because the diversity of data all TELIN research groups DDCM, DIGCOM, GAIM, IPI and SMACS have their own fileservers. Some research groups have a second fileserver, due to the huge datasets they occupy
Tasks involving new users
accounts are created on the Samba domain controller for the new researcher or student. This involves working with LDAP as well. The newly created account gives access to the Windows and Linux fileservers. Elements like uid and employeenumber are extracted from the UGent LDAP
a new workstation is assigned to the researcher. He/she has the choice of Windows/Linux or MacOS operating system. This can be a laptop or workstation. For Artificial Intelligence, Machine and Deep learning a powerfull workstation is provided with a high end NVIDIA graphical card. These have mostly the Linux operating system
a TELIN account also gives access to three departments’ PostScript/PCL shared printers of the department, these are configured with CUPS for the Linux and MacOS computer with automatic disovery
Tasks involving new workstations
A new user gets a new workstation assigned. If the user requests are moderate a recovered workstation from a departed user is cleaned and parts can be replaced by newer ones. We use commodity hardware for easy replacement, upgrades and durability. We especially look for high efficiency power supplies for lowering our University electricity costs
a template Linux OS of UbuntuMATE is uploaded to the new SSD with all preinstalled open source and licensed software to lose minimal time. The template Linux is regurlarly tested, updated and maintained to have the optimal experience for the new user. All sorts of tests are made e.g. machine learning tests to ensure stability, speed and useability
remote desktop from the browser is made available with noVNC through the research servers. x11vnc and x2go provide fast graphics remote access
in case a laptop is requested with Linux, the same template can be used, again with minimal time loss. The preinstalled Windows is securely erased for optimal performance. Windows applications are provided through the Universities’ Athena, Citrix and DICT servers
Citrix Receiver for connection the University Citrix servers
Test new open source software, streamline and integrate with existing systems
maintain a software repository for licensed Windows, Linux and MacOS software for distribution to our personnel
Tasks involving security
implement security policies to eliminate network and server abuse
servers are protected with Fail2ban because alot of attacks are happening through ssh and webservers, 3000 IP address blocks for 1 server is not unusual
users get blocked by not using keys and mistyping passwords. At regurlar intervals we have to unblock user IP addresses
warn users with the implementation of the personal homepage if they use abandoned CMS systems
implementation of an efficient recovery against virus and randsomware
extensive logging of all system activities and a rollback system in case of break in for quick recovery
Tasks involving web services
provide infrastructure and implemention for the department website and the research group webservers
implementation for extraction and presentation of the personnels’ database for the TELIN website
implementation and maintainance of the library and publication database
implementation and maintainance of a meetingroom reservation system
Tasks involving mail
maintain mailing lists and set up LDAP list queries for the Sympa Mail distribution server of the Ghent University
Tasks involving backups
TELIN data is still stored on-premises, researcher need large volumes of data as quickly as possible hence several large storage servers into hundreds of Terabytes
administration and verification of the automated daily backups from servers and workstation is a daily task, at this moment this accounts to about 100 Linux machines for the TELIN department
as data is one of the core businesses of the TELIN department, it is vital to have redundancy, snaphots and backups. Three backups are made, we have periodic snapshots which are copied on two physical locations, two on-premises and one in the UGent datacenter which is synced through efficient snapshot updates on regurlar intervals
workstations and server mostly have SSD’s, but bulk data servers still use spinning hard disks, all of them die sooner or later, so checking and replacing disks is a huge and time consuming task
replacing a disk with raid recovery is a time consuming process with alot of chances other disks die, so we use LVM to replace individual disks, which reduces the time considerably, but you are still limited to the physical properties of hard disks, so a 10TBhard disk still takes minimal 28 hours to copy/replace at an avarage speed of 100MB/s, using raid recovery is about 4-5 days as a comparison
in total the 100 Linux machines in the TELIN department have more than 200 disks that can fail, so at least every few weeks there are some anomalies to check. Our oldest disk at the moment is a more than an 8 years old Samsung disk, so not all of them die young luckily
help users with the recovery of accidentally deleted and lost files
our TELIN servers are also protected for electric outage. We have several small 1500VA APCUPS’s to maintain power when there is a power outage. These lead acid batteries die sooner or later and have to be checked. We check the state of the batteries seperatly by connecting a load to it half yearly
Tasks involving montoring
all servers and workstations are monitored using a homebrew agent. This informs us in one click with graphics about possible disk full problems, CPU and network usage and possible outage
all servers are power monitored to inform us about electricity consumption. This informs us with live graphics on actual power consumption depending on the server usage. This also informs us on future energy optimalisations
individual backup snapshots are gathered in one webpage, informs us in increment data usage and are quickly checked twice a day. We use several and excellent Voltcraft-sem6000 meters with Bluetooth for reading the power usage.
failed or going-to-fail disks are reported to the monitor system
process and user montoring is done on local dedicated simulation machines from the several research groups
all server and workstation create log files. It is my task to regurlarly check these files on anomalies and react accordingly
Tasks involving remote access
the COVID-19 pandamic has forced students and personnel to work at home. Laptop users can take their computer at home, but bulky and heavy (GPU) workstation are kept on-premesis. A remote connection system is made available to the researchers’ workstation with noVNC for all personnel members
student PC’s have been set up for Machine and Deep learning, these are accessible from their home with a simpel browser
a remote on/off system has been designed and implemented for switching remotely on or off workstation, simulation machines and servers
VPN is provided thrue OpenVPN and WireGuard for personnel, OpenVPN users are authorized via the TELIN LDAP and indivual WireGuard keys have to be generated and distributed to the users
access to fileservers is provided thrue ssh servers with keys, some users need help to install these keys for accessing their files
storage access with AWS S3 is provided with Minio. UGent DNS aliases have to be acquired from the DICT and once this is done authorization can me made available for specific students and researchers, permissions need to be set for read, write or full access of the S3 buckets
Tasks involving support
setup and writing documentation on the documentplatform GRAV and Hugo
inform personnel of ICT changes, improvements and installed software
advice on security, implementations, program languages, algorithms and processcontrol
follow up and implementation of good feedback from users
problem solving and patching for (nasty) software or hardware bugs
install and test software for students
replace empty printercartridges, waste bottles, fix printer problems and add paper
coupling scanning software with the UGent mail servers for easy document scanning
detect and repair hardware problems of servers and workstations
update individual soft- and hardware for personnel when requested
Tasks involving network
install and configure multigigabit networkswitches, connect workstations and servers to the TELINLAN
implementation and maintainance of the TELINDNS servers with DNSmasq. All connected devices have to be registered to protect against unauthorized direct access to the TELIN LAN
Tasks involving virtualisation
to isolate services server virtualisation is used, We have 3 type of techniques in use: Docker, LXD are both high efficient and isolate on process level whereas the Citrix vSphere used at the DICT UGent datacenter emulate complete PC infrastructures
request a Citrix vSphere virtual PC at the DICT, set up and rollout the template Linux server for interested research groups. We deploy the server with Docker and LXD as well, so we have a double layer of virtualisation possible
inform researchers of the Citrix vSphere and how to set up services
all TELIN servers are set up and installed with LXD and Docker for optimal usage
servers on-premesis are set up on behalf of the research groups interests. This involves advise researchers for implementing their local or external services
Tasks involving the UGent High Performance Computer (HPC)
the HPC at our University is very well maintained and updated. Researchers need some guiding in entering and gaining experience in this enormous infrastructure. My task is to investigate the possiblities for researchers and write comprehensive documentation so they can find their way quickly to start their simulations. This includes documentation on setting up interactive environments for Machine and Deep Learning
a personal AWS S3 storage with Minio is made available for every researcher to access his data from the TELIN fileservers. This is not limited to the HPC but other platforms as well e.g. Google Colab
first line helpdesk
Tasks involving up-to-date requirements
planning and requirements for future server hard- and software on behalf of the department or research groups
discuss and inquire information with researchers and professors what needs they have
update of operating systems and programs in servers and workstations
follow up on new technologies by surfing on the Internet and social media e.g. CNX, Twitter
