Author Archive

home server maintenance

Wednesday, July 5th, 2023

Scheduled maintenance will be taking place on our home.phys.ethz.ch file server on Wednesday, July 12, starting at 16:00. The service will be down for approximately 4 hours. We will be replacing the hardware with all-flash storage and upgrade the base system.

Update 18:15: the new home server is open for business. Most SMB + NFS clients will not have survived the 2h downtime and will have to be rebooted. We'll go through the most obvious ones, but if yours won't work, try restarting.

All home directories (Linux, Windows and Mac, SMB and NFS) will be unavailable during this time.

For emergency cases, you'll have read-only access to the backups as described here.

This migration will mark the end of the huge storage migration project of 2023. Thanks for your patience.

group-data server maintenance

Wednesday, May 31st, 2023

Scheduled maintenance will be taking place on our group-data.phys.ethz.ch server on Wednesday, June 7, starting at 16:00. The service will be down for approximately 4 hours. We will be replacing some hardware and upgrade the base system.

All group shares will be affected except IPA, IGP and Galaxy.

For emergency cases, you'll have read-only access to the backups as described here.

2022 in review

Tuesday, December 13th, 2022

This post is meant to give you a short overview of what has been accomplished in D-PHYS IT by ISG this year. We’ve been hard at work to further improve and extend our services for you, our customers. Since it took us almost exactly one year to fill our vacant Linux System Engineer position (once again: welcome Sascha!), we didn't have as much capacity for innovation as in previous years and had to focus more on system maintenance.

Some highlights of 2022:

  • Mail server: the D-PHYS mail server got an OS upgrade in spring and was migrated to our general hypervisor setup, which adds redundancy and facilitates maintenance. In addition, work is in progress to support DKIM and further tighten our SPF and DMARC settings.
  • Web server setup: the main D-PHYS web server got an OS upgrade in spring, test and staging environments and optional ssh access for power users.
  • Infrastructure work: our Ansible deployment setup was further extended and refined and the first Windows servers have been added.
    Work has started to replace the Sophos virus scanner on managed Windows workstations.
    We migrated our floating licenses from three servers to a single high availability server.
    Within the next year, we'll migrate all eGroupware users to the new SOGo calendar.
  • Storage: in 2022 the disk space occupied by data and backup grew from 3.7 PiB to 4.8 PiB, marking a significant annual growth in storage volume. A major storage migration is due in early 2023.
  • Matrix/Element: This year we counted 737 active users, who sent 1'019'205 messages in 5'259 rooms that were created on our server. Our users also participated in 423 other rooms where 1'190'446 messages were sent. Two additional research groups migrated from Slack to Matrix.
  • ISG lecture series: our Basics of Computing Environments for Scientists lecture series was held twice in 2022 with surprisingly low attendance.
  • Outages: apart from some short-term network interruptions, our systems were pretty stable in 2022, with the notable exception of a localized "3 dead disks in a RAID6" disaster in September.
  • OS upgrades: most managed Linux workstations were upgraded to Ubuntu 22.04 and the majority of servers are now running Debian bullseye. The Windows team prepared a new LTSC release and a Windows 11 setup. The managed Macs were all upgraded to macOS Monterey.
  • Software upgrades: mostly incremental upgrades in our Windows and Linux software list this year.
  • IT security: with the world being what it is, IT security plays an ever increasing role in our work and permeates all our plans and projects. We also take part in the current rewrite of ETH's IT security regulations.

I would like to take this opportunity to thank my whole team for their hard and dedicated work all year long.

Happy Holidays and see you in 2023!

new ISG staff member

Thursday, October 6th, 2022

It is my pleasure to welcome Sascha Giger into our group. He joins us to complete the Linux team.

Welcome Sascha!

2021 in review

Friday, December 17th, 2021

This post is meant to give you a short overview of what has been accomplished in D-PHYS IT by ISG this year. We’ve been hard at work to further improve and extend our services for you, our customers. Some highlights of 2021:

  • Network migration: as first announced in 2018 and later detailed in July of this year, we had to completely restructure the D-PHYS network this fall. This reorganization was prompted by a segmentation of the router infrastructure at Hönggerberg and will render the network more redundant and resilient. Visible changes include a NAT network, new DHCP/DynDNS technology and the foundation for IPv6 in all network zones.
  • Hypervisor setup: we run a lot of virtual machines at ISG and this spring we remodeled our hypervisor infrastructure to make it more flexible and capable. Hourly snapshots now give us the possibility to roll back if something goes wrong in a VM. It also allowed us to move our InfluxDB server to an SSD backed hypervisor, increasing performance and stability.
  • Office 365 migration: the Microsoft Office suite was upgraded to M365 on all managed Windows workstations this year.
  • Proprietary software woes: two major software companies caused us (and you!) a lot of headaches this year: on July 5, Microsoft broke Windows printing while trying to fix a security problem and it took them until the end of November to really repair it for everyone. Good job. Meanwhile, Adobe managed to break Acrobat logins for months on end and there's no general solution yet.
  • Windows configuration synchronization: the technology used to sync your desktop settings between managed Windows workstations was migrated from 'roaming profiles' to UE-V this year for greater speed and better reliability.
  • New lab PC backup solution: after we've had a good experience with our 2020 laptop backup system based on restic, we set up a similar system for lab PCs in 2021. We're currently migrating the last machines from the old BackupPC server.
  • 2021 Hardware Crisis: you might have noticed that a lot of hardware components are only available at outrageous prices, lead times measured in months or just not at all. The situation is especially bad for graphics cards and storage components.
  • ISG lecture series: reacting to a growing demand for IT-related knowledge in the department, we established the Basics of Computing Environments for Scientists lecture series that we'll repeat each semester.
  • Matrix/Element: in 2021 we continued to extend the feature set of our popular chat & collaboration system. We contributed bug fixes and lots of time in bringing usable maths support into Element (our supported Matrix client) as this was our number one most wanted feature. The second most wanted was better support for managing groups, which was added this year with spaces. Behind the scenes we have been scaling out our homeserver to keep up with the demand and continue to be stable and responsive. This year we counted 702 active users, who sent 927'123 messages in 4'571 rooms that were created on our server. Our users also participated in 396 rooms that were not created on our server where 731'451 messages were sent.
  • Storage: in 2021 the disk space occupied by data and backup grew from 3.2 PiB to 3.7 PiB, continuing the obvious trend of ever-growing data. In spring (just in time before the 2021 Hardware Crisis) we replaced the older disk backends in our SAN with fewer, bigger disks.
  • Outages: apart from some short-term network interruptions, the only noteworthy service interruptions this year were two update-induced storage hiccups on June 10 and December 7.
  • OS upgrades: most managed Linux workstations were upgraded to Ubuntu 20.04 and a first batch of servers are now running Debian bullseye.
  • Software upgrades: mostly incremental upgrades in our Windows and Linux software list this year.

I would like to take this opportunity to thank my whole team for their hard and dedicated work all year long.

Happy Holidays and see you in 2022!

Rethinking groupware

Tuesday, October 12th, 2021

In August of 2010, we introduced our groupware solution for D-PHYS. In the last 11 years the system has served the Department well, but we believe now would be a good time to think about the future of groupware at D-PHYS. Here's an incomplete list of things we noticed over the years:

  • the groupware system seems to get used almost exclusively as a calendar
  • for distributed calendars, the world and people's expectations have changed
  • file and sync formats have come and gone
  • 17 people will have 634 completely orthogonal and incompatible use cases for calendars
  • the product that won our evaluation round in 2010 is not necessarily the best system for 2021

We have sampled the market and test-installed several candidates, but since our humble ISG-internal calendar only covers one very specific use case, we strongly encourage you to give us your feedback so that the next D-PHYS calendar solution will suit you well. In particular, we're interested in learning

  • are you using any other egroupware module(s) aside from the calendar? If you don't tell us about it now, a potential replacement may not have this functionality!
  • what's your current calendar use case? Just a personal calendar? A group calendar? In which configuration?
  • what's your desired calendar use case? This might be the most interesting thing to learn...
  • which sync protocols/devices are you using?
  • what other software/products/services have you been/are you using?

If you would like to help make sure the next evolution in distributed D-PHYS calendars is a success, please join our Matrix room and participate! Thanks a lot.

2020 in review – Corona edition

Thursday, December 17th, 2020

oh boy, what a year.

This post is meant to give you a short overview of what has been accomplished in D-PHYS IT by ISG this year. We’ve been hard at work to further improve and extend our services for you, our customers. Some highlights of 2020:

  • Home office: on March 12, due to rapidly rising Covid-19 numbers, ISG was sent to work from home, along with most of the department. While we had somewhat anticipated this step and were prepared for it, the first two weeks were very busy because we had to assist a lot of people who weren't. In the end I believe we got everyone set up and we have been fully operational from home with only occasional individual visits to the office since then.
  • Matrix/Element/Riot: one of the most pressing issues with everyone working from home was an efficient and versatile tool for team communication. We had started internal tests of our Matrix chat system in late 2019, but then intensified our efforts in February and were able to release the system for general D-PHYS availability in home office week (HOW) 2. During the course of 2020, we continually kept working on the system and added new exciting features.
    We also run a Jitsi instance for privacy-aware video conferencing.
  • New laptop backup: our traditional BackupPC backup system for laptops and lab computers relies on each backup client to be reachable in the D-PHYS network, which obviously didn't work any longer in the home office regime. In HOW 17, we released a new backup system for laptops that works from any internet connection worldwide. Unfortunately, only very few of you have signed up for the service so far. Please make sure you have a backup of your laptop!
  • Ansible deployment: more servers and finally also the managed Linux workstations have been added to our ansible configuration management, allowing for completely automated installation of our systems.
  • Network migration: the extensive Hönggerberg network reorganization we reported two years ago hasn't seen much progress by Informatikdienste, but we have been working on our side to make the first steps. In early 2020 we migrated the dhcp.phys DNS service from our servers to ID's as a prerequisite for the eventual Gebäudezonen split.
  • Storage: in 2020 the disk space occupied by data and backup grew from 2.7 PiB to 3.2 PiB, continuing the obvious trend of ever-growing data. We have now also started the process of phasing out the oldest disk backends in order to replace them with fewer, bigger disks.
  • Software licenses: in the past 12 months, both Adobe and Microsoft decided to switch to a new license system in which each installation requires a license tied to a personal user account. In future, we can't create or extend your Adobe or Microsoft licenses for you, no matter how often you ask us to. You have to do it yourself, according to our instructions for Adobe and Microsoft (you might also want to think about switching to less oppressive software alternatives).
  • Outages: apart from two pre-announced storage migration windows (one of which took a bit longer than expected), 4 h of mail server hardware issues and some short-term network interruptions, our systems have been very stable in 2020. We are aware of the fact that wifi is quite often an issue, and we're trying to convince Informatikdienste to take it seriously.
  • OS upgrades: The Windows team was active migrating the Windows 2016 servers to 2019 while on the Linux side the first workstations were upgraded to Ubuntu 20.04 and most servers are now running Debian buster.
  • Software upgrades: mostly incremental upgrades in our Windows and Linux software list this year.
  • UCC: in February, the old non-VoIP phones in HPT, HPF and HPK were replaced by shiny new ones, just a few weeks before we were all sent home...
  • ISG staff changes: Patrick Schmid left us at the end of 2019 and was replaced by Maciej Bonin in February. Christian Schneider was replaced by Stephan Müller in September. And finally, Sukash Sugumaran superseded Janosch Bühler as our apprentice.

I would like to take this opportunity to thank my whole team for their hard and dedicated work all year long.

Happy Holidays and see you in 2021!

new ISG staff member

Tuesday, September 22nd, 2020

It is my pleasure to welcome Stephan Müller into our group. He joins us to replace Christian Schneider in the Linux team.

Welcome Stephan!

Hardware failure on mail server

Thursday, August 27th, 2020

Update 09:45: the mail server could be recovered. It'll take some time for all queued incoming mail to be delivered.

Early this morning, a RAID controller in the D-PHYS mail server died. We're trying to get replacement parts later today. In the meantime, there's no access to email.
We apologize for the inconvenience.

New backup service (beta)

Friday, July 10th, 2020

TL;DR we have a new backup solution mainly for laptops that frequently leave campus and are looking for testers.

Among the many things we had to learn during the Corona-induced home office stint, one particularly interesting one was: which of our services do work from outside the ETH network, and which do not. I'd like to believe we fared rather well in general, but one glaring counter-example is our BackupPC service for lab and laptop computers. It relies on the client machine having a .dhcp.phys.ethz.ch host name, which only works on wired campus connections. We understand this meant missing backups for those of you who had to take machines off-campus.

In order to be prepared for a second wave, we've partnered up with our colleagues of isginf to provide a lab/laptop backup system that works with whatever network connection you have available. It's based on the tried and tested Open Source restic backup solution that runs on Windows, Linux and macOS clients.

At the current stage we're looking for early beta testers. Since lab computers are typically still in the lab and continue to work fine with BackupPC, laptop users are currently most interesting for us. So if you'd like to test out our road-warrior compatible backup solution, please get in touch. Be aware that this service still has some rough edges, but we'll walk you through all necessary steps and the backup runs themselves have been working fine for weeks now.