OIT Does That? Unix Support

EUS2

In a world rife with laptops and smart phones, one seldom stops to think about the infrastructure delivering all the web sites, databases, and other services which make up the Internet.  Such servers are also a key part of UCI’s technology foundation.

OIT’s Enterprise Unix Support team, lead by Kyle Kurr, provides a range of services including system administration (configuring, running, and protecting Unix servers), data backups, Web hosting, co-location (housing your server in a climate-controlled and secure facility) and consulting.  High-performance servers are also assets key to faculty research in many disciplines, and OIT can step in to manage the hardware so faculty can focus on the research.

Most EUS services are available on a recharge basis, but allow system owners to leverage existing university investments in the OIT Data Center as well as expertise in servers, operating systems, and IT security.  If you have or expect to need a Unix server, Kyle (kkurr@uci.edu) and his team would be happy to talk to you.

Network Security Vulnerability Scans

hacking

The OIT Security Team has begun implementing periodic scans of all hosts connected to the UCI network for the most common and high impact network and web security vulnerabilities.

The purpose to these scans is to find unprotected systems before hackers do.  We can then work with system owners to better protect their computers and data.

Since these scans are benign versions of the attacks hackers use, you may notice certain behaviors in your computer:

  • Your log files may show attempts to login from strange addresses or multiple failures in a row that you don’t expect.  Web access logs may show many requests from the same IP including strange URLs.
  • If you allow anonymous updates to your websites (i.e. no login required), junk data or what looks like spam may be inserted into your application’s database or email forms.
  • If web application uses a database and vulnerable to input injection, regular database queries with altered SQL could take longer to run, connection pools may fill up and requests hang waiting for new connections.

If you observe any of these behaviors, treat it as you would any security breach.  This may include contacting OIT’s IT security team. If these scans discover a vulnerability, IT Security will contact you with advice.  More information can be found on the Security Vulnerability Scans web site.

ZotPortal: Online Resources for Students

ZotPortal

After an extensive campus-wide planning process, the student portal “ZotPortal” went live on April 27 of this year.  IAT-NACS worked with Student Affairs to design the high-reliability and high-performance system hardware, and provides ongoing network and system administration services, as well as housing elements of ZotPortal in separate data centers.

Through ZotPortal students can access academic and administrative information, connect to a Facebook account, subscribe to UCI campus news, student media and entertainment feeds, check UCI libraries catalogue and even search for people and campus web sites from one search box.

Students can arrange ZotPortal’s look and layout flexibly through a user-friendly drag-and-drop interface, subscribing to the particular information channels they want.

ZotPortal runs on hardware intended to provide maximal service continuity.  There are duplicate servers, connected through IAT’s DMRnet.  In the event one server becomes unavailable (say due to a power failure), the twin automatically assumes all portal activity.  Within each physical server are many CPUs, configured to provide a flexible group of virtual servers so that ZotPortal can support very large numbers of simultaneous requests.  Data is stored on a disk cluster configured with Sun’s ZFS (zettabyte file system) which provides both redundancy (data protection) and high performance parallel access.

Greenplanet: Cluster Computing for Physical Sciences

Greenplanet

Physical Sciences, with support from IAT-NACS, has assembled a high-performance computing cluster for climate modeling and other computational-intensive research.

Called “Greenplanet,” the cluster comprises nodes purchased by faculty in Earth Systems Sciences (ESS), Chemistry, and Physics, and it is expected that Math faculty will also participate.  At this time, Greenplanet includes almost 900 CPUs and is still growing.

IAT provides secure, climate-controlled space in the Academic Data Center,  system administration services as a team with Physical Sciences IT staff, and consultation on code parallelization and optimization.

According to Assistant Professor Keith Moore of ESS, Greenplanet is “a flexible cluster, suitable for massively parallel complex computations (such as climate simulations), and for smaller-scale use on a single node as a workstation.”

A typical node features 8 64-bit Intel CPUs.  Greenplanet features the Load Sharing Facility (LSF) for job management and the Lustre caching file system for extremely high-performance access to the large datasets typical of climate modeling.  Two message passing techniques are available for parallel code: OpenMP for communication between CPUs on a node, and MPI for communication between CPUs on different nodes.  Greenplanet also has the high-performance Infiniband interlink between nodes for high-speed communications.  There is extensive instrumentation available for tuning jobs to optimal execution speed and use of all available computational capacity in the cluster.

Software includes the Climate Systems Modeling package, parallel Matlab, and quantum chemistry packages such as Gaussian and Turbomole.

DCS Offers SunRay™ Support

If you own and use a single Unix or Windows workstation, the effort required for system administration (maintenance, security, software licensing, and user support) is usually not an unreasonable burden. But if you have a group of systems, this can drain precious resources away from your research or other duties.

NACS Distributed Computing Support (DCS) now offers a cost-effective alternative. DCS can help you acquire, set up, configure, and maintain a client/server environment based on SunRay™ workstations instead of individual computers.

SunRay™ workstations are “smart terminals” which boot off the network, and then behave just as if they were independent Unix or Windows workstations. The SunRay™ client machines have jacks for connecting keyboard, mouse, display, and USB devices, as well as local memory, but leave everything else to the server.

The operating system (Windows or Unix), and all the application software your users need are installed on a single server. One copy is much easier and cheaper to keep up to date, and when new applications are needed, installing once is much faster than managing multiple independent workstations. (You still need to be sure you are licensed to run as many copies of the software as you need.)

This service may be of particular interest to people responsible for setting up and maintaining instructional labs, or researchers who oversee a large number of graduate students to whom you supply computers. If you are interested in exploring whether this technology can help you, contact NACS.