Linux/Unix/Windows integration project Information Page
This page was last updated on 08-2-2006
WHAT WE HAD BEFORE THE PROJECT:
The OLD UNIX system consisted of an NFS server that had 22 exports on 17 disks of varying sizes from 2 Gig to 72 Gig. These drives were single drives with no redundancy and most were out of warranty. When any drive had a problem the whole SCSI bus would hang and lock up the server, which would stop all UNIX machines from working because /usr/local is an export from the NFS server. These drives contained all of the UNIX home directories and group storage for the UNIX research platform. The UNIX system also included Hypatia that maintained the samba shares, Tesla which is the font server and print server, and Sunfire1 and Sunfire2 which were the general application machines running apps like pine, Netscape, mathematica, etc. Most of the apps are old and out of date. Sunfire1 is also the ssh entry point machine for the UNIX system. We also had three or four Solaris desktops left but over time most of the groups have added Linux machines to their research environment. We had two separate Linux machines that acted as servers for user accounts to two different groups of Linux research machines. Many of the Linux machines maintained local user accounts which had to be synchronized with the UNIX system. We were up to 34 Linux research machines and 10 Linux desktops, not counting the HEP group that has their own Linux setup with a server and about 10 more desktops. Each group of Linux machines was set up by a different UNIX administrator so not everything was done the same on each system, like printing and access to common or scratch space, which made administration difficult.
Add in the Windows accounts, and password synchronization or user account synchronization became very difficult. Adding a new user may have meant making the same user on up to 5 machines (and not all of them were made correctly). Users may have had to change their password in up to three or more places just for physics.
The goal of the new system is to provide a useful, easy to use, and stable research platform that does not take a lot of time to administer. The Physics department purchased a 5 terabyte SANS (storage Area Network) so all of the data in the department would be on redundant disks and be in one place. We also have purchased Vintela Authentication Services (VAS) software for the UNIX/Linux system that allows Linux machines (which are based on Redhat) and Solaris machines to authenticate against Windows Active Directory. With this system we will only have to make a user once on the Windows system and they will be able to log into any machine they have permissions on with the same username and password. Also, changing a password can be done from any OS. All of the data will be in one place on the SANS making it easier to backup.
For the last year we have been working on moving away from the old UNIX system to a newer system based on Linux.
What we have done so far:
a. Determined that our UNIX system was very old and did not have PAM (Pluggable Authentication Module) support installed on most of the authentication methods.
b. Installed SSH with PAM support on the UNIX system.
c. Tested SSH with VAS on the UNIX system and determined that it does work.
d. Determined that XDMCP (eXceed's method of authentication) did not have PAM support and that it was very difficult to install on all of the UNIX machines. So all UNIX machines will have SSH access only using VAS.
a. Mathematica 5.2 (Still needs font server update to work from Windows)
b. Ghostview
c. Povray
d. Intel Fortran 9.0 with mkl
e. Intel C++ 9.0 (Soon)
f. Gnuplot
g. Acrobat reader 7.0
h. Xdpf
i. Xmgr
j. Xmgrace
k. Mozilla
l. Open Office
m. Latex
n. VMD
o. Xview
p. Sm (soon)
q. Mplayer
r. Plus all of the standard software and browser plug-ins
AS of the 1st of June we have moved 52 users and have created 7 special use users. We have moved approximately 220GB of data with an estimate of about 0GB more to move. There are approximately 0 users left to move from the old system (Not counting integrating the HEP Linux system).
We have also added 6 new Linux research machines (with 3 more on the way) and 3 Linux desktops used for data collection.
When moving the first few users there was a problem with the file permissions on the old server so the script did not copy all of their files. Since then, we have modified the script to check the disk usage after the copy to verify that all files were copied.
We had an issue with being able to remove the x bit from files in the new home directory. A solution was found and by the 16th of June all home directories should be updated.
One of the nodes in the cluster had a problem with authentication of the NFS shares. This caused a “permission denied error” to randomly occur. The problem node has been taken out of production to be rebuilt. The mapping service has been linked to the failover setting so if it happens again the service will automatically move to a functioning node.
Other problems people have reported are that the printer names have changed and that the home directory location is different. A few scripts may need to be changed to reflect the new location which is now /lhome/username/linux/ .
The move process is very individualized, so if you have any problems or suggestions let me know and I will be glad to help call Larry 785-532-6810.
I also have a list of the Frequently Asked Questions at Linux FAQ.