Agenda

1. Matters and actions arising from last meeting
2. Details on a recent security incident (Speaker: Romain Wartel)
3. VOBOX SLS review, New OS Update procedure (Speaker: Juan Manuel Guijarro)
4. Example of a CERN security team approved security baseline document for the CMS/ATLAS web redirector (Speaker: Flavia Donno)
5. Operation team's procedures in case of 'emergency' problems with respect to machine importance (Speaker: Fabio Trevisani)
6. Tools around quattor (Speaker: Flavia Donno)
7. A self-healing monitoring system based on lemon sensors (Speaker: Maria Dolores Saiz Santos)
8. Web Redirector: a tutorial for VOCs (Speaker: Flavia Donno)
9. AOB

Minutes

• Attendees:
  • ALICE - Patricia Mendez
  • ATLAS - Serguey Baranov
  • CMS - Jorge Amando Molina-Perez
  • LHCb - Joel Closier
  • IT-PES-PS - Ricardo Silva (Secretary), Juan Manuel Guijarro, Ewan Roche
  • IT-CF - Veronique Lefebure, Fabio Trevisani
  • IT-ES - Maria Girone (Chair), Flavia Donno, Jamie Shiers
  • Security Team - Romain Wartel

1. Matters and actions arising from last meeting
2. VOBOX SLS review, New OS Update procedure (Speaker: Juan Manuel Guijarro)
   1. LHCb mentioned there were a couple of open bugs which prevent LHCb from using Lemon to monitor their services.
   2. IT-PES would like to remove the Special Facilities services in SLS since they are not relevant or useful anymore.
   3. Regarding the OS Update procedure, IT-PES is working on providing a webpage which will display differences between updates.
   4. There is a recommendation to deploy netlog and remote syslogging wherever relevant/possible. Web redirectors are good candidates. Generally any machines with network connections initiated/received by multiple users are good candidates.
3. Details on a recent security incident (Speaker: Romain Wartel)
   1. The unofficial (CERN) kernel build made available for SLC5 is good, there is no immediate need to upgrade to the official build.
   2. All VOs agreed it's good to have more or less regular reports from the Security Team to raise awareness to the current types of attacks.
4. Example of a CERN security team approved security baseline document for the CMS/ATLAS web redirector (Speaker: Flavia Donno)
   1. The example for the Web redirectors has been made available. 3 templates have been provided by the Security Team, VOCs should choose the appropriate one depending on the service.
5. Operation team's procedures in case of 'emergency' problems with respect to machine importance (Speaker: Fabio Trevisani)
6. Tools around Quattor (Speaker: Flavia Donno)
   1. Lemon actuators not being as flexible as desirable were complemented by a set of scripts (execscript).
   2. IT-CF proposed a tutorial on Lemon actuators. To be followed up by a dedicated meeting to share experiences between the VOs.
   3. The presented tool should be package. A TWiki page should be created to document and present recipes for this type of tools.
   4. IT-CF encourages that this tool is shared with the Quattor community.
7. A self-healing monitoring system based on lemon sensors (Speaker: Maria Dolores Saiz Santos)
8. Web Redirector: a tutorial for VOCs (Speaker: Flavia Donno)
   1. IT-ES would be available to prepare a tutorial on Web Redirectors.
9. AOB
   1. The policy of requiring separate administrative accounts for access to lxadm was suspended and other options are being investigated. Anyhow, this policy would only apply to lxadm (not lxvoadm).
   2. IT-CF invites the VOCs to join a short presentation on ELFms targeted to sysadmins next Friday.
   3. The next meeting along with the tutorial on Lemon should take place after CHEP2010, on a Monday, between 9h-12h.

Action List

• Action List

-- RicardoSilva - 13-Oct-2010