Presentation is loading. Please wait.

Presentation is loading. Please wait.

Installation of Hyrax. Possible Installations Both OLFS and BES run on one machine OLFS on one machine and BES on another One OLFS and several instances.

Published byLoraine French Modified over 8 years ago

Similar presentations

Presentation on theme: "Installation of Hyrax. Possible Installations Both OLFS and BES run on one machine OLFS on one machine and BES on another One OLFS and several instances."— Presentation transcript:

1 Installation of Hyrax

2 Possible Installations Both OLFS and BES run on one machine OLFS on one machine and BES on another One OLFS and several instances of BES on different machines OLFS communicating with one or more BESs and other backend processors

3 Tradeoffs… single host Running both the OLFS and BES on one host is the easiest (that’s how we have configured the virtual machine) If the OLFS is compromised, then the host with the data is also compromised A firewall can still protect network access to the BES (limit access to its port to localhost) A compromised host still leaves the BES vulnerable to exploitation

4 Tradeoffs…two hosts Running the OLFS on one host (in the DMZ) and the BES on another is more complex Must check that during power on both reboot and connect Increased LAN traffic since the assumption is that the BES and OLFS are ‘close’ to each other and ample bandwidth is available A compromise of the DMZ (via the OLFS or some other web app) does not leave the BES vulnerable unless the attackers can leave the DMZ and access the internal machine on which the BES runs

5 Tradeoffs… multiple BESs A more complex configuration that provides a way to isolate loads for large archives Also provides a way to fit Hyrax into the existing organization of data within an organization (e.g., NASA GSFC is using this because they have different data on several computers for historical reasons) The affect of an exploit is limited if it does make it past the DMZ but this is not really a security feature per se, but flexibility to adapt to different organizations of data –It’s tempting to accomplish the same goal using NFS but this has lead to poor performance in the past.

6 Installation Security A separate issue from Ac/Az The BES must be protected: – With a firewall or –TLS & Client certificates Running the OLFS and BES on separate machines limits the scope of a compromise of the OLFS Ensure that the BES, Tomcat and Apache all run with limited access to the server host

7 Getting the Software Hyrax is composed of both a C/C++ daemon (BES) and a Java/Servlet Web application (OLFS) Several ways to get the software: –Download binaries for your hardware and operating system: www.opendap.org/download/ –Download source code distributions: Same as above –Use Subversion SCM system: scm.opendap.org:8090/trac

8 Tradeoffs… Subversion –Gets you the absolute latest code and developers may even get write access to submit fixes –You must have a full development environment –There’s limited support Source distributions –Correspond to development milestones –We try to coordinate between projects –You still must be able to build from source Binaries –Easiest, if your platform is supported - this is primarily an issue for the BES, not the OLFS –We build a limited set of binaries –Others also build binaries (Fedora Core extras, RPMFIND

9 …so what is a ‘full’ development environment? In a word, GNU. Specifically: –gcc/g++/g77 –JDK 1.5 –flex/bison –make –ant –autoconf/automake/libtool –dejagnu/CppUnit –Libraries: libcurl, libreadline, libxml2 –Apache, Tomcat –Emacs?, Eclipse? Get the latest of everything

10 What’s on the Virtual Machine Development tools –All of the preceding except Eclipse Sources –Libdap 3.7.7, linbc-dap 3.7.0 –Bes 3.5.1, dap-server 3.7.4, netcdf_handler 3.7.6, freeform_handler 3.7.5 –Netcdf 3.6.2 (from Unidata; needed for the netCDF handler) –Some sources for clients (NCO) Binaries –OLFS 1.2.3 –Clients: ODC, ncBrowse

Download ppt "Installation of Hyrax. Possible Installations Both OLFS and BES run on one machine OLFS on one machine and BES on another One OLFS and several instances."

Similar presentations

University of Southampton Electronics and Computer Science M-grid: Using Ubiquitous Web Technologies to create a Computational Grid Robert John Walters.

University of Southampton Electronics and Computer Science M-grid: Using Ubiquitous Web Technologies to create a Computational Grid Robert John Walters.
Hyrax Installation and Customization ESIP ‘08 Summer Meeting Best Practices in Services and Data Interoperability Dan Holloway James Gallagher.

Hyrax Installation and Customization ESIP ‘08 Summer Meeting Best Practices in Services and Data Interoperability Dan Holloway James Gallagher.
Honeypot 서울과학기술대학교 Jeilyn Molina 121336101. Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.

Honeypot 서울과학기술대학교 Jeilyn Molina Honeypot is the software or set of computers that are intended to attract attackers, pretending to be weak.
Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.

Cloud Computing Part #3 Zigmunds Buliņš, Mg. sc. ing 1.
Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.

Nada Abdulla Ahmed.  SmoothWall Express is an open source firewall distribution based on the GNU/Linux operating system. Designed for ease of use, SmoothWall.
June 23rd, 2009Inflectra Proprietary InformationPage: 1 SpiraTest/Plan/Team Deployment Considerations How to deploy for high-availability and strategies.

June 23rd, 2009Inflectra Proprietary InformationPage: 1 SpiraTest/Plan/Team Deployment Considerations How to deploy for high-availability and strategies.
Java Parallel Processing Framework. Presentation Road Map What is Java Parallel Processing Framework JPPF Features JPPF Requirements JPPF Topology JPPF.

Java Parallel Processing Framework. Presentation Road Map What is Java Parallel Processing Framework JPPF Features JPPF Requirements JPPF Topology JPPF.
Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.

Firewall Security Chapter 8. Perimeter Security Devices Network devices that form the core of perimeter security include –Routers –Proxy servers –Firewalls.
ANDROID PROGRAMMING MODULE 1 – GETTING STARTED

ANDROID PROGRAMMING MODULE 1 – GETTING STARTED
Microsoft ® Application Virtualization 4.5 Infrastructure Planning and Design Series.

Microsoft ® Application Virtualization 4.5 Infrastructure Planning and Design Series.
Virtual Network Servers. What is a Server? 1. A software application that provides a specific one or more services to other computers  Example: Apache.

Virtual Network Servers. What is a Server? 1. A software application that provides a specific one or more services to other computers  Example: Apache.
Adversaries in Clouds: Protecting Data in Cloud-Based Applications Nick Feamster Georgia Tech.

Adversaries in Clouds: Protecting Data in Cloud-Based Applications Nick Feamster Georgia Tech.
Tomcat Celsina Bignoli History of Tomcat Tomcat is the result of the integration of two groups of developers. – JServ, an open source.

Tomcat Celsina Bignoli History of Tomcat Tomcat is the result of the integration of two groups of developers. – JServ, an open source.
Hyrax Installation and Customization Dan Holloway James Gallagher.

Hyrax Installation and Customization Dan Holloway James Gallagher.
Linux Basics CS 302. Outline  What is Unix?  What is Linux?  Virtual Machine.

Linux Basics CS 302. Outline  What is Unix?  What is Linux?  Virtual Machine.
Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.

Real Security for Server Virtualization Rajiv Motwani 2 nd October 2010.
STRATEGIES INVOLVED IN REMOTE COMPUTATION

STRATEGIES INVOLVED IN REMOTE COMPUTATION
Hyrax Architecture Two cooperating processes: –Front-end provides DAP interface –Back-end reads data Both parts can be customized –Front-end: different.

Hyrax Architecture Two cooperating processes: –Front-end provides DAP interface –Back-end reads data Both parts can be customized –Front-end: different.
Csci5233 Computer Security1 Bishop: Chapter 27 System Security.

Csci5233 Computer Security1 Bishop: Chapter 27 System Security.
UNIT 1 INFRASTRUCTURE AND APPLICATION SUPPORT. UNIT OBJECTIVES Name the different ROSS application platforms. Describe the difference between client hardware,

UNIT 1 INFRASTRUCTURE AND APPLICATION SUPPORT. UNIT OBJECTIVES Name the different ROSS application platforms. Describe the difference between client hardware,

Similar presentations

Ads by Google