SYNC & SHARE FOR THE DUTCH RESEARCH & HIGHER EDUCATION SURFdrive https://surfdrive.surf.nl

Slides:



Advertisements
Similar presentations
Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.
Advertisements

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
Hosted Revolution Ltd Hosted Exchange October 2009 V2.01.
ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
Futures – Alpha Cloud Deployment and Application Management.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
CERN IT Department CH-1211 Geneva 23 Switzerland t Data & Storage Services Technical student CERN IT-DSS-FDO University of Vigo WCSFSS 2014.
Shared File Service VM Forum January, SFS Topics Targeted Usage Security Accessing CIFS Shares Availability & Protection Monitoring Pricing.
6/4/2015Page 1 Enterprise Service Bus (ESB) B. Ramamurthy.
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
Secure Off Site Backup at CERN Katrine Aam Svendsen.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Storwize V7000 IP Replication solution explained
Barracuda Networks Steve Scheidegger Commercial Account Manager
Windows ® Powered NAS. Agenda Windows Powered NAS Windows Powered NAS Key Technologies in Windows Powered NAS Key Technologies in Windows Powered NAS.
November 2009 Network Disaster Recovery October 2014.
Chapter 8 Hardening Your SQL Server Instance. Hardening  Hardening The process of making your SQL Server Instance more secure  New features Policy based.
CTS Private Cloud Status Quarterly Customer Meeting October 22, 2014.
Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.
MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.
Technology Overview. Agenda What’s New and Better in Windows Server 2003? Why Upgrade to Windows Server 2003 ?  From Windows NT 4.0  From Windows 2000.
INSTALLING MICROSOFT EXCHANGE SERVER 2003 CLUSTERS AND FRONT-END AND BACK ‑ END SERVERS Chapter 4.
M i SMob i S Mob i Store - Mobile i nternet File Storage Platform Chetna Kaur.
Storage Issues 09/05. ownCloud Open source software ◦ php + javascript Main Features: ◦ Access Data ◦ Sync Data ◦ Share Data.
ArcGIS for Server: Reference Implementations
1 Apache. 2 Module - Apache ♦ Overview This module focuses on configuring and customizing Apache web server. Apache is a commonly used Hypertext Transfer.
PAPI Points of Access to Providers of Information.
Simplify and Strengthen Security with Oracle Application Server Allan L Haensgen Senior Principal Instructor Oracle Corporation Session id:
MetaCentrum – the Czech computational grid Martin Kuba CESNET and Masaryk University Brno, Czech Republic.
IST Storage & Backup Group 2011 Jack Shnell Supervisor Joe Silva Senior Storage Administrator Dennis Leong.
NT SECURITY Introduction Security features of an operating system revolve around the principles of “Availability,” “Integrity,” and Confidentiality. For.
Oracle's Distributed Database Bora Yasa. Definition A Distributed Database is a set of databases stored on multiple computers at different locations and.
Turning Windows 7 into a Web Server Ch 28. Understanding Internet Information Services.
SSO Case Study Suchin Rengan Principal Technical Architect Salesforce.com.
Future home directories at CERN
The Million Point PI System – PI Server 3.4 The Million Point PI System PI Server 3.4 Jon Peterson Rulik Perla Denis Vacher.
Sync and Exchange Research Data b2drop.eudat.eu This work is licensed under the Creative Commons CC-BY 4.0 licence B2DROP EUDAT’s Personal.
Hosting Websites and Web Applications with Microsoft ® SQL Server ® 2008.
Text Microsoft to Or Tweet #uktechdays Questions?
ClinicalSoftwareSolutions Patient focused.Business minded. Slide 1 Opus Server Architecture Fritz Feltner Sept 7, 2007 Director, IT and Systems Integration.
Service ETH Zurich > Status:Prod since June 2013||Beta||Test||Planned Number of users (current, target):7400 Default and Maximum quota:50GB Linux/Mac/Win.
ALCF Argonne Leadership Computing Facility GridFTP Roadmap Bill Allcock (on behalf of the GridFTP team) Argonne National Laboratory.
Features Of SQL Server 2000: 1. Internet Integration: SQL Server 2000 works with other products to form a stable and secure data store for internet and.
PROOF tests at BNL Sergey Panitkin, Robert Petkus, Ofer Rind BNL May 28, 2008 Ann Arbor, MI.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Drupal at CERN Juraj Sucik Jarosław Polok.
Box.net Kerndeep Sidhu. What is Box.net? Provides cloud content management Empowers users to access and share content online Allows IT professionals to.
SQL Server 2012 Session: 1 Session: 4 SQL Azure Data Management Using Microsoft SQL Server.
BE-com.eu Brussel, 26 april 2016 EXCHANGE 2010 HYBRID (IN THE EXCHANGE 2016 WORLD)
Introduction to MySQL  Working with MySQL and MySQL Workbench.
Citrix ShareFile. Instant file access from any device Sharing and collaboration—with anyone Easy & Familiar (love Dropbox) USERS DEMAND Security Control.
Copyright © New Signature Who we are: Focused on consistently delivering great customer experiences. What we do: We help you transform your business.
ADFS - Does it Still have a Place? Fitting into the EMS puzzle Frank C. Drewes III 2016 Redmond Summit | Identity.
Redmond Protocols Plugfest 2016 Kevin Farlee Senior Program Manager SQL Server AlwaysOn in SQL Server 2016.
OIS Progress on Drupal pilot service ENTICE meeting, 30 th September 2010 Jarosław (Jarek) Polok IT-OIS Operating systems and Internet services.
Web-based Storage Access John Pugh Corp Technology Strategist Novell, Inc. Scott Villinski Corp Technology Strategist
Basharat Institute of Higher Education
File Syncing Technology Advancement in Seafile -- Drive Client and Real-time Backup Server Johnathan Xu CTO, Seafile Ltd.
iSCSI Storage Area Network
Federation made simple
CAS and Web Single Sign-on at UConn
Welcome to the 20th Anniversary of the IUG
Introduction to Data Management in EGI
Introduction to Soonr by ….
Real IBM C exam questions and answers
Enterprise Service Bus (ESB) (Chapter 9)
Landmark Data Copy.
A Network Operating System Edited By Maysoon AlDuwais
Securing web applications Externally
Presentation transcript:

SYNC & SHARE FOR THE DUTCH RESEARCH & HIGHER EDUCATION SURFdrive

How it al started about a year ago We want our own

How it al started about a year ago But, Privacy of data is important. No NSA allowed! Dutch institutes agreed on security & privacy rules/guidelines. Large number of whishes and requirements.

Plan Select a product in the autumn of 2013 to do a pilot. Do a pilot in Q Production april 1 st 2014 (no joke).

Important requirements Federated AuthN (SAML2, SURFconext) Sync clients: Offline access to files. Mobile clients. Sharing data with people inside the SURFconext community but also people outside this community.

And the winner is…. Owncloud Enterprise Edition, version 6.0.x Branded Clients. Shibboleth plugin already available. Pilot proofed that the feature set was a good starting point.

Federated Login using SURFconext Institutes manage the identity. SURFdrive manages the authorization. Transparent for the users.

Pilot Period Due to lack of time two tests simultaneously:  Pilot environment with about 250 users from Dutch universities. Mainly functionality tests.  Test environment for:  Stress testing and reliability tests.  Wrote a webdav-based test suite.  1000 concurrent reads, 100 concurrent writes.  Different configuration scenario’s for storage, webservers etc.

The Result: Technical Components Proxy:  HAproxy, v1.5 with SSL  Keepalived for IP failover Application servers:  Apache + Shibboleth  Owncloud Application  GlusterFS server+client Database:  MariaDB  Galera Master/Master replication Proxy:  Dell R415, 2x 3.1 GHz Opteron  16GB memory & 10GB NICs Application servers:  Dell R515, 2x 3.1 GHz 6C Opteron  128GB memory & 10GB NICs  40 TB RAID6 SATA Storage Database:  Dell R515, 2x 3.1 GHz 6C Opteron  64GB memory & 10GB NICs  400 GB RAID10 SSD storage

Technical Choices Proxy:  HAproxy, because it’s fast and low on resources. Application servers:  Apache, because of Shibboleth module support.  NGINX & Lighttpd are still considered because they are more robust and less memory hungry.  GlusterFS because we can easily mount it on all servers, also there were already some positive experiences and Object Storage was not supported. Database:  Galera makes failover so easy, and it’s master/master.

GlusterFS: All data twice !! Server 3 Server 4 Server 2 Server 1 Replicated Volume 0 Replicated Volume 1 Distributed-Replicated Volume Brick01 File 1 File 2

SURFdrive The Numbers We went live on 1st April Now we have 36 institutes connected. Besides Universities also: Higher Education. Research Institutes. Medical Centres (pilot). New institutes get connected each month. New users login each day. Last night we were at 2413 users.

SURFdrive Users

SURFdrive Storage Usage (TB)

SURFdrive Storage Usage per User (GB)

SURFdrive Number of Files

SURFdrive Daily Concurrent Connections Diner Do a few things after dinner Sleep End of the day Start of the day Lunch

SURFdrive Daily Concurrent Connections

Issues Database issues related to Galera replication and the absence of primary keys in some tables. Owncloud Client (sync clients as well as mobile clients) -Login issues related to Shibboleth implementation -Synchronisation issues/bugs -GUI Issues/bugs

Custom Implementation of Webdav Federated login using shibboleth breaks WebDAV. HTTP basic auth with webdav to allow access to SURFdrive using third-party apps. Implemented by Owncloud on our request: -Generated Password -Revoke Password -Visible Once!

Roadmap Provisioning Portal -Institutes have to de-provision the users themselves; they are control. Disaster Recovery -Secondary site as full copy of production. -Galera MariaDB over WAN. -GlusterFS Georeplication. Storage -Object-based (SWIFT). -Geographical distribution. Security -Two factor Authentication; part of SURFconext roadmap. -Client-side encryption.

More Roadmap

Service summary Status:Prod Number of users (current, target):2413|20k+ Default and Maximum quota:100GB and 100GB Linux/Mac/Win user ratio:6% / 18% / 76% Desktop clients/Mobile Clients/Web access ratio: 99.3%, 0.2%, 0.5% Technology:Owncloud Target communities:Universities, Institutes, Higher Education Integration in your current environment (examples): Not at all Risk factors:financial Most important functionality:Sync and share, federated login Missing functionality (if any):Admin functionality like accounting, simultaneous document editting

User feedback Very little actually

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.