-
Deployed the second bastion host from a template setup by the administrator.
-
CSM Replacement
-
Tested the load balancing algorithms on the CSM module while on two different server VLANS
-
-
BOINC
-
Created a virtual machine to provide a new service to allow individuals to contribute computer resources to research projects (boinc)
-
Ported an application for boinc into our boinc server.
-
-
Life Cycle Replacement
-
Replaced the apps1 antivirus server with a virtual machine.
-
-
Administration Network
-
Got a dedicated switch in stevenson and hill center for the administration network
-
-
Virtual Infrastructure
-
Expanded capacity of the virtual infrastructure by adding (4) 4 Dual Core Proc 32 GB RAM servers into the mix.
-
We were having performance issues with our Oracle databases running on virtual machines, implemented a change in Memory reservations that increased performance.
-
Archive for February, 2007
Wins Report 2/07
Tuesday, February 27th, 2007Wins Report 1/07
Tuesday, February 27th, 2007-
Virtual Infrastructure
-
Purchased new licenses for more ESX servers to expand capacity in the virtual Infrastructure
-
We were running 8 ESX 3.0.0 and Virtual Center 2.0 before we upgraded the infrastructure. Now we are running 6 ESX servers version 3.0.1 and Virtual Center 2.0.1 (Latest Release)
-
Stevenson Stabilization – In order to have a virtual infrastructure that is very resillient, a technology called Vmotion has to be implemented.
-
Got a dedicated switch in the high density rack in stevenson for virtual infrastructure.
-
Got a dedicated network allocated (10.2.6.1 – 10.2.7.254 ) for Vmotion technology
-
Reconfigured all ESX servers to use Vmotion on the dedicated network for vmotion
-
-
Implemented a permission structure in the virtual infrastructure to control changes in the virtual infrastructure. Now there are five administrators that are authorized to make changes to virtual hardware on a virtual machine.
-
-
Redhat Satellite
-
Added a second virtual disk to extend the disk capacity of RPMS to cache from redhat for systems to update their redhat packages.
-
Began separating the database server from the front end application server.
-
Began migrating the physics department from the mis redhat satellite server to our redhat satellite server
-
-
OSIS (Operator Services application replacement)
-
The amcom administrators were having problems generating a good CSR to use for a HTTPS certificate. Helped them generate CSR and get an oracle wallet to use for HTTPS secure transmissions from the front end application server
-
Identified security flaws in amcom’s proposed remote administration of operator PC’s (VNC) and corrected them by proposing using a different version of the remote management application (TightVNC) that allows for secured SSL communication.
-
Verified that the ITS firewall allowed connections from the backup server to backup the servers providing service for the amcom’s applications
-
Secured transmissions of the HR and SR feed by changing delivery from insecure FTP transmissions to secured public/private key SSH transmissions.
-
Scripted delivery of the HR and SR feed from the MIS server to our JBOSS application servers.
-
-
Sitemason Replacement
-
Built two virtual servers built to the specifications provided by sitemason
-
Setup accounts for the sitemason administrators to log into on the bastion host.
-
Secured their access to the new servers via public/private SSH key authentication.
-
Implemented sudo to mitigate the changes the sitemason administrators can do without letting us know, and keep the environment stable.
-
-
CSM (Switch Replacement)
-
We are replacing our main switches with Cisco equipment that will have a CSM load balancer module in one of the bays on the switch. So we have been tasked with testing how the load balancer will fit into the environment
-
Configured the CSM to load balance between two servers using a few of the load balancing algorithms in the module
-
Testing the load balancing algorithms from a client on the network
-
Tested the load balancing algorithms from behind the firewalls
-
-
Miscellaneous WINS
-
Since the new webmail servers have been running well, I changed the webmail environment to disallow users to use the old webmail system. (Decomissioned the old webmail servers)
-
Began the separation of the nagios server and the syslog server (which both currently run on noc-apps) by creating a new virtual machine to be a standalone nagios server.
-
Implemented a notification method that sends an email to the system administrators inbox only if a backup failed from the previous night. (The full description emails still go the the backup group mail box)
-
Patched Linux servers
-
Setup a virtual instance to load the new LDAP infrastructure on to begin the testing for master to master replication.
-
One of our administrators has set up a new bastion host for secure management of our severs. We were tasked with verifying that we could access servers from the new host.
-
Ensured that the new navigator system was being backed up.
-