October through December 2008
Application Management and Integration Team (AMIT)
Major efforts this quarter of AMIT focused in several
areas: Configuration Management, Thalia support, IS&T
Website project and config and community development
for developers.mit.edu. AMIT responds to a wide range
of support requests within ISDA and for SAIS and CCS
as well as the larger MIT community.
The Configuration Management project was performed in
concert with OIS Server Ops to better leverage the
Radmind tool previously selected by team members from
Server Ops and ISDA. Server Ops has already been using
Radmind (developed by University of Michigan) for quite
a bit on its server deployment and ISDA is utilizing the tool
for the next layer of middle tier software and application
management where appropriate. This resulted in some changes
to how Server Ops had initially intended to handle things
to better accommodate application needs. Server Ops and
ISDA collaborated well to work thru these issues. While
this effort continues to be a work in progress we are
seeing benefits of server software deployment and config
reduced from about 5 hours to about 17 minutes. ISDA
will still need to go back and reconfigure already
deployed systems in this new fashion to fully realize the
benefits but going forward looks very promising.
Thalia support continues as Thalia reached a production
status. Thalia use of Alfresco continues to be challenging
from the server software management perspective. We spent
time streamlining processes for backups and responding to
various configuration and software deployment requests
from the Thalia development team.
The IS&T website project pushed us to resolve issues around
PHP configuration and support along with Drupal config and
integration with Touchstone. Our experiences with this project
and Drupal/PHP have benefited the creation of the developers.mit.edu
web site and aided HR and DCAD with their own deployments and
integration concerns with Touchstone.
The Systems and Application Monitoring and Metrics effort has not
yet begun due to other work.
Last quarter our people resources were dramatically impacted by
having to perform server restarts on behalf of Alumni for the
Alfresco CMS. We worked with Joe Calzaretta to provide the users
a capability to restart the CMS by themselves and this has made
the users immensely happy and has reduced our effort in support
of Alumni to nearly zero.
AMIT also spent a fair amount of time evaluating our servers, virtual
and real, determining there were a number of systems no longer required
or could be converted to VMs. We eliminated several systems in our
co-lo rack space and utilized the better systems to improve our VM
playground. All this resulted in approximately $40K of savings of
our hardware budget and positioned ourselves to better respond to
requests for playground systems.
ATHENA (9 and 10)
We largely completed the Athena 10 cluster release as a follow-on
the Athena 10 Preview release from last quarter. We are still
targeting end of IAP or February 2009 (or so) for the Athena 10
test cluster and beyond with being ready for Athena 10 quite a bit
before summer 09. Several patch releases were handled for Athena 9
to maintain various end user software and security patches. We
expect Athena 9 updates to slow as we continue towards summer.
Developer Software
Work continues addressing issues of our Web Services infrastructure.
We continue to review previous work in this space to better understand
community needs and refine (fix) issues previously left open like
proper integration of IDE (MyEclipse) with Maven repositories and
how to properly provide a service of a Maven repository. This work
has been presented to the Java Users group. MIT Application Platform
(MAP) has been re-positioned as a Community outreach effort and the
software stacks (presently Java). It is not clear whether or not
MAP will survive as a software stack as community participants have
already diverged from the SASH Server provided. The developers web
site appears to be a promising effort as a community function.
We have looked at various continuous build servers (we currently
have Bamboo and Continuum - we seek to deploy only one build service
and have more thoroughly explored the one's we have along with Hudson
and also explored alternative maven repositories such as Nexus, Archiva
and Artifactory. We will likely settle upon Nexus and have not yet
finished determining which continuous build service to provide.
The Web Services Working Group has been initiated and led by David
Tanner. This WG is intended to be the likely mechanism for guiding
the creation of Web Services going forward and defining reasonable
coding and deployment practices. While initially comprised of ISDA
members, this will change to include other IS&T members next and then,
hopefully merge better with the developer community.
Identity Services
The perMIT project has been stalled. Q1 caused delays for administrative
reasons as we shifted how we addressed the personnel aspects of the
project. Q2 was spent trying to find a full-time developer to meet the
needs of the project and beyond. During this quarter we were unsuccessful
filling this position. The project remains delayed.
Touchstone continued to spin up. Paul Hill gave an ITAG presentation to
over 60 members of the IT community with terrific interest and response
to Touchstone enabling of applications around the Institute. Touchstone
has joined the InCommon Federation which will quickly yield free student
access to Microsoft SDKs for download. With Touchstone/CAMS finally live, we
spent a fair bit of time working with key applications on how to migrate
to using Touchstone as the primary access mechanism and processes for
migrating external accounts into CAMS. We continue to pursue the issues
around Touchstone/CAMS becoming an Identity Provider of Last Resort for
InCommon. MIT will have a seat on the InCommon Technical Advisory Council.
Touchstone statistics are reflected below.
This quarter we managed the development aspects of cleanup work for the
RolesUI with DRS as our customer. We managed the work flow and the
contractor for getting as much of the work outlined as possible and
ensuring the RolesUI web service aligns with our direction for supportable
services. AMIT handled the deployment issues and Dev Software addressed
a number of integration, coding and structural issues with the contractor.
This work is scheduled to completed on time in the worst case, likely
finishing early.
DSPS has been working closely with NIST to develop a next generation
directory service (ldap.mit.edu) preserving the current uses of the
directory while supporting realtime Moira data population in support
of useful data delivery to applications. In example, our Wikis service
has suffered 3 to 4 hour delays for group management via Moira resulting
in frustrations from users. This new directory service will also be
utilized for realtime mail routing, DHCP services and even limited
authentication for LDAP only applications such as the PGP server for
the HIDP project. This service will be replicated in multiple data
centers with multi-master replication. The server software is open source
and free, built on the redhat fedora project having roots in the iplanet
directory server. In the coming quarter we expect to also develop a new
web interface for users to manage their groups and memberships. This
work will be performed in concert with ISDA/CCS.
----------------------------------------------------------------
Touchstone Statistics
Core IdP Application Access involving authN: 49473
Core IdP Application Access "single sign-on": 17230
Total App Access requests for Core IdPs: 66703 (Q1 was 33418)
Core IdP Access by application: (12 service providers)
Stellar = 62144, Wikis = 1502, Jira = 1474
Teamspaces = 1386 (Q1+Q2 = 1710)
Core IdP by AuthN Method:
username/password: 45224
MIT certificates: 3224
Kerberos: 1025
CAMS IdP Application Access involving authN: 99
CAMS IdP Application Access "single sign-on": 119
(Only one authN involved OpenID. These numbers remain low
as Stellar and Wikis have not converted to using Touchstone as
primary access mechanism.)
CAMS IdP Access by Application: (4 service providers)
Teamspaces = 90
-----------------------------------------------------------------
Web Services Statistics
Avg response times (success/exceptions) in milliseconds:
Geo(1202/708), UA(113/61), MITID(4194/1830), Moira(84/136)
MITID has interesting heuristics affecting it's times hence the multi-second
response. This is normal.
July through September 2008
...