IT-protoDUNE coordination (Single Phase and Double Phase)

Wednesday 1 Jun 2022, 15:00 → 16:15 Europe/Zurich

Ignacio Coterillo Coz (CERN)

Coordination: JIRA, Minutes, etc. https://twiki.cern.ch/twiki/bin/viewauth/ProDUNEIT/WebHome

Join Zoom Meeting

https://cern.zoom.us/j/95006476108?pwd=NjIyVGRtZy92SUROaVVPeGNQcXRtdz09

 

Meeting id: 950 0647 6108

Passcode: 08430992

 

 

 

 

Present: Elisabetta, Denis, Ignacio, Pablo

______________________________________

 

Round table:

* 2FA People using puppet might be exposed to this change. 

* Egroups change: "Any e-group user" option for accepting messages will be dropped. 

 

Elisabetta: Taking data regularly, using FTS to transfer data, and things go well without issues. Monitoring working well. Rate changes depending on the amount of data being taken.  FTS is very stable. All the files being transfered are 3GB.

Denis: Question on 2FA. Could you please elaborate on how the puppet users will be affected?

Ignacio: Users of aiadm and of foreman will be affected. If you are in an egroup that has access to it, whenever you go to a CERN SSO. 

Ignacio: We will ask our colleagues if we can check if your user is there.

 

Next meeting: 6th of July

__________________________________

8th of June:

Present: I. Coterillo, P. Saiz, M. Kirby, S. Timm

 

The 2FA, even if was announced for the 7th of June, it might be postponed. 

M. Kirby: What is the secondary key?

I. Coterillo: There are yubi keys, and also a phone application

 

I. Coterillo: There might be an announcement of the new coordinators and secretaries. You might be notified during the coming days/weeks

 

Roundtable:
 

M. Kirby: Not much to add.  MP04 regular operations. Putting them in cryogenic box, and doing tests. 10-20 TB of data for each of the four periods (each period of four days).100TB of data between now and next month. 

Change of schedule for data challenge. It will be on June 20th , and it will go for 5 days. 500TB of data to be moved out of CERN. Testing moving data from experimental hall to EOS

I. Coterillo: Was the dashboard that we found enough?

S. Timm: Do you mean the list of people?

I. Coterillo: No, with the list of people there was also a link

S. Timm: Sorry, I didn't follow that link. 

I. Coterillo: This is https://monit-grafana.cern.ch/d/veRQSWBGz/fts-servers-dashboard?orgId=25

S. Timm: Yes, this is indeed very useful

M. Kirby: I do not have access

I. Coterillo: We will check offline and make sure that you can connect.

S. Timm: The next round will be in September. 

 

S. Timm: No update on beam/no beam for the fall

M. Kirby: Beam might be potentially available for two weeks, but it is not clear if the horizontal drift will be ready. The plan for the horizontal drift is continue with cosmic data for seven months, which will overlap with beam time May/Jun/July 2023.

 

 

I. Coterillo: For the next meeting, shall we schedule it for the 13th of July?

M. Kirby: yes

S. Timm: Yes

15:15 → 15:30 Roundtable

From IT:

• 22nd of June: OTG0071250. Changes in egroups: The “Any e-group users/CERN users” posting restriction will be removed, and any e-group using it will be updated:
• Scenario 1) If the e-group received one or more message(s) from the Internet since 1st of August 2021, the posting restrictions will be converted to “Everyone”
• Scenario 2) If the e-group did NOT receive any message from the Internet since 1st of August 2021, then the posting restrictions will be converted to “Everyone” with additional flag “Restrict to authenticated senders”
• Two-factor authentication ("2FA") is the silver bullet in protecting computing accounts against any kind of abuse. Thanks to the Identity Management Team, you can now more generally protect your CERN account by using 2FA: In order to access CERN web applications protected by CERN's new Single Sign-On (SSO), the new CERN SSO will require the 2nd factor about every 12 hours when staying in the same browser session (websites behind the old SSO are not affected as the old SSO has to die).

Always using 2FA with the new SSO ("2FA-WINS") has been approved now by the IT Architecture Review Board. As the next and final step, we will make this 2FA protection mandatory for all people who are already using 2FA today for accessing certain critical services (like web-based IT infrastructure or administration tools like Foreman, BE ROG, procurement/accounting, etc.). 2FA-WINS roll out is planned for AIADM power users next Tuesday (June 7) as well as the IT department (June 13) and ROG power users (June 20). All other ROG and AIADM users, i.e. those who already use 2FA, are supposed to come in the second half of June, and discussions with more critical user communities have been started. If you want to try it out before, feel free to opt-in through this e-group !

15:30 → 15:35 AOB