDG WP4 Quattor to Solaris and status of SUNDEV),
  • APT for RPM - Simplified Package Management (tool used by INFN Napoli for installing their Redhat systems),
  • PDSF Host Database Project (for inventory management and tracking),
  • CERN's Console Management Infrastructure (by Helge Meinhard),
  • Debian at GSI (with a comparison with Redhat and SuSE releases of Linux),
  • Web-Based File Systems and Webdav (HTTP protocol extension for file access via the web),
  • Delegating NIS Group Administration (by Alf Wachsmann, SLAC's system administrator),
  • Exchange Deployment and Spam Fighting at CERN (by Alberto Pace),
  • Spam Fighting at TRIUMF,
  • Redhat Linux (Don Langley, Redhat sales manager covering California including SLAC, was invited to discuss the situation around Redhat),
  • AFS Cross-Cell Authentication Using Kerberos 5 (at INFN),
  • ADC Tests (various "research activities" going on inside IT/ADC group at CERN in view of the approaching LHC, including the CERN openlab initiative and the opencluster),
  • Redhat Linux Support Policy (interactive session on reactions to and consequences of the new Redhat support policy),
  • New HEPiX Scripts,
  • TiBS - AFS Backup at FNAL,
  • TRIUMF Computing Services,
  • LCG-1 Status and Deployment,
  • LCG Overview and Scaling Challenge,
  • Windows Server Hardware Management at DESY,
  • Windows and UNIX Interoperability (talk by Microsoft on tips and tricks to make Windows and UNIX work together),
  • CERN Print Manager Abroad,
  • Panasas's Object-Based Storage (Scalable Bandwidth for Clusters),

Security

One day of the meeting was devoted to "Security". Bob Cowles of SLAC started the sessions organised under the banner of the Large System SIG of HEPiX by reviewing recent security "events". He began by showing the effect on network traffic of the Slammer attack and how prompt remedial action had prevented a much worse problem. But it did show how little system patching goes on. As seen in CERN and elsewhere, he described how the infections arrived in SLAC (VPN, DHCP, etc) and the steps taken to "encourage" users to patch their systems. Afterwards, various presentations were made on:
  • CERN's Reactions to Recent Attacks,
  • Opportunities for Collective Incident Response,
  • LCG Security Update,
  • Security Components on CERN Farm Nodes,
  • Root Kit Detection Tools (from NERSC/PDSF),
  • PKI Tutorial,
  • CERN's Computer Security Challenge,
  • Security Update from KEK,
  • Cluster Security at SLAC,
  • A Walk Through a Grid Security Incident.

Parallel Sessions (and Workshops)

The last day consisted of 3 parallel sessions:
  1. Windows Birds of a Feather, leading to discussions on patch distribution on Windows (using SMS, SUS and group policies) and the SLAC password synchronization project between Unix/Windows.
  2. a discussion on how to further the security team collaboration ideas proposed by Matt Crawford of FNAL for a possible collaboration in fighting security attacks.
  3. a video-conference on mass storage with participation remotely from amongst others FNAL and RAL. The objective was to prepare a fuller program of mass storage presentations as the theme of the next Large System SIG day at the Edinburgh HEPiX.


For matters related to this article please contact the author.


Cnl.Editor@cern.ch
CERN-CNL-2003-003
Vol. XXXVIII, issue no 3


Last Updated on Mon Dec 15 12:10:16 CET 2003.
Copyright © CERN 2003 -- European Organization for Nuclear Research