Presentation is loading. Please wait.

Presentation is loading. Please wait.

SYNC & SHARE FOR THE DUTCH RESEARCH & HIGHER EDUCATION SURFdrive https://surfdrive.surf.nl

Published byBrenda Pope Modified over 9 years ago

Similar presentations

Presentation on theme: "SYNC & SHARE FOR THE DUTCH RESEARCH & HIGHER EDUCATION SURFdrive https://surfdrive.surf.nl"— Presentation transcript:

1 SYNC & SHARE FOR THE DUTCH RESEARCH & HIGHER EDUCATION SURFdrive https://surfdrive.surf.nl info@surfdrive.nl

2 How it al started about a year ago We want our own

3 How it al started about a year ago But, Privacy of data is important. No NSA allowed! Dutch institutes agreed on security & privacy rules/guidelines. Large number of whishes and requirements.

4 Plan Select a product in the autumn of 2013 to do a pilot. Do a pilot in Q1 2014. Production april 1 st 2014 (no joke).

5 Important requirements Federated AuthN (SAML2, SURFconext) Sync clients: Offline access to files. Mobile clients. Sharing data with people inside the SURFconext community but also people outside this community.

6 And the winner is…. Owncloud Enterprise Edition, version 6.0.x Branded Clients. Shibboleth plugin already available. Pilot proofed that the feature set was a good starting point.

7 Federated Login using SURFconext Institutes manage the identity. SURFdrive manages the authorization. Transparent for the users.

8 Pilot Period Due to lack of time two tests simultaneously:  Pilot environment with about 250 users from Dutch universities. Mainly functionality tests.  Test environment for:  Stress testing and reliability tests.  Wrote a webdav-based test suite.  1000 concurrent reads, 100 concurrent writes.  Different configuration scenario’s for storage, webservers etc.

9 The Result: Technical Components Proxy:  HAproxy, v1.5 with SSL  Keepalived for IP failover Application servers:  Apache + Shibboleth  Owncloud Application  GlusterFS server+client Database:  MariaDB  Galera Master/Master replication Proxy:  Dell R415, 2x 3.1 GHz Opteron  16GB memory & 10GB NICs Application servers:  Dell R515, 2x 3.1 GHz 6C Opteron  128GB memory & 10GB NICs  40 TB RAID6 SATA Storage Database:  Dell R515, 2x 3.1 GHz 6C Opteron  64GB memory & 10GB NICs  400 GB RAID10 SSD storage

10 Technical Choices Proxy:  HAproxy, because it’s fast and low on resources. Application servers:  Apache, because of Shibboleth module support.  NGINX & Lighttpd are still considered because they are more robust and less memory hungry.  GlusterFS because we can easily mount it on all servers, also there were already some positive experiences and Object Storage was not supported. Database:  Galera makes failover so easy, and it’s master/master.

11 GlusterFS: All data twice !! Server 3 Server 4 Server 2 Server 1 Replicated Volume 0 Replicated Volume 1 Distributed-Replicated Volume Brick01 File 1 File 2

12 SURFdrive The Numbers We went live on 1st April 2014. Now we have 36 institutes connected. Besides Universities also: Higher Education. Research Institutes. Medical Centres (pilot). New institutes get connected each month. New users login each day. Last night we were at 2413 users.

13 SURFdrive Users

14 SURFdrive Storage Usage (TB)

15 SURFdrive Storage Usage per User (GB)

16 SURFdrive Number of Files

17 SURFdrive Daily Concurrent Connections Diner Do a few things after dinner Sleep End of the day Start of the day Lunch

18 SURFdrive Daily Concurrent Connections

19 Issues Database issues related to Galera replication and the absence of primary keys in some tables. Owncloud Client (sync clients as well as mobile clients) -Login issues related to Shibboleth implementation -Synchronisation issues/bugs -GUI Issues/bugs

20 Custom Implementation of Webdav Federated login using shibboleth breaks WebDAV. HTTP basic auth with webdav to allow access to SURFdrive using third-party apps. Implemented by Owncloud on our request: -Generated Password -Revoke Password -Visible Once!

21 Roadmap Provisioning Portal -Institutes have to de-provision the users themselves; they are control. Disaster Recovery -Secondary site as full copy of production. -Galera MariaDB over WAN. -GlusterFS Georeplication. Storage -Object-based (SWIFT). -Geographical distribution. Security -Two factor Authentication; part of SURFconext roadmap. -Client-side encryption.

22 More Roadmap

23 Service summary Status:Prod Number of users (current, target):2413|20k+ Default and Maximum quota:100GB and 100GB Linux/Mac/Win user ratio:6% / 18% / 76% Desktop clients/Mobile Clients/Web access ratio: 99.3%, 0.2%, 0.5% Technology:Owncloud Target communities:Universities, Institutes, Higher Education Integration in your current environment (examples): Not at all Risk factors:financial Most important functionality:Sync and share, federated login Missing functionality (if any):Admin functionality like accounting, simultaneous document editting

24 User feedback Very little actually

Download ppt "SYNC & SHARE FOR THE DUTCH RESEARCH & HIGHER EDUCATION SURFdrive https://surfdrive.surf.nl"

Similar presentations

Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.

Microsoft ® Official Course First Look Clinic Overview of Windows 8 By Ragowo Riantory, S.Kom, MCP.
Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.

Access & Identity Management “An integrated set of policies, processes and systems that allow an enterprise to facilitate and control access to online.
Hosted Revolution Ltd Hosted Exchange October 2009 V2.01.

Hosted Revolution Ltd Hosted Exchange October 2009 V2.01.
ELAG Trondheim 2004 1 Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.

ELAG Trondheim Distributed Access Control - BIBSYS and the FEIDE solution Sigbjørn Holmslet, BIBSYS, Norway Ingrid Melve, UNINET, Norway.
Futures – Alpha Cloud Deployment and Application Management.

Futures – Alpha Cloud Deployment and Application Management.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
CERN IT Department CH-1211 Geneva 23 Switzerland www.cern.ch/i t Data & Storage Services Technical student CERN IT-DSS-FDO University of Vigo WCSFSS 2014.

CERN IT Department CH-1211 Geneva 23 Switzerland t Data & Storage Services Technical student CERN IT-DSS-FDO University of Vigo WCSFSS 2014.
Shared File Service VM Forum January, 2012. SFS Topics Targeted Usage Security Accessing CIFS Shares Availability & Protection Monitoring Pricing.

Shared File Service VM Forum January, SFS Topics Targeted Usage Security Accessing CIFS Shares Availability & Protection Monitoring Pricing.
6/4/2015Page 1 Enterprise Service Bus (ESB) B. Ramamurthy.

6/4/2015Page 1 Enterprise Service Bus (ESB) B. Ramamurthy.
Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.

Federated sign-in WS-Federation WS-Trust SAML 2.0 Metadata Shibboleth Graph API Synchronize accounts Authentication.
Secure Off Site Backup at CERN Katrine Aam Svendsen.

Secure Off Site Backup at CERN Katrine Aam Svendsen.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 11 Managing and Monitoring a Windows Server 2008 Network.
Storwize V7000 IP Replication solution explained

Storwize V7000 IP Replication solution explained
Barracuda Networks Steve Scheidegger Commercial Account Manager 734-887-2422

Barracuda Networks Steve Scheidegger Commercial Account Manager
Windows ® Powered NAS. Agenda Windows Powered NAS Windows Powered NAS Key Technologies in Windows Powered NAS Key Technologies in Windows Powered NAS.

Windows ® Powered NAS. Agenda Windows Powered NAS Windows Powered NAS Key Technologies in Windows Powered NAS Key Technologies in Windows Powered NAS.
November 2009 Network Disaster Recovery October 2014.

November 2009 Network Disaster Recovery October 2014.
Chapter 8 Hardening Your SQL Server Instance. Hardening  Hardening The process of making your SQL Server Instance more secure  New features Policy based.

Chapter 8 Hardening Your SQL Server Instance. Hardening  Hardening The process of making your SQL Server Instance more secure  New features Policy based.
CTS Private Cloud Status Quarterly Customer Meeting October 22, 2014.

CTS Private Cloud Status Quarterly Customer Meeting October 22, 2014.
Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.

Module 12: Designing an AD LDS Implementation. AD LDS Usage AD LDS is most commonly used as a solution to the following requirements: Providing an LDAP-based.
70-284 MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.

MCSE Guide to Microsoft Exchange Server 2003 Administration Chapter Four Configuring Outlook and Outlook Web Access.

Similar presentations

Ads by Google