ess update april 21, 2005. introduction aaron andersen manager dorothy bustamante administrator joan...
TRANSCRIPT
ESS Update
April 21, 2005
Introduction
Aaron AndersenManager
Dorothy BustamanteAdministrator
Joan Fisher Administrative Assistant
Gary New (ASH) Lana Stillwell (ASH)
Computer Production Group
Linda LaBrie (GH)Ken AlbertsonSusan AlbertsonGary GardPaul GoodmanJirina KokesRaisa LeiferKelly MeeseKatrina Smith
Distributed ServicesGroup
Mark Uris (GH)Ed ArnoldJohn FoxJohn FrudegerScott HaysRich Johnson (SEC)Lynda McGinley (SEC)Herb PoppeGreg Woods (ASGH)
Applications and Information ServicesGroup
Lana Stillwell (GH)Julie ChapinBo ConnellLeif MagdenRosemary MitchellMichelle SmartIngmar Thompson
Web EngineeringGroup
Marcus Stobbs (GH)Tatiana BurekMyra CustardAndrei RodionovLeonard Sitongia
Infrastructure Support Group
Gary New (GH)Julie HarrisStan McLaughlin
Enterprise Services Section
The ESS Vision
To efficiently create cost effective opportunities while continuing to
synergistically supply enterprise-wide paradigms to meet our customer's
needs Courtesy of Dilbert Mission StatementGenerator
Better ESS Vision
Git-R-Done!
ESS Vision
The enterprise IT service provider for the organization
Getting IT Done
Getting IT Done
• Integrity – deliver what we promise
• Efficiency
• Quality– Service– Support
• Security – an insecure service is unusable
• Fun – celebrate our successes
Strategy
• Foster a team environment– No quicker way to make me mad than, “None of us is
as dumb as all of us”
• Evaluated on our team efforts as much as individual efforts
• More resources towards fewer projects at any given time– Complete the same or maybe more projects in a year– We don’t have to say “no”, we may have to say “not
now”
Project Prioritization
ESS Current Project List• Data Center Expansion• Next Generation Authentication• WEG Test System• Database Redesign• Directory Services• SCD Portal (JA, GAU, WORD)• SCD Customer Support System• Central Hub for Customer Support• Upgrade ESS Website• Automate Blue Folders• CISL Downtime/Change Control• Document Web Cluster• Vavoom• Collab. Portal and Software
Development• Content Management System• WEQC• Desktop/Laptop Purchase• Security Gateway Servers• Ad Hoc Accounting
• Computer Room UPS Electrical Distribution
• Deep Cleaning and Floor Restoration• UMF Push Model• SKIL 3.0• Triage Troubleshooting Index for
Operations• Traffic Shaper/SSL Acceleration• Redesign NOC• CVS• License Management Servers• Install AHU M• Chilled Water Expansion Project• Access Control• Hosting Realignment• Central Notification System• Allocation Change Policy• Access Control• Enterprise Mail Server• Storage Area Network• Server Infrastructure Review
Narrow Focus
• ESS Management examined this project list and determined we had too many current projects.– Working all open projects spread staff too thin– Could not do a good job on all projects– Needed to choose top projects and focus resources
• Categorized projects– Critical– Urgent– Important
• Categorization based on:– Impact of project on organization– Any dependencies for other projects
• Critical and Urgent needed to be completed regardless.• Need to prioritize Important
Critical and Urgent Projects
• Data Center Expansion• Chilled Water Expansion• Central Hub for Customer Support• SCD Customer Support System• Desktop/Laptop System Purchase• Security Gateway Servers• License Management Servers • Electrical Distribution
Important• Next Generation Authentication• Directory Services• SCD Portal• Ad Hoc Accounting• Enterprise Mail Server• Storage Area Network• Server Infrastructure • Central Hub for Customer Support• SCD Customer Support System Implementation• Triage Troubleshooting Index for Operations• Traffic Shaper/SSL Acceleration• CVS
• Re-design NOC
Narrowed Focus Further
• Reduced list to seven Highly Important Projects– Next Generation Authentication– Directory Services– Enterprise Mail Server– Storage Area Network– Server Infrastructure Review– SCD Customer Support Structure– SCD Customer Support System Implementation
(Extraview)
Prioritization
• ESS management team ranked these projects based on the project prioritization methodology introduced in Matrix Management class.
• Major Considerations– Dependencies– Improving customer support– Divisional need– Sectional need
What does this mean?
ESS will focus resources on these Critical, Urgent and Highly Important projects to get them completed.
ESS will continually re-evaluate the project list to determine priority projects to focus on. Will assign resources as appropriate.
ESS will work smarter and more efficiently.
Rankings
1. Directory Services2. SCD Customer Support Structure3. SCD Customer Support System
Implementation (Extraview)4. Next Generation Authentication5. Server Infrastructure Review6. Enterprise Mail Server7. Storage Area Network
Project Process
• Standardize process across the section– Methodologies– Documentation– Status reports
• Benefits– Improves communication– Provides mechanism to keep management
informed
Life Cycle of a Project
• Kickoff
• Draft Charter
• Communication plan
• Requirements
• Design
• Testing
• Implementation/execution
Overview of Top Projects
Project ChartersChilled Water Expansion
Install Mesa Lab Electrical Distribution Gary New
SCD Customer Support Structure Linda LaBrie
Directory Services
SCD Customer Support System Implementation (Extraview)
Lana Stillwell
Desktop/Laptop System Purchase
Security Gateway Servers
Server Infrastructure Review
Enterprise Mail Server
Storage Area Network
License Management Servers
Mark Uris
Next Generation Authentication Markus Stobbs/Lynda McGinley
Data Center Expansion Aaron Andersen
ISG Main Projects
• Chilled Water Expansion
• Mesa Lab Computer Room Electrical Distribution
SCD Customer Support Structure
Initial Point of ContactHelp Desk
(CPG)
AllocationsAccounts
Resource Usage(AISG)
High End SystemsConsulting
User Community Svcs.(CSG)
Desktop/Client Support(DSG)
Mass StorageAdministrationDevelopment
Enterprise ServerAdministration
SupercomputerAdministration
ApplicationDevelopmentData Analysis
Web Engineering
Front Line
Specialized
Research & Engineering
Help DeskManagement
Second TierManagement
Primary External User Interface
SCD Customer Support Implementation (Extraview)
• Define requirements– Staff input– Business rules associated with new support structure
• Design & Implement in Extraview• Staff training• Timeframe (~6 months)• Data transfer• Mean time? (Remedy as is)
Next Generation Authentication
• Single sign-on– Interactive shells– Active Directory– File Server– Web Applications– Internal web pages
Guiding Principles
• Strong security
• Single sign-on
• Limit burden on users
• Backward compatibility
• Transition period
How might it work?
• UCAS token single-sign on– One-time password (OTP) via Central
Authentication Server (CAS)– Receive Kerberos ticket– Kerberos-aware services and web-apps
authenticate you based on your ticket
Web Authentication
• Backward compatibility for UCAS passwords
• Research Kerberos web solutions• Place any burden on servers and apps not
client browsers• Code examples for implementing Kerberos
in web apps
Server Infrastructure Project
Server Infrastructure Project
• Decommission systems (MIGS,IRJE, mesa1 & 2)
• Consolidation of user front-end servers (niwot, meeker, k2, longs) onto new Sun V890 server
• License management servers (ACCIS)
• Review other server configurations and interactions
Desktop Deployment Project
• Desktop strategy approved by SCD Exec.• Purchase and replace desktops/laptops
twice a year (January, June)• Standardization of hardware and software
around Windows, MacOS, and Linux• Initial installation of applications and
patches are being automated • Additional system setup and configuration
will be done by CPG/DSG
Enterprise Mail Server Project
• ACCIS project from DIG report• Used for receiving and storing division e-
mail (UCAR mail relay is separate service)• System is configured in a high-availability
configuration to minimize down time• Niwot, MS Exchange, and cyclone user e-
mail accounts were moved to system• MMM and ESIG are interested in moving
their users e-mail to new server
Security Gateway Servers Project
• CSAC project being done by UCAR security• Only access to UCAR interactive systems will be
through roy, VPN, and gateway servers• Servers such as meeker, niwot, and db will be
protected by gateway servers, as well as, workstations
• Servers such as ftp and web are still exposed• One time password authentication (similar to
roy)• Secure file transfers using store and forward• Outbound ftp proxy for users
Storage Area Network (SAN) Project
• CU/SCD joint project on shared file systems in a large production environment
• Tested ADIC’s StorNext file system between two Sun using SAN technology
• Setup production shared file system between huron and dataportal (both Sun V880s)
• Currently sharing 24 Terabytes that will double in immediate future
• Expand test bed to include other vendors than Sun (SGI, IBM, Linux releases)
Data Center Expansion
• Currently in final portion of conceptual design– Cost estimate– Peer review
• Assembly of documentation to present to NSF• Middle of May
– Presidents Council– NSF management– Board of Trustees
Design Concepts
Land for 20 Years
Building Shell for 10
Outfit for 5Strategy preservesinitial capital investmentas computing hardwareevolves rapidly.
Majority of cost in thistype of facility in outfittingmechanical and electricalsystems.
Facility Design Concept
20,000 sq. ft.4 MW
20,000 sq. ft.4 MW
20,000 sq. ft.
M/E Space
Computers
Staff/Support
20,000 sq. ft.4 MW
20,000 sq. ft.4 MW
20,000 sq. ft.
Initial ModuleModule 2 Module 3
20,000 sq. ft.4MW
20,000 sq. ft.4 MW
20,000 sq. ft.
Expand laterally
Architectural Detail
Office Space
Network Operation Center
Data Center
Mechanical/Electrical
Architectural View
Phase 2 Addition
Phase 3Addition
Culture
NCAR Culture
• What makes a successful company?
• What role does a section play in the overall success of the institution?
• Can a company be successful with everyone “doing their own thing”?
Roadblocks
• Lack of information sharing
• Baggage from past experiences– Personal– Professional
• Lack of “BIG PICTURE” strategy sharing
• “I’ve heard this before”
• Foxholes – “I have been through four bosses before, and I will outlast you”
Lack of Information Sharing
• What information is appropriate to share?
• How do you convey the big picture, without compromising political sensitivity?
• Assuming others know what they need to know in order to achieve success
• Time constraints – ever try to just visit with your doctor for more than five minutes?
Baggage from the past
• Personal experiences, relationships
• Professional experiences– Humiliation– Lack of appreciation– Longevity
BIG PICTURE
• When all parties understand the big picture, all can be working toward that objective
• Management should facilitate creativity and professionalism, not dictate it
• If any of us fail, we all fail. No sacred cows here.
Present strategies
• Data Center expansion – We are looking at an expansion capability at NCAR. This objective however is not achievable for at least four to five years.
• The short term strategy is to “max out” our current facility and hold it there until the expansion can be built.
• With this in mind, it is important to get operations as efficient as possible at the Mesa Lab.
“I’ve heard this before”
• This sounds like the same old thing
• “We’ve always done it this way”
• “Nothing is going to change”– It is going to change because it has to change– The future is going to become increasingly
more demanding
• “We have no choice”– Everyone has a choice to make
Foxholes
• An office or cubicle can be used as a foxhole.
• Stay off the radar screen to avoid any trouble
• Should people have a “guaranteed” job?
Customer Service
• Identify who the customer is• What resources are available to serve the
customer?• Is a co-worker a customer?• Compartmentalization – with the
interdependence of systems we can no longer view ourselves as an island unto ourselves.– “That’s not my job” is not an acceptable customer
service approach.
Core Competency
• What is our core competency?
• What is our customer focus?
• What things could put us out of business, as we know it– What are the tools necessary for us to do our
work?– Have our customers needs been truly
identified?
Necessary Tools
• Facilities
• Systems
• Vendor support
• Networks
• All are necessary for us to do our jobs
What is our responsibility?
• Our responsibility is to look out for our areas and be aware of other areas which might be affected by our actions– Short term solutions may create problems for
long term strategies.– Once a master plan is developed, it should be
made aware to all to achieve a common objective
Security
• Security is everyone’s concern. If we are to continue doing business, we must maintain a level of security which will protect the systems while keeping them accessible to our customers