1 / 11

Status of EGI operations

Status of EGI operations. Peter Solagna – EGI.eu. EMI-2 decommission. EMI-2 components are reaching and of security support with the end of April 2014 Unsupported software must be upgraded or decommissioned within one month after the end of security support

foy
Download Presentation

Status of EGI operations

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Status of EGI operations Peter Solagna – EGI.eu

  2. EMI-2 decommission • EMI-2 components are reaching and of security support with the end of April 2014 • Unsupported software must be upgraded or decommissioned within one month after the end of security support • ~500 services based on the information system • Similarly to last year the process will be supported using middleware monitoring and alarm tickets • Calendar: • Sites have been already warned with a broadcast • March 3rd: start raise alarms for unsupported services • May 1st: end of security support for EMI-2 services • May 31st: every service still in production must be decommissioned or in downtime

  3. UMD repositories • UMD framework extended to support multiple sources: EMI repositories, EPEL, PTs repositories • Now we are importing in UMD just after the product teams release in EPEL or in their repositories • UMD currently does not re-sign rpms with the gpg key • Planning to start to add a UMD signature to all the rpms, to use the packages that do not come directly from EPEL or EMI • Currently there are no plans to cut a new major release, since we got no specific requests from the product teams

  4. UMD testing • Verification activities will continue after PY4 • Verification of installability, functionality and documentation availability • Some of the middleware is verified externally • Staged rollout coordination will continue as well • Early adopters are volunteer sites (most are WLCG sites) • Maybe this is a point where EGI & WLCG collaboration can be improved

  5. Improve the quality of the service • Glue validator is being run from a central Nagios instance on all the production Site-BDIIs • Not generating alarms in the dashboard yet. Still too many errors • Following up with sites, thank to Maria! • The probe will be activated as operational and sites will receive alarms/tickets for their Site-BDII errors • Target: end of the month • OMB approved that starting from May 2014 the target availability and reliability for EGI sites will be (respectively) 80% and 85% • Accounting publishing campaign • EGI produced manuals to enable APEL compatible accounting on the main deployed middlewares: EMI, Globus and QCG • Campaign to enable accounting on all these services will be run in the coming months

  6. Cloud goes production • The EGI cloud task force set the end of April as a target date to migrate the current test-bed resources (IaaS) to production • Certification of Cloud sites has already started • Dedicated certification procedure for Cloud sites • EGI CSIRT is preparing a security survey to be circulated among sites supporting cloud resources, to evaluate the compliance with EGI policies

  7. Central user suspension • Close cooperation between CERN and EGI • Central ARGUS deployed at CERN • List of suspended DNs managed by EGI CSIRT and WLCG Security officer • NGIs are deploying national Argus servers to be queried by the sites • The plan is to have a wide support for central user suspension by the end of May 2014

  8. Looking forward…

  9. AAI proof of concept • EGI and SurfNET (Dutch NREN) have started a collaboration on an AAI PoC • Use SAML IdP to authenticate users on Cloud resources • Use an attribute authority to manage users attribute for authorization • Integrate IdP attribute • Add attributes for VO managing • Attributes to be managed by the Vos • Not focusing on X509 in the first phase • Still in a ‘design phase’ • Any interested user community or resource centre is welcome

  10. Data workshop • Joint workshop EGI – APARSEN on March 4-6, Amsterdam • The workshop will focus on requirements and use case from user communities and solutions for: • Data management planning • Long term data preservation • Metadata packaging and value adding • Invitation circulated to LCG_ROLLOUT

  11. Questions?

More Related