Difference between revisions of "Hardware servers"

From Cncz
Jump to navigation Jump to search
m
(136 intermediate revisions by 6 users not shown)
Line 2: Line 2:
  
 
[nl]
 
[nl]
C&CZ beheert ca. 50 Sun/Solaris/SPARC servers, ca. 120 Linux workstations
+
C&CZ beheert ca. 900 Linux workstations
en servers en ca. 600 servers en werkplekken met MS-Windows, voornamelijk in het domein <tt>science.ru.nl</tt>. Voor alle machines staat de hardware en de versie van het operating system in DNS vermeld.
+
en servers, en ca. 900 servers en werkplekken met MS-Windows, voornamelijk in het domein <tt>science.ru.nl</tt>. Dual boot machines (Linux/Windows) worden hierbij dubbel geteld.
 
[/nl]
 
[/nl]
 
[en]
 
[en]
C&amp;CZ manages ca. 50 Sun/Solaris/SPARC servers, ca. 120 Linux workstations and ca. 600 servers and workstations with MS-Windows, primarily in the domain <tt>science.ru.nl</tt>. The hardware and version of the operating system is registered in DNS.
+
C&amp;CZ manages ca. 900 Linux workstations and servers, and ca. 900 servers and workstations with MS-Windows, primarily in the domain <tt>science.ru.nl</tt>. Dual boot Windows/Linux machines are counted twice.
 
[/en]
 
[/en]
  
Line 13: Line 13:
  
 
[nl]
 
[nl]
C&CZ beheert voor afdelingen werkplekken met Fedora Core Linux of Windows-XP. Ook zijn er in de PC-kamers  en het Studielandschap algemeen toegankelijke werkplekken waarvan iedereen met een [[Studenten_login|Science login]] gebruik kan maken. Daarvan zijn er ca 20 met Fedora Core Linux, de rest is Windows-XP.
+
C&CZ beheert voor afdelingen werkplekken met Ubuntu Linux of MS-Windows. Ook zijn er in de PC-kamers  en het Studielandschap algemeen toegankelijke werkplekken waarvan iedereen met een [[Studenten_login|Science login]] gebruik kan maken, maar ook alle RU-medewerkers en RU-studenten en gasten met een tijdelijke login. Vrijwel alles is dual boot, de gebruiker kan kiezen uit Ubuntu Linux en MS-Windows.
 
[/nl]
 
[/nl]
 
[en]
 
[en]
C&amp;CZ manages for departments workstations with Fedora Core Linux or Windows-XP. There are also workstations in the PC-rooms and Studielandschap for general use by anybody with a [[Studenten_login|Science login]].  
+
C&amp;CZ manages (for departments) workstations with Ubuntu Linux or MS-Windows. There are also workstations in the PC-rooms and Study area for general use by anybody with a [[Studenten_login|Science login]], but also by all RU employees and students and guests with a temporary login. Almost all those machines are dual boot, the user can choose to boot Ubuntu Linux or MS-Windows.
 
[/en]
 
[/en]
  
=== Login-servers ===
+
=== Linux [loginservers][login servers] ===
  
* <tt>solost</tt>, [de][the] Solaris login-servers [voor studenten][for students].
+
[nl]
* <tt>solo</tt> [en][and] <tt>wn5</tt>, [de][the] Solaris login-servers [voor medewerkers][for employees].
+
Er zijn enkele [[SSH|secure shell]] servers beschikbaar voor studenten en medewerkers van FNWI (iedereen met een [[Login|Science account]]).
* <tt>lilo</tt>, [de][the] Linux login-server [voor medewerkers][for employees] [en][and] [studenten][students].
+
 
 +
Deze zijn voor algemeen gebruik: iedereen mag ze gebruiken zoals men wil, *zolang het geen overlast voor anderen oplevert*.
 +
 
 +
De standaard loginserver is:
 +
lilo.science.ru.nl
 +
 
 +
De naam van de alternatieve loginserver is:
 +
stitch.science.ru.nl
  
 +
Op dit moment wijst lilo naar een machine met de naam lilo6. Stitch wijst naar lilo5 Ubuntu 16.04, deze is niet de default lilo, omdat we standaard Ubuntu 18.04 op desktops installeren. Er is een test van Ubuntu 20.04 op de nieuwe lilo7.
  
[Manieren om in te loggen op de login-servers][Ways to log into the login servers]:
+
De ssh vingerafdrukken van de lilo's zijn:
  
[nl]
 
* Met [[ssh_|SSH (Secure Shell)]], zodat wachtwoorden niet afgeluisterd kunnen worden. Dit kan vanuit het hele Internet. Men kan X11-verkeer (van [[xwin32_|Xwin32]])tunnelen.
 
* Met <tt>telnet</tt> of <tt>rsh</tt>. Omdat in dat geval het wachtwoord onversleuteld over het netwerk gaat, kan dat alleen van binnen RU/UMCN.
 
 
[/nl]
 
[/nl]
 
[en]
 
[en]
* With [[ssh_|SSH (Secure Shell)]], which is an encrypted connection, so passwords can't be sniffed. An SSH connection is possible from all over the Internet.
+
A few [[SSH|secure shell]] servers are available for Students and Staff of the Faculty (everyone with a [[Login|Science account]]). You can use it just as you like, *as long as you do not cause problems for other users*.
* With <tt>telnet</tt> or <tt>rsh</tt>. Because passwords can in that case be sniffed from the network, this is only allowed from within the RU/UMCN-campus.
+
 
 +
The primary login server can be reached with the following address:
 +
lilo.science.ru.nl
 +
 
 +
The name of the backup login server is:
 +
stitch.science.ru.nl
 +
 
 +
At the moment, lilo points to a machine called lilo6. Stitch points to lilo5, running Ubuntu 16.04, it is not the default, because the default desktop Linux is Ubuntu 18.04, which is installed on lilo6. There is a test of Ubuntu 20.04 on the new lilo7.
 +
 
 +
The ssh fingerprints for lilo5 and lilo6 are:
 
[/en]
 
[/en]
  
 +
1024 SHA256:g/LY9oywiXFi5jrO93JFImvm5fwYrRxlloefHH1yU2s  root@lilo5 (DSA)
 +
2048 SHA256:VK8+B+OuT+n8JSjoy9uWYw5COb+cZ+01S/pWiAteEtA  root@lilo5 (RSA)
 +
  256 SHA256:NeO+rdPufkFYEgLs6YMWPvMJzOBK9pNlxdjMJzK3OBY  root@lilo5 (ECDSA)
 +
  256 SHA256:zViYANQchkRs6QNPSSoxOkVyA8Ixe7aZCvzcSQEZK7s  root@lilo5 (ED25519)
 +
1024 MD5:2c:ae:19:79:9c:23:7b:f3:d0:49:7a:cb:fa:30:68:c5  root@lilo5 (DSA)
 +
2048 MD5:66:18:8e:fa:bd:d9:83:91:86:f3:0e:35:d1:f5:31:2a  root@lilo5 (RSA)
 +
  256 MD5:7d:08:27:61:ac:c8:f1:05:4f:c9:91:2a:83:e5:c3:4f  root@lilo5 (ECDSA)
 +
  256 MD5:a4:6c:15:3b:c8:01:7f:d2:65:89:74:c6:32:7f:7e:c6  root@lilo5 (ED25519)
 +
 +
1024 SHA256:JVE0FA1fFGtzbuqP1D6cW8V3fkmqxdCL5H3xRMsiJxc  lilo6 (DSA)
 +
2048 SHA256:c+kPQDMuzf+1uKIJt8RIFOUume0Z1g2UjUOpxXXyCuY  lilo6 (RSA)
 +
  256 SHA256:dRvKM7qcQF8wGZZofYT3/JbSGUXA3l3nadzzqrHvWhE  lilo6 (ECDSA)
 +
  256 SHA256:5PBNahtMibQTmjQgDlBM4OVEJ4fo9vJv/4JTJ1XfXB8  lilo6 (ED25519)
 +
1024 MD5:e7:2c:39:51:18:7a:17:26:c8:55:a1:f8:61:5d:fa:d8  lilo6 (DSA)
 +
2048 MD5:f9:8a:5f:16:7b:2b:6c:42:26:78:c5:bc:a3:94:ed:33  lilo6 (RSA)
 +
  256 MD5:d6:2a:8b:7a:7d:ab:f6:4b:99:5c:9f:be:1e:98:ae:0e  lilo6 (ECDSA)
 +
  256 MD5:39:6c:c9:da:a6:3b:3b:48:0e:a0:26:b5:7a:ea:a6:89  lilo6 (ED25519)
 +
 +
  256  SHA256:si3g2elo5m6TShx3PjX0+vF50pZ8NK/iXz/ESB+ZeP0 lilo7 (ECDSA)
 +
  256  SHA256:wHypnsKnhOMcagDli8xSxp2AnRYXAIfs+EVNB1/LdiA lilo7 (ED25519)
 +
3072  SHA256:Ce6uHmTO4693gFgFzSROlkSY2urZLpKm2i2Ibc9tQ6A lilo7 (RSA)
 +
  256  MD5:61:aa:8b:f7:d8:fb:a0:41:a9:ab:3b:33:89:7a:71:fd lilo7 (ECDSA)
 +
  256  MD5:47:0d:11:c8:65:4e:40:24:14:c0:6f:86:55:79:56:dc lilo7 (ED25519)
 +
3072  MD5:2c:54:2a:7b:74:3b:8a:87:ba:80:b8:76:13:c2:eb:d4 lilo7 (RSA)
 
[nl]
 
[nl]
De [http://cricket.science.ru.nl/grapher.cgi?target=%2Fhosts CPU-load van belangrijke servers] wordt automatisch bijgehouden. <br />
+
===== ISP's met beperkte Internet-toegang =====
 +
 
 +
Als je achter een firewall zit die geen uitgaand verkeer op de standaard ssh poort 22 toestaat, dan is ook poort 80 en 443 voor ssh naar lilo/stitch te gebruiken, omdat ze ook op die poorten een verbinding toestaan.
 
[/nl]
 
[/nl]
 
[en]
 
[en]
The [http://cricket.science.ru.nl/grapher.cgi?target=%2Fhosts CPU-load of important servers] is being monitored.
+
==== Restricted ISP's ====
 +
 
 +
In case you are behind a firewall that does not permit outgoing connections to the standard ssh port 22: our login servers also allow ssh connections to ports 80 and 443.
 
[/en]
 
[/en]
  
=== [Reken-][Compute ]servers ===
+
=== [Reken-][Compute ]servers/clusters ===
  
 
[nl]
 
[nl]
Begin 2006 is door een aantal afdelingen een stapel Sun Fire X4100 dual-processor dual-core machines aangeschaft.
+
C&CZ beheert een aantal rekenclusters, waarbij afdelingen hun eigen compute nodes aangeschaft hebben. In enkele gevallen hebben afdelingen (Astrofysica, Neuroinformatica) een apart cluster gemaakt door ook hun eigen headnode (master) aan te schaffen. Het grootste <tt>cn</tt>-cluster heeft ook een door C&CZ aangeschafte node, waar FNWI-afdelingen na overleg met C&CZ gebruik van kunnen maken.
In 2007 is [[software_cluster_|Cluster software]] geinstalleerd.
+
Voor afdelingen van FNWI is de housing en het beheer van clusternodes gratis. Het <tt>cn</tt>-cluster is heterogeen. De nieuwste nodes gebruiken [[Slurm|SLURM]] als clustersoftware, alle andere zullen daarop overgaan. Oudere nodes de oudste nodes hebben nog [http://www.adaptivecomputing.com/products/open-source/torque/ Torque] / [http://www.adaptivecomputing.com/products/open-source/maui/ MAUI]. Per februari 2018 telde het cn-cluster 60 nodes met 1560 cores en 8 TB RAM. Diverse clusternodes hebben een GPU met CUDA cores. De [https://cricket.science.ru.nl/grapher.cgi?target=%2Fclusternodes%2Foverview CPU-load van de cn-clusternodes] wordt automatisch bijgehouden.
De [http://cricket.science.ru.nl/grapher.cgi?target=%2Fclusternodes CPU-load van de clusternodes] wordt automatisch bijgehouden.  
+
 
 +
Het coma-cluster van Sterrenkunde met (per februari 2018) 920 cores, 7360 GB RAM, 600 TB fileserver storage, GPU's en snelle [http://nl.wikipedia.org/wiki/InfiniBand Infiniband] interconnectie is een apart cluster. Ook voor de RU-afdelingen [http://www.ru.nl/cls/ Centre for Language Studies] en [http://www.ru.nl/donders/ Donders Centre for Cognition] worden aparte rekenclusters beheerd.
 +
 
 +
Soms worden ook de PC's in de [http://wiki.science.ru.nl/cncz/Sleutelprocedure_terminalkamers#.5BOverige_afspraken.5D.5BOther_issues.5D terminalkamers] buiten de openingstijden gebruikt als rekencluster.  
 
[/nl]
 
[/nl]
 
[en]
 
[en]
Beginning 2006 a number of departments bought a bunch of Sun Fire X4100 dual-processor dual-core machines in order to have more Linux computing power. In 2007 [[software_cluster_|Cluster software]] was installed,  
+
C&CZ manages a number of compute clusters, with compute nodes that departments have purchased. In a few cases, departments have created a separate cluster by also purchasing their own head node (master). The largest <tt>cn</tt>-cluster also has a node purchased by C&CZ, so FNWI departments may use that after approval by C&CZ.
The [http://cricket.science.ru.nl/grapher.cgi?target=%2Fclusternodes CPU-load of the clusternodes] is being monitored.
+
For departments of FNWI the housing and management of clusternodes is free of charge. The <tt>cn</tt>-cluster is heterogeneous. The newest nodes have [[Slurm|SLURM]] as cluster software, other nodes wil be moved from [http://www.adaptivecomputing.com/products/open-source/torque/ Torque] / [http://www.adaptivecomputing.com/products/open-source/maui/ MAUI] to SLURM. As of February 2018, the cn-cluster totalled 60 nodes with 1560 cores and 8 TB RAM. Several clusternodes have a GPU with CUDA cores. The [https://cricket.science.ru.nl/grapher.cgi?target=%2Fclusternodes%2Foverview CPU-load of the clusternodes] is being monitored.
 +
 
 +
The Astrophysics coma cluster with 920 cores, 7360 GB RAM, 600 TB fileserver storage, GPU's and Infiniband interconnect is a separate cluster. Separate clusters are also managed for the RU departments [http://www.ru.nl/cls/ Centre for Language Studies] en [http://www.ru.nl/donders/ Donders Centre for Cognition].
 +
 
 +
Sometimes outside of opening hours also the pcs in the [http://wiki.science.ru.nl/cncz/Sleutelprocedure_terminalkamers#.5BOverige_afspraken.5D.5BOther_issues.5D computer labs] are used as a compute cluster.
 
[/en]
 
[/en]
  
Line 59: Line 108:
  
 
[nl]
 
[nl]
Op welke mail-server de mail voor een bepaalde gebruiker afgeleverd wordt (en dus te lezen is), kan die gebruiker zijn op de [http://dhz.science.ru.nl/ Doe-Het-Zelf website]. Mail is toegankelijk via POP3 en IMAP over SSL. De alias <tt>smtp.science.ru.nl</tt> wijst naar de machine waar mail afgeleverd kan worden met het SMTP-protocol. ''N.B.'': Wanneer men via een andere (niet-RU) Internet-provider aangesloten is, zal onze mailserver alleen mail voor onze (RU) gebruikers accepteren en veel andere mail weigeren ("Relaying Denied!"). Men kan dit voorkomen door de smtp-server van de Internet-provider te gebruiken of door gebruik te maken van Authenticated SMTP.
+
Op welke mail-server de mail voor een bepaalde gebruiker afgeleverd wordt (en dus te lezen is), kan die gebruiker zijn op de [http://dhz.science.ru.nl/ Doe-Het-Zelf website]. Mail is toegankelijk via IMAP over SSL. POP3 wordt ondersteund, maar niet aangeraden. De alias <tt>smtp.science.ru.nl</tt> wijst naar de machine waar mail afgeleverd kan worden met het SMTP-protocol. ''N.B.'': Wanneer men via een andere (niet-RU) Internet-provider aangesloten is, zal onze mailserver alleen mail voor onze (RU) gebruikers accepteren en veel andere mail weigeren ("Relaying Denied!"). Men kan dit voorkomen door de smtp-server van de Internet-provider te gebruiken of door gebruik te maken van [[Email_authsmtp|Authenticated SMTP]].
 +
[/nl]
 +
[en]
 +
On the [http://diy.science.ru.nl/ Do-It-Yourself website] each user can see which mail server will store incoming mail for his account. Mail can be accessed with IMAP over SSL. The use of POP3 is supported, but not advised. In every domain managed by C&amp;CZ the alias  <tt>smtp.science.ru.nl</tt> points to the machine that accepts mail with the SMTP-protocol. ''N.B.'': If one uses a (non-RU) Internet provider, our mail server will only accept mail for our (RU) mail-addresses.  Most other mail will not be accepted ("Relaying Denied!"). One can prevent this by using the smtp-server of the Internet-provider or by using [[Email_authsmtp|Authenticated SMTP]].
 +
[/en]
  
De [http://cricket.science.ru.nl/grapher.cgi?target=%2Fmail hoeveelheid mail en spam] wordt automatisch bijgehouden.
+
=== WWW[-][ ]servers ===
 +
 
 +
[nl]
 +
Er zijn verschillende WWW-servers met websites en web-applicaties. Een beschrijving van de [[ApacheSetup|setup van de Apache webservers]] is beschikbaar.  
 
[/nl]
 
[/nl]
 
[en]
 
[en]
On the [http://diy.science.ru.nl/ Do-It-Yourself website] each user can see which mail server will store incoming mail for his account. Mail can be accessed with POP3 and IMAP over SSL. In every domain managed by C&amp;CZ the alias  <tt>smtp.science.ru.nl</tt> points to the machine that accepts mail with the SMTP-protocol. ''N.B.'': If one uses a (non-RU) Internet provider, our mail server will only accept mail for our (RU) mail-addresses. Most other mail will not be accepted ("Relaying Denied!"). One can prevent this by using the smtp-server of the Internet-provider or by using Authenticated SMTP.
+
There are several WWW-servers with websites and web applications. A description of the [[ApacheSetup|Apache webserver setup]] is available.
 
[/en]
 
[/en]
  
=== WWW[-][ ]servers ===
+
=== GitLab[-][ ] servers ===
  
 
[nl]
 
[nl]
Er zijn verschillende [[internet_servers|WWW-servers]]. De [http://cricket.science.ru.nl/grapher.cgi?target=%2Fwebservers hits van de meeste webservers] worden automatisch bijgehouden.
+
De [https://wiki.science.ru.nl/cncz/GitLab GitLab] service maakt het mogelijk om gezamenlijk broncode te ontwikkelen, git repositories te beheren, issues te traken en broncode te reviewen.  
 +
 
 +
De ssh vingerafdrukken van gitlab zijn:
 +
 
 
[/nl]
 
[/nl]
 
[en]
 
[en]
There are several [[internet_servers|WWW-servers]]. The
+
The [https://wiki.science.ru.nl/cncz/GitLab GitLab] service provides a source code collaboration platform, git repository manager, issue tracker and code reviewer.
[http://cricket.science.ru.nl/grapher.cgi?target=%2Fwebservers hits of most webservers] is being monitored.
+
 
 +
The ssh fingerprints for gitlab.science.ru.nl:
 +
 
 
[/en]
 
[/en]
 +
  256 SHA256:BSSXi19WgCSpZu5AQkUTtwm+5zAMioQJpFE3oxBrIMQ root@gitlab (ECDSA)
 +
  256 SHA256:7G/4WD/tUE8H0k9MkBznlcx+ZWgUxnn3KazKm1XQwRk root@gitlab (ED25519)
 +
2048 SHA256:NgZ9HciXlwG5JNPSFbem7bBbDbhqaNAO7JHag8rwi/I root@gitlab (RSA)
 +
 +
gitlab.pep.cs.ru.nl fingerprints:
 +
 +
  256 SHA256:pBFiBobAQTozB0xeeMCp3Du2PFtX7YIXw6XRFJSAGH0 root@gitlab (ECDSA)
 +
  256 SHA256:iWfwGvGZ/hdFImBzzG5Bu/y5gqhUkLOdSTYmzl1+k2w root@gitlab (ED25519)
 +
2048 SHA256:lWWFUfhwODG0bBuQJUR8ymlVfqpNHrXk0xbFAoDpTIg root@gitlab (RSA)
  
 
=== Printer[-][ ]servers ===
 
=== Printer[-][ ]servers ===
  
 
[nl]
 
[nl]
De alias <tt>printer-srv.science.ru.nl</tt> wijst naar de machine die vrijwel alle [[hardware_printers_|netwerk-printers]] aanstuurt. <br />
+
Diverse servers zijn betrokken bij het aansturen van printers. Zie de [[hardware_printers_|printerpagina]] om te zien welke server geadviseerd wordt in welke situatie.
 
[/nl]
 
[/nl]
 
[en]
 
[en]
The alias <tt>printer-srv.science.ru.nl</tt> points to the machine that manages almost all queues for the
+
Several servers are used to print jobs. See the [[hardware_printers_|printer webpage]] to see which server is advised in which situation.
[[hardware_printers_|network printers]].
 
 
[/en]
 
[/en]
  
Line 91: Line 160:
 
[nl]
 
[nl]
 
Deze servers delen verschillende typen files uit zoals home-directories, applicatie-software en schijven voor afdelingen en groepen. Alle moderne servers hebben alleen maar redundante disks, soms door "mirroring", soms door een "RAID-array". Dat betekent dat uitval van 1 enkele schijf geen overlast voor gebruikers veroorzaakt.
 
Deze servers delen verschillende typen files uit zoals home-directories, applicatie-software en schijven voor afdelingen en groepen. Alle moderne servers hebben alleen maar redundante disks, soms door "mirroring", soms door een "RAID-array". Dat betekent dat uitval van 1 enkele schijf geen overlast voor gebruikers veroorzaakt.
 +
[/nl]
 
[en]
 
[en]
These servers share different types of files, e.g. home-directories, application-software and disks for departments and groups. All modern servers only have redundant disks, sometimes by using "mirroring", sometimes by use of a "RAID-array". That means that loss of only 1 disk will nor cause any problem for users.
+
These servers share different types of files, e.g. home-directories, application-software and disks for departments and groups. All modern servers only have redundant disks, sometimes by using "mirroring", sometimes by use of a "RAID-array". That means that loss of only 1 disk will not cause any problem for users.
 
[/en]
 
[/en]
  
 
[nl]
 
[nl]
De belangrijkste disk-servers op de server-subnetten zijn pluri, manus, plus en multi. Pluri en manus hebben o.a. de home-directories voor respectievelijk medewerkers en studenten. De RAID-arrays waar deze home-directories op staan, zijn in 7*24 uur onderhoud, waardoor een eventuele storing nooit echt lang zou moeten kunnen duren. Natuurlijk worden van de data ook [[Backup|backups]] gemaakt. De individuele schijven zijn scsi-schijven met 5 jaar fabrieksgarantie.
+
Zie voor mee informatie, bijvoorbeeld over [https://wiki.science.ru.nl/cncz/Diskruimte?setlang=nl#.5BNetwork_shares.5D.5BNetwerk_schijven.5D huren van schijfruimte] door afdelingen, de [[Diskruimte|diskruimte]]-pagina.
 
[/nl]
 
[/nl]
 
[en]
 
[en]
The most important disk servers on that server-subnets are pluri, manus, plus en multi. Pluri en manus have home-directories for employees and students, respectively. The RAID-arrays with these home-directories have 7*24 hours support. Therefore a problem with these RAID-arrays should not continue for many hours. The individual disks are scsi-disks with 5 years of factory warranty.
+
For more information, e.g. about [https://wiki.science.ru.nl/cncz/Diskruimte?setlang=en#.5BNetwork_shares.5D.5BNetwerk_schijven.5D renting disc space] for departments, see our [[Diskruimte|disc space]] page.
 
[/en]
 
[/en]
 +
 +
=== VPN[-][ ]server ===
  
 
[nl]
 
[nl]
Multi en plus hebben ook RAID-arrays, maar van een minder duur type (SATA-1 resp SATA-2 schijven, onderhoud alleen tijdens kantooruren). Op deze RAID-arrays kunnen afdelingen van de FNWI schijfruimte huren, op dit moment in brokken van 90GB voor 405 euro voor 3 jaar. Dit komt overeen met 1,50 euro per GB per jaar. Hoewel dit aanmerkelijk duurder is dan het aanschaffen van 1 harde schijf voor 1 PC, is het vaak zinvol vanwege de betrouwbaarheid (redundante schijven, backup, onderhoudscontract) en bedrijfszekerheid (stabiele server). Een of meer mappen op zo'n 90GB partitie kunnen op Windows PCs beschikbaar worden als een schijf, door het maken van een netwerkverbinding. Op Unix/Linux computers kunnen ze via NFS aangekoppeld worden. De mogelijkheid om te lezen en/of te schrijven in zo'n map kan beperkt worden tot een groep logins.
+
Om vanaf overal op het Internet toegang te hebben tot servers en services van het campusnetwerk is er een [[Vpn|VPN]]-service.
 
[/nl]
 
[/nl]
 
[en]
 
[en]
Multi and plus also have RAID-arrays, but these are less expensive (SATA-1 or SATA-2 disks, support only during bussiness hours). Faculty departments can rent disk space on these RAID-arrays, at this moment in chunks of 90GB for 405 euro for 3 years. This is 1.50 euro per GB per year. Although this is much more expensive than buying 1 disk for 1 PC, it makes sense often because of the reliability (redundant disks, backup, support contract) and security (stable server). One or more directories can be shared to Windows-PCs by attaching a network share. Unix/Linux computers can mount the same disk through NFS. Reading and/or writing to such a directory is generally only possible for a specific group of logins.
+
To make it possible for users anywhere on the Internet to use servers and services as if one is connected to the campus network, a [[Vpn|VPN]] service is available.
 +
[/en]
 +
 
 +
=== FTP[-][ ]server ===
 +
 
 +
[nl]
 +
Om het aanbieden van grote bestanden aan anderen eenvoudig te maken, is er een  FTP-service. De service is zowel toegankelijk via [ftp://ftp.science.ru.nl/pub het originele FTP-protocol] als via [https://ftp.science.ru.nl het HTTPS-protocol van het web]. Iedereen met een Science-account die [[Contact|via postmaster]] een map (directory) op deze server heeft gekregen, kan op verschillende manieren daar bestanden naartoe kopi&euml;ren:
 +
* via een loginserver als <tt>lilo</tt> op <tt>/vol/ftp/pub/</tt><em>uweigenmap</em>.
 +
* door de netwerkschijf aan te koppelen: <tt>\\ftp.science.ru.nl\ftp</tt>
 +
Door het gebruik van een onleesbare bovenliggende map met een geheime map daaronder, kan men ook enigszins gevoelige data overdragen. 
 +
[/nl]
 +
[en]
 +
To make the transfer of large files to others simple, there is an FTP service. It can be accessed through [ftp://ftp.science.ru.nl/pub the original FTP protocol] as well as through [https://ftp.science.ru.nl the web HTTPS protocol]. Anyone with a Science-account who acquired a directory on this server [[Contact| through postmaster]], can copy files to that directory in several ways:
 +
* by logging in to a login server like <tt>lilo</tt> in <tt>/vol/ftp/pub/</tt><em>yourdirectory</em>.
 +
* by attaching the network drive: <tt>\\ftp.science.ru.nl\ftp</tt>
 +
By using an unreadable upper directory containing a secret directory, one can even transfer somewhat sensitive data.
 +
[/en]
 +
 
 +
=== License[-][ ]servers ===
 +
 
 +
[nl]
 +
Voor allerlei software pakketten is er een license server, die het mogelijk maakt om op alle werkplekken de software te gebruiken, waarbij
 +
het totale gebruik binnen het totaal aantal gekochte licenties blijft. Veel van deze licenties werken op basis van [http://www.flexerasoftware.com/producer/products/software-monetization/flexnet-licensing/ FlexNet] van Flexera.
 +
[/nl]
 +
[en]
 +
For several software packages there is a license server, that allows use of the software on all pc's, while making sure that the total number of licenses uses is not more than what has been bought. Most of these license servers use [http://www.flexerasoftware.com/producer/products/software-monetization/flexnet-licensing/ FlexNet] by Flexera.
 
[/en]
 
[/en]
  
Line 117: Line 214:
 
Almost all disks that are managed by C&CZ, are being [[Backup|backupped]] regularly, in order to be able to restore data in case of small or large calamities.
 
Almost all disks that are managed by C&CZ, are being [[Backup|backupped]] regularly, in order to be able to restore data in case of small or large calamities.
 
[/en]
 
[/en]
 +
 +
 +
[[Bestand:lijn.png]]
 
[[Category:Hardware]]
 
[[Category:Hardware]]

Revision as of 16:30, 24 September 2020

Servers and Workstations

C&CZ manages ca. 900 Linux workstations and servers, and ca. 900 servers and workstations with MS-Windows, primarily in the domain science.ru.nl. Dual boot Windows/Linux machines are counted twice.


Workstations

C&CZ manages (for departments) workstations with Ubuntu Linux or MS-Windows. There are also workstations in the PC-rooms and Study area for general use by anybody with a Science login, but also by all RU employees and students and guests with a temporary login. Almost all those machines are dual boot, the user can choose to boot Ubuntu Linux or MS-Windows.

Linux login servers

A few secure shell servers are available for Students and Staff of the Faculty (everyone with a Science account). You can use it just as you like, *as long as you do not cause problems for other users*.

The primary login server can be reached with the following address:

lilo.science.ru.nl

The name of the backup login server is:

stitch.science.ru.nl

At the moment, lilo points to a machine called lilo6. Stitch points to lilo5, running Ubuntu 16.04, it is not the default, because the default desktop Linux is Ubuntu 18.04, which is installed on lilo6. There is a test of Ubuntu 20.04 on the new lilo7.

The ssh fingerprints for lilo5 and lilo6 are:

1024 SHA256:g/LY9oywiXFi5jrO93JFImvm5fwYrRxlloefHH1yU2s  root@lilo5 (DSA)
2048 SHA256:VK8+B+OuT+n8JSjoy9uWYw5COb+cZ+01S/pWiAteEtA  root@lilo5 (RSA)
 256 SHA256:NeO+rdPufkFYEgLs6YMWPvMJzOBK9pNlxdjMJzK3OBY  root@lilo5 (ECDSA)
 256 SHA256:zViYANQchkRs6QNPSSoxOkVyA8Ixe7aZCvzcSQEZK7s  root@lilo5 (ED25519)
1024 MD5:2c:ae:19:79:9c:23:7b:f3:d0:49:7a:cb:fa:30:68:c5 root@lilo5 (DSA)
2048 MD5:66:18:8e:fa:bd:d9:83:91:86:f3:0e:35:d1:f5:31:2a root@lilo5 (RSA)
 256 MD5:7d:08:27:61:ac:c8:f1:05:4f:c9:91:2a:83:e5:c3:4f root@lilo5 (ECDSA)
 256 MD5:a4:6c:15:3b:c8:01:7f:d2:65:89:74:c6:32:7f:7e:c6 root@lilo5 (ED25519)
1024 SHA256:JVE0FA1fFGtzbuqP1D6cW8V3fkmqxdCL5H3xRMsiJxc  lilo6 (DSA)
2048 SHA256:c+kPQDMuzf+1uKIJt8RIFOUume0Z1g2UjUOpxXXyCuY  lilo6 (RSA)
 256 SHA256:dRvKM7qcQF8wGZZofYT3/JbSGUXA3l3nadzzqrHvWhE  lilo6 (ECDSA)
 256 SHA256:5PBNahtMibQTmjQgDlBM4OVEJ4fo9vJv/4JTJ1XfXB8  lilo6 (ED25519)
1024 MD5:e7:2c:39:51:18:7a:17:26:c8:55:a1:f8:61:5d:fa:d8 lilo6 (DSA)
2048 MD5:f9:8a:5f:16:7b:2b:6c:42:26:78:c5:bc:a3:94:ed:33 lilo6 (RSA)
 256 MD5:d6:2a:8b:7a:7d:ab:f6:4b:99:5c:9f:be:1e:98:ae:0e lilo6 (ECDSA)
 256 MD5:39:6c:c9:da:a6:3b:3b:48:0e:a0:26:b5:7a:ea:a6:89 lilo6 (ED25519)
 256 SHA256:si3g2elo5m6TShx3PjX0+vF50pZ8NK/iXz/ESB+ZeP0 lilo7 (ECDSA)
 256 SHA256:wHypnsKnhOMcagDli8xSxp2AnRYXAIfs+EVNB1/LdiA lilo7 (ED25519)
3072 SHA256:Ce6uHmTO4693gFgFzSROlkSY2urZLpKm2i2Ibc9tQ6A lilo7 (RSA)
 256 MD5:61:aa:8b:f7:d8:fb:a0:41:a9:ab:3b:33:89:7a:71:fd lilo7 (ECDSA)
 256 MD5:47:0d:11:c8:65:4e:40:24:14:c0:6f:86:55:79:56:dc lilo7 (ED25519)
3072 MD5:2c:54:2a:7b:74:3b:8a:87:ba:80:b8:76:13:c2:eb:d4 lilo7 (RSA)

Restricted ISP's

In case you are behind a firewall that does not permit outgoing connections to the standard ssh port 22: our login servers also allow ssh connections to ports 80 and 443.

Compute servers/clusters

C&CZ manages a number of compute clusters, with compute nodes that departments have purchased. In a few cases, departments have created a separate cluster by also purchasing their own head node (master). The largest cn-cluster also has a node purchased by C&CZ, so FNWI departments may use that after approval by C&CZ. For departments of FNWI the housing and management of clusternodes is free of charge. The cn-cluster is heterogeneous. The newest nodes have SLURM as cluster software, other nodes wil be moved from Torque / MAUI to SLURM. As of February 2018, the cn-cluster totalled 60 nodes with 1560 cores and 8 TB RAM. Several clusternodes have a GPU with CUDA cores. The CPU-load of the clusternodes is being monitored.

The Astrophysics coma cluster with 920 cores, 7360 GB RAM, 600 TB fileserver storage, GPU's and Infiniband interconnect is a separate cluster. Separate clusters are also managed for the RU departments Centre for Language Studies en Donders Centre for Cognition.

Sometimes outside of opening hours also the pcs in the computer labs are used as a compute cluster.

Mail server

On the Do-It-Yourself website each user can see which mail server will store incoming mail for his account. Mail can be accessed with IMAP over SSL. The use of POP3 is supported, but not advised. In every domain managed by C&CZ the alias smtp.science.ru.nl points to the machine that accepts mail with the SMTP-protocol. N.B.: If one uses a (non-RU) Internet provider, our mail server will only accept mail for our (RU) mail-addresses. Most other mail will not be accepted ("Relaying Denied!"). One can prevent this by using the smtp-server of the Internet-provider or by using Authenticated SMTP.

WWW servers

There are several WWW-servers with websites and web applications. A description of the Apache webserver setup is available.

GitLab servers

The GitLab service provides a source code collaboration platform, git repository manager, issue tracker and code reviewer.

The ssh fingerprints for gitlab.science.ru.nl:

 256 SHA256:BSSXi19WgCSpZu5AQkUTtwm+5zAMioQJpFE3oxBrIMQ root@gitlab (ECDSA)
 256 SHA256:7G/4WD/tUE8H0k9MkBznlcx+ZWgUxnn3KazKm1XQwRk root@gitlab (ED25519)
2048 SHA256:NgZ9HciXlwG5JNPSFbem7bBbDbhqaNAO7JHag8rwi/I root@gitlab (RSA)

gitlab.pep.cs.ru.nl fingerprints:

 256 SHA256:pBFiBobAQTozB0xeeMCp3Du2PFtX7YIXw6XRFJSAGH0 root@gitlab (ECDSA)
 256 SHA256:iWfwGvGZ/hdFImBzzG5Bu/y5gqhUkLOdSTYmzl1+k2w root@gitlab (ED25519)
2048 SHA256:lWWFUfhwODG0bBuQJUR8ymlVfqpNHrXk0xbFAoDpTIg root@gitlab (RSA)

Printer servers

Several servers are used to print jobs. See the printer webpage to see which server is advised in which situation.

Disk servers

These servers share different types of files, e.g. home-directories, application-software and disks for departments and groups. All modern servers only have redundant disks, sometimes by using "mirroring", sometimes by use of a "RAID-array". That means that loss of only 1 disk will not cause any problem for users.

For more information, e.g. about renting disc space for departments, see our disc space page.

VPN server

To make it possible for users anywhere on the Internet to use servers and services as if one is connected to the campus network, a VPN service is available.

FTP server

To make the transfer of large files to others simple, there is an FTP service. It can be accessed through the original FTP protocol as well as through the web HTTPS protocol. Anyone with a Science-account who acquired a directory on this server through postmaster, can copy files to that directory in several ways:

 • by logging in to a login server like lilo in /vol/ftp/pub/yourdirectory.
 • by attaching the network drive: \\ftp.science.ru.nl\ftp

By using an unreadable upper directory containing a secret directory, one can even transfer somewhat sensitive data.

License servers

For several software packages there is a license server, that allows use of the software on all pc's, while making sure that the total number of licenses uses is not more than what has been bought. Most of these license servers use FlexNet by Flexera.

Backup servers

Almost all disks that are managed by C&CZ, are being backupped regularly, in order to be able to restore data in case of small or large calamities.


Lijn.png