Meeting Date

• TEAMS: 2024-03-20

Invited

Anthony (group leader), Lori, Dave, Clayton, Guoxiang, Nathan, Nick, Todd, Ed, Devon, Gwen

Attendees

Review and accept previous meeting minutes.

CsLWGMeeting20240306

Review last meeting's Action Items

linux.cscf.uwaterloo.ca

• Blocked on comprehensive review of authentication/authorization configuration, work proceeding

New DFSc Hardware

• Vendor failing to provide reasonable updates
  • Vendor says they've had to make changes to our order and that there are delays, no specifics yet. Changes need to be made to the order due to hardware shortages

DFSc Performance

• Going to Plan B, cobbling together available non-rotational storage
  • Statistical analysis of data OSD performance revealed this would not be particularly helpful, plan abandoned.
• Looking into adjusting the balance of placement groups on the cluster to better distribute load -a2brenna
  • Rebalanced cluster
• Turns out much of the cluster is in spillover but its not being reported due to a known bug.
  • Cluster was half-upgraded last summer, most OSDs affected by this bug.
• First CS136 VSCode assignment is done, cluster performed fine. Observed noticably less load, but performance improvements to OSD IO scheduler are also perhaps very effective.
  • Snapshots were previously enabled until March (and re-enabled in July, then off again in September)
• Looking to re-enable snapshots for GENERAL environment to provide some live testing
  • Relatively low traffic

Disk Benchmarking

• Looking for any and all suggestions on disk performance benchmarking utilities
• kcbench (dmerner) - https://www.mankier.com/1/kcbench
• fio - found specific test results in old DFSc tickets, possibly useful for gauging relative performance.

Inventory DNS Bugs

• Reminder: A bug exists where changing the room of an inventory record with DHCP enabled will remove the MAC address from ipam (and therefore breaks DHCP)
• Inventory doesn't respect internal/external IP <-> domain relationships
  • Still not fixed, but drallen spoke with Ryan Goggin about a manual workaround in IPAM - https://rt.uwaterloo.ca/Ticket/Display.html?id=1285291#txn-33938558
  • tl;dr - You'll need to manually specify the DNS server as authoritative (internal) or external as appropriate on an IP record OR
  • You can manually create the DNS record in the correct zone (requires DNS module access)

Antivirus

• IST wants to deploy SentinelOne end point security agents on all devices
• INF group to deploy on all workstations
• Can it be configured in a "watch don't touch" mode? Does any stats get sent to third-party/off site servers?

Comments