These were accepted.
Delay until it's decided whether condor is needed at all. Deferred until 27th April
Who changed to MPU
What changed to Set up perpetual mirroring of latest CD image (LCFG disaster recovery)
Deferred until 23rd March
Deferred until 27th April
Deferred until 25th May
Report from Computing Executive Group
Reports from units.
George pointed out that if the alarm won't set, the problem should be reported to 504097 (the Learning and Teaching Spaces Technology reception). After meeting with Alan Reid, Ian has updated his notes on the AT server room alarm.
It was agreed that we would check any other Dell R200s we have (grendal was suggested as a possibility) to see if they were experiencing the same problems as fenrir. MPU and Inf will continue to investigate the problem. Services will move afsdb1 to another host if problems persist to allow investigation in more detail.
Craig reported that he had seen similar issues with bpbeast's web interface on SL5 machines so the problem is not just with F13. The same fix would probably work though.
Stephen pointed out that if the multipath settings are changed, initrd must be rebuilt afterwards to see the full effects
It was agreed that a cache size of 8GB was a reasonable compromise between performance gains and lengthened boot times. Some servers might do better with 16GB.
Stephen announced that the quiet option for the boot process was being removed on servers to aid problem diagnosis in future.
One consequence of this fix is that the performance of the Zope/Plone server will be slightly reduced.
Craig will carry out an audit of the tapes in B.03. The US unit will put aside a representative selection of the server rails stored there.
Topics for discussion
Discussed during the User Support Unit report.
Alastair stated that both teaching and research Matlab licenses are paid for out of the computing budget. We have being suggesting for some time that Matlab users might wish to make use of some of the open source alternatives available and this is gradually happening. It was agreed that Tim should raise the matter of Matlab usage with the Teaching Committee.
There was a lengthy discussion, as a result of which, several important points were agreed
We should have policies in place for each service which involves a significant amount of data which specify how data will be reinstated in the event of major data loss/corruption. These should take account of the causes of data loss, i.e. hardware failure should be treated differently to suspected host compromise.
We should regularly review the manner in which services are run to see if they can be improved and made more secure. It was suggested this should be done every time we do a platform upgrade.
At the moment, we lack some of the skills necessary for identifying and dealing with compromises. We should make use of facilities and knowledge in the wider University.
Stakeholders of possibly compromised data should be kept in the loop as investigation and restoration proceeds. Once the incident is over and the possibility of a recurrence dealt with, we should make the details of the incident generally known.
We should be much more wary about machines which can be directly connected to via ssh from outside the University. These hosts seem to be proliferating but there should be a clear academic case for setting up machines in this way. All firewall holes, not just those for self-managed machines should be reviewed regularly.
In the particular case of the SVN server, users should be prevented from logging into the wider Informatics network. The Services Unit will set this up.
It was suggested that it would be useful to set up an external access ssh machine using a high port number for CO use when there are problems with the normal ssh servers.
George and Craig have actions from CEG to produce respectively forensic procedures and incident management procedures in the case of a compromised machine.
See above discussion. It was agreed that germane points raised would be included on the various policies.
Discussed during Inf Unit report
Alastair suggested that in future meetings, reports should not be read out in full but instead questions/comments should be invited from the meeting or added to the topics for discussion. It was pointed out that for this to work well, reports would have to be available on-line earlier than was now the case.
The next technical talk is on Wednesday 16th March at 10am in IF-4.31 and will feature Tim talking about the School database.
The next meeting will be on Wednesday 23rd March in room 4.31 chaired by Craig Strachan.
Please contact us with any comments or corrections.
Unless explicitly stated otherwise, all material is copyright The University of Edinburgh