LabNet News

From CSWiki
Revision as of 20:54, 7 January 2015 by Marian (talk | contribs)
Jump to navigation Jump to search

This page lists current and upcoming MUN LabNet projects that may affect users, such as

- scheduled maintenance

- software upgrades

- equipment upgrades

- current system-wide issues

------------------------Insert new reports below this line---------------------------------

January 7, 2015

Rolled out and announced initial version of this information page.

We experienced samba problems with access to home directories on lysithea.pcglabs.mun.ca. Decided to restart the samba service after consulting with the commons, which seems to have resolved the problem.

The EN1066 Mac lab has bee re imaged. It is now running OSX Yosemite. It has been set up to use ldap authentication with our Labnet ldap servers. The latest version of Xcode has been installed at the request of the mobile application course instructors. Students enrolled in the course have been added to the _developer group on each system to allow them to run Xcode.

January 6, 2015

1) Set up the the classroom computers in EN1051, EN1052 and EN1054 so that they could avail of the new Ubuntu iSCSI boot image. To use, simply reboot the computer and at the boot menu select the "Ubuntu Linux" menu item. When the login screen comes up, login using your Labnet credentials.

2) Modified the configuration files for the apache server on stretch. The modifications direct apache to include files that will allow Dr. Byrne's students to be able to access course material from his GIT repository.

3) Sent off for a request for comments proposal to Hewlet Parkard on a new printer standards initiative that will allow Labnet printing to be more functional with respect to printer job control and better cost recovery metrics.

4) CS genofflj printer has been temporarily removed for servicing.

Christmas Projects List 2014

During the Christmas break a number Labnet of projects were undertaken. Many of these projects could not be performed during the semester due to their intrusive nature. The following are brief descriptions of the projects arranged in more or less chronological order:

1) Configured the computers in the Computer Science labs and the CP2003 labs to boot the new iSCSI versions of the popular Ubuntu 14.0 distribution. This involved updating the image and pushing the image up to our master server and allowing it to update the various appplication servers. The virtual images were then created on the SSD disks of the application servers and the database configurations were updated appropriately. This will be used to support one of Dr. Byrne's courses.

2) Installed the server images for "isthmus" for the Math department. This was necessary because the libparted.so was upgraded and the buildserver application no longer builds the partition tables properly. It was necessary to manually build the partitions and then proceed with the install. This project is stalled due to problems loading the boot sector.

3) The size of our newer disk drives now exceeds the capabilities of the old "msdos" partition tables. The "GUID Partition Tables" or GPT will now be used in future server builds to support the larger disks. To boot from GPT partitioned disks the use of grub2 is under development. In addition UEFI boot support is under investigation. As servers are upgraded our server builds will be utilizing GPT and will be migrating to grub2 for booting. When better support for UEFI booting becomes more mature, support for UEFI will be incorporated. Currently there are a couple of servers that have been moved over to GPT partitions and the CS department is now booting with grub2.

4) One of our core Labnet daemons, "master_configd", responsible for managing the remote distribution of configuration services such as master file templates, certificates, printer account numbers etc. was becoming severely impacted by the shear number of requests that it received. To ameliorate this problem one of the modules was rewritten to perform work asynchronous and thereby reduce the strain on the daemon. The resulting code runs an order of magnitude faster and service requests are no longer creating backlogs.

5) Another service that was becoming bogged down was the user/system logging database that provides statistics on when and where students log into Labnet and what services they are requesting as well as the reboot logging of computers. An analysis of the data queries was performed to isolate the culprits. As it turned out the indices were not properly set up for several common queries and this turned out to be the culprit. The indexing was altered and now the queries work 2 orders of magnitude faster.

6) Performed network performance analysis on the Commons client/server communications. This was requested as a result of changes to the network infrastructure. Recommendations have been forwarded to the networking group within C&C as well as the Commons. It is hoped that this will be used to redesign the network layout to remove some of the bottlenecks.

7) The popular Ubuntu Linux 14.0 distribution was enabled for use in the Commons. This upgrade is similar to the upgrade to CP2003 and the Computer Science Department computer labs. This technology allows a client computer to mount a virtual disk over IP networks using the iSCSI protocol. The virtual disk is located on an application server that can remotely support an entire lab.

8) One of the final components of the "Account Archival Project" is the PAM Labnet module that reenables an account when a student returns to university. After the user's data has been collected and written to DVD's the home directory is removed and the LDAP entry is put in hibernation. When an archived Labnet user attempts to login, the login credentail is restored and a new homedirectory is created. Wrote and debugged the PAM code that will be needed to reactivate user accounts after they have been archived.

9) To prepare for an up coming security, audit additions were made to the Labnet PAM module to allow for the seamless update of our remaining DES password hashes to the SHA1 hashes used by C&C. This will provide greater protection of our password hashes in the event that our password hashes are exposed. The newer SHA1 hashes are much more resliant to brute force cracking than their DES counterparts..