Admin Tasks

From Van Essen Lab

(Difference between revisions)
Jump to: navigation, search
Line 2: Line 2:
* Increase DHCP address pool in hippocampus to increase concurrent remote VPN connections
* Increase DHCP address pool in hippocampus to increase concurrent remote VPN connections
 +
 +
* Work with Dept/MSCITS on Network line inventory, switch inventory, switch upgrade to Cisco, firewall migration plan
 +
Status: ongoing , mtgs. every other week
* Upgrade mail server to support encrypted files for extra security (in case disks are stolen)
* Upgrade mail server to support encrypted files for extra security (in case disks are stolen)
Line 22: Line 25:
* Update the SSL certificate on brainvis to remove warning when accessing brainvis through SSL/https.  
* Update the SSL certificate on brainvis to remove warning when accessing brainvis through SSL/https.  
-
  (brainvis currently runs a valid, self-signed OpenSSL certificate set to expire 2/11/2017 (free) and can be imported to users browser  
+
brainvis currently runs a valid, self-signed OpenSSL certificate set to expire 2/11/2017 (free) and can be imported to users browser  
-
  when a certificate error appears.)
+
when a certificate error appears.
    
    
Line 34: Line 37:
* Upgrade brainvis hardware, either by purchasing a machine from a well-known vendor or building a machine
* Upgrade brainvis hardware, either by purchasing a machine from a well-known vendor or building a machine
-
* Upgrade NFS shares to version 3 at minimum, and make sure permissions are set up so that all users can access files with  
+
* Upgrade NFS shares to version 3 at minimum, and make sure permissions are set up so that all users can access files with appropriate  permissions
-
  appropriate  permissions
+
-
* Continue to update and maintain build systems, as needed
+
* Continue to update and maintain build systems, as needed(Jon to manage new build servers, can revisit this)
-
  (Jon to manage new build servers, can revisit this)
+
-
* Migrate build servers to myelin2 (our secondary file server), running under virtual box (see both Tim and Jon for details)
+
* Migrate build servers to myelin2 (our secondary file server), running under virtual box. native build servers winbuild and linuxbuild have replaced the VMs  
-
  (native build servers winbuild and linuxbuild have replaced the VMs  
+
-
* Maintain, and possibly upgrade the linux machines that are used by our rotating graduate students
+
* Maintain, and possibly upgrade the linux machines that are used by our rotating graduate students.New brainmappers3 and brainmappers4 installed and in use  
-
  New brainmappers3 and brainmappers4 installed and in use  
+
* Perform an inventory of all back up procedures and come up with a sensible back up policy that will ensure that all important files and data are backed up regularly (on PCinventory wiki page.)
* Perform an inventory of all back up procedures and come up with a sensible back up policy that will ensure that all important files and data are backed up regularly (on PCinventory wiki page.)
Line 60: Line 59:
* Document all procedures, inventories, and policies on the wiki, as necessary.  Where policies are ambiguous (the rule, not the exception), meet with the rest of the tech and admin staff to develop sensible policies and procedures for usage of equipment.
* Document all procedures, inventories, and policies on the wiki, as necessary.  Where policies are ambiguous (the rule, not the exception), meet with the rest of the tech and admin staff to develop sensible policies and procedures for usage of equipment.
    
    
-
 
* Susan's iMac  
* Susan's iMac  
Status: installed and Susan is using to disclose any issues.  
Status: installed and Susan is using to disclose any issues.  
* Assist Ping with new system & OS for DB server  
* Assist Ping with new system & OS for DB server  
-
Status: complete , new system workbenchdb.wustl.edu installed, Ubuntu 12.04
+
new system workbenchdb.wustl.edu installed, Ubuntu 12.04
* Assist Ping with moving her old home dir. from now retired sums , mount old sums
* Assist Ping with moving her old home dir. from now retired sums , mount old sums
disk on sumsdev.
disk on sumsdev.
-
Status: complete
 
*Copy CVS dir from sums to myelin1.
*Copy CVS dir from sums to myelin1.
-
Status: complete
 

Revision as of 22:31, 19 August 2013

Current Tasks

  • Increase DHCP address pool in hippocampus to increase concurrent remote VPN connections
  • Work with Dept/MSCITS on Network line inventory, switch inventory, switch upgrade to Cisco, firewall migration plan

Status: ongoing , mtgs. every other week

  • Upgrade mail server to support encrypted files for extra security (in case disks are stolen)

Status: backburner as this would involve volume encrytpion and a performance penalty

  • Set up a single sign on system (LDAP) for all machines to make it easier to keep accounts and passwords in sync across all machines

Status: lowered priority, current authentication is via /etc/passwd & /etc/shadow & PAM files. Proving problematic implementing openldap for the many diff. unix/linux clients in use in lab.

  • Migrate sumsdev to latest LTS release of ubuntu

Status: moved to backburner

  • Create and/or support development environment releases for 3rd party developers

Status: lowered priority

  • Create and maintain git servers, actively support granting access to outside developers where appropriate

Status: in process, admin piece working, maintenance piece training with Jon.


Completed Tasks

  • Update the SSL certificate on brainvis to remove warning when accessing brainvis through SSL/https.

brainvis currently runs a valid, self-signed OpenSSL certificate set to expire 2/11/2017 (free) and can be imported to users browser when a certificate error appears.


  • Upgrade Brainvis to latest LTS release (running CentOS 6.2 EL )
  • Upgrade mail server to support mail dir (which should help improve performance)
  • Migrate wiki pages to new wiki on brainvis
  • Upgrade brainvis hardware, either by purchasing a machine from a well-known vendor or building a machine
  • Upgrade NFS shares to version 3 at minimum, and make sure permissions are set up so that all users can access files with appropriate permissions
  • Continue to update and maintain build systems, as needed(Jon to manage new build servers, can revisit this)
  • Migrate build servers to myelin2 (our secondary file server), running under virtual box. native build servers winbuild and linuxbuild have replaced the VMs
  • Maintain, and possibly upgrade the linux machines that are used by our rotating graduate students.New brainmappers3 and brainmappers4 installed and in use
  • Perform an inventory of all back up procedures and come up with a sensible back up policy that will ensure that all important files and data are backed up regularly (on PCinventory wiki page.)
  • Perform an inventory of all equipment and machines. Attempt to standardize on certain versions linux/OSX/Windows where appropriate to make our systems easier to maintain, updated on PCinventory wiki page.
  • Perform an inventory of our installed software. Ensure that all software is licensed properly. Also, manage site license programs, such as Vmware's Academic Alliance, MatLab, MSDN, and any other programs that require an administrative point of contact.

assumed point of contact for Vmware, provide licensing/media support for Adobe Suite, MS products ; OS, Office, Mathworks for Matlab licensing changes.

  • As you perform an inventory of the hardware and software above, document all possible security threats or situations that could cause catastrophic failure (e.g. data loss, hardware failure, etc.). After coming up with this list, come up with strategies for tackling these issues and meet with the rest of the lab to discuss them.

ongoing watch. Tightend network security, particularly access to myelin1 and myelin2, added UPS units so all systems have battery backup. Host-firewalls turned on. Added lab systems and network switches, firewall to Nagios system management for remote monitoring status.

  • Document all procedures, inventories, and policies on the wiki, as necessary. Where policies are ambiguous (the rule, not the exception), meet with the rest of the tech and admin staff to develop sensible policies and procedures for usage of equipment.
  • Susan's iMac

Status: installed and Susan is using to disclose any issues.

  • Assist Ping with new system & OS for DB server

new system workbenchdb.wustl.edu installed, Ubuntu 12.04

  • Assist Ping with moving her old home dir. from now retired sums , mount old sums

disk on sumsdev.

  • Copy CVS dir from sums to myelin1.
Personal tools
Sums Database