Update on the EECS Computing Enterprise David Culler EECS U.C. Berkeley

EECS Enterprise Update Overview Technical staff support groups Progress on the Infrastructure Progress on User Support Discussion of Open Issues and Problems 9/22/2018 EECS Enterprise Update

Rough Scale of the Enterprise 1100 users + similar # students 3300 DNS entries (host names) ~30 Networks ~20 staff ~4 TB/storage ~ dozen Networked Services ~ few billion bytes of code in the SWW ~10 Attacks / day (~ 5% compromises) ?? Different kinds of machines, OSs, … ?? Different kinds of user demands 9/22/2018 EECS Enterprise Update

Core Technical Staff Groups Instruction and Electronics Support Group (IESG) Infrastructure Support and Development (IDSG) Computer User (CUSG) Infrastructure User Support Instruction Electronics 9/22/2018 EECS Enterprise Update

Organizational Structure Pei Chen 319 Soda, 2-5836 hpc@cs Dept. Computer Resource Manager (Networked Systems Architect) IDSG CUSG IESG Mike Bordua 323 Soda, 2-2073 mgbordua@eecs Rob McNicholas 395 Cory, 2-8633 robm@eecs Kevin Mullally 378 Cory, 3-6141 kevinm@eecs Ferenc Kovac 380 Cory, 2-6952 ferenc@eecs Focus today on IDSG & CUSG 9/22/2018 EECS Enterprise Update

Recall: Workflow Electronics Support Group Instructors & Student users Instructional Support Group Dept. Staff Admin. Comp Group Campus Organizations (CNS) Infrastructure Development and Support Group Research Groups Self-admin. Faculty, GSR Research Groups Research Groups Computer User Support Group Typical Faculty GSR users 9/22/2018 EECS Enterprise Update

Infrastructure Developments Staff: almost at strength SWW NT-SWW, Solaris-OSF-HPUX SWW, ... LINUX, …64-bit Networking Cory ATM core replaced with Gigabit ethernet Soda EECS service cluster ATM replaced Cory router moved to campus Tier II backbone Soda gigabit connection through Cory in progress New Soda 100 mb/s network (46) almost full - planning next upgrading Soda shared segments to partial switched planning dept-wide wireless Multicast problems ‘almost solved’ Taken control of DNS (back from CNS) No more modems turn-around: two weeks on ports, one day on DNS (//www.eecs/idsg) 9/22/2018 EECS Enterprise Update

EECS Enterprise Update Network Picture Campus Tier II Switched Ethernet CALREN Cory B old campus FDDI ring EECS B New Soda Old Soda 9/22/2018 EECS Enterprise Update

Infrastructure Developments (cont) Services dept-wide directory (ldap.eecs), secure server-side mail (imap.eecs), and authentication (CA) services departmental calendar server (calendar.eecs) - rooms too Deployed first wave of unified Unix/NT file store Network Appliances: 220 GB is use. Can grow to 1.4 TB. ~500 users so far. Cory & Soda. Gallia started Refined backup, crisis support, UPS for ~3 TB store and ~20 server nodes (all critical services). Service monitoring. Security official staff position (Mark Kraitchman) Monitoring, applying patches, rapid response to attacks Cleaning up all systems as we move forward soon no clear-text passwords Poorly managed machines are huge time sink! staff must abandon priorities and repair (discourage?) 9/22/2018 EECS Enterprise Update

EECS Enterprise Update Directions Single log in Unix NIS and NT domains managed from one place get to your files from either side smooth interoperation CNR task set policy for phasing out old systems, services, accounts, … set security policy extended support model and scope 9/22/2018 EECS Enterprise Update

EECS Enterprise Update Funding Model $38 monthly per user CIS fee Details: finally getting solid roster with account per person worked out a guest option ($15 month) use host’s file space forwarded email 9/22/2018 EECS Enterprise Update

Support Developments (www.eecs/cusg) Single place for all request http://www.cs.berkeley.edu/idsg/forms accounts, ports, systems, support, help … Help desk starting 12/15 in cyberspace and in person ( 395 Cory ) technical documentation Automated tracking and accounting (Remedy) 24 hour response time on contract (T&M low priority) 3 / 5 / 10 escalation (no silent drop) process flow and priority management Single Trouble Line: x27777 help desk during business hours voice mail during night and weekends checked >1 per day on weekends (best effort response) 9/22/2018 EECS Enterprise Update

Support Developments (cont) Massive Clean-up Consolidated number Cory workgroups, small domains, and older servers in Research NT domain and unified store (~ 400 users) Roster reflects reality Contracts reflect reality New Billing Database design done, data entry on-going Q1 billing will be the dry run (GAs notified to check up) will migrate to Remedy + Oracle Enhancing level of administrative support 9/22/2018 EECS Enterprise Update

EECS Enterprise Update Funding Model Closing out the pre 7/99 books inexact records washing out After lots of discussion with G.A.’s … For a group of P people and S systems annual contract = $730 x min(P,S) + $250 x | P - S | Contract support get high priority Reasonable envelop of “supported systems” Time & Materials lower priority bring new installs up quickly Lot of effort to get basic enrollment 9/22/2018 EECS Enterprise Update

Open Issues and Challenges 9/22/2018 EECS Enterprise Update

EECS Enterprise Update Models we can support CUSG support under contract you have a problem, you report it to CUSG, they have a history of your group environment, they do the isolation and the local fixes. If necessary, they pass problems along to IDSG. If problem arises from the outside, they are the POC T&M available outside the envelope Self-supported group there is a know technical point of contact associated with each system and person in the group. You have a problem, you go to them. They do the isolation and local fixes. If necessary, they pass problems along to IDSG. If problem arises from the outside, they are the POC. They attend the monthly system admin. meeting. They stay abreast of dept. facilities, technical policies, and rules. T&M available to extend their support within limits! 9/22/2018 EECS Enterprise Update

Models to hard to support A random collection of machines installed by some ex-student with ill-defined set of users … Every machine and every user is in the directory The technical point of contact needs to be their too My Grant Administrator is my effective system Admin. We call for T&M when we need it. We want it done right and done yesterday! In general, extensive use of T&M is painful - both administratively and psychologically 9/22/2018 EECS Enterprise Update

EECS Enterprise Update Goal Build a cost-effective and well-qualified support and infrastructure organization to pool the common or cross-cutting needs avoid replication of effort and stratification of environment allow groups to focus where their research efforts lie, without rebuilding all the infrastructure Each of us paying our fair share for good service cannot possibly make the charging algorithms ‘game free’ Team-spirit across the boundaries What you need to do Talk to your GA. Make clear what are your needs and priorities. Get the inventory of people and systems in place. Get the process started. 9/22/2018 EECS Enterprise Update

EECS Enterprise Update Exchange Server There is a few small exchange servers running, including one in the Research domain Not currently officially supported Clearly good integration with NT desktop. IMAP support. Moving toward IETF stds. Our View: Not yet supportable in the large. Exchange 2000 is our target roughly 6 months IMAP suggested documentation and tutorials provided 9/22/2018 EECS Enterprise Update

EECS Enterprise Update On-going Efforts Complete the deployment of the Blueprint Continue to improve availability and service Documentation and Communication Single dept-wide login NT 2000, transition to 64-bit world Security, security, security Gigabit to the desktop Wireless throughout Alumnae Email, EECS portal Exciting things in IESG as well! 9/22/2018 EECS Enterprise Update