The Computer Service groups runs the institute's central mail, print, software, backup and web servers, as well as file servers for the various departments and Max Planck Research Groups, all running the Linux operating system. Backup remains based on IBM Spectrum Protect (formerly Tivoli Storage Manager); currently the total backup data volume approaches 540 TB, 140 TB of which are archived data, the central Storage Area Network has been extended to 800 TB. The estimated total number of desktops and data acquisition PCs remains around 750. Of these about 75% run Windows, 20% run Linux, the number of Macs is rising slowly.
With the setup of the new theory department headed by Ali Alavi in 2014, the number of High Performance Computing (HPC) nodes exploded to 536 and the number of computing cores to 13164 cores with 88 TB accumulated memory. Despite this sharp rise in computing power the HPC associated electricity consumption rose only by a factor of two to 100 kW. In reaction to this the server rooms 6B13 (infrastructure), 2E2 (High Performance Computing and Networking) were trimmed for energy and cooling efficiency using water cooled racks and backdoors. These installations use the 1.3 MW inhouse process cooling water plant. The archieved temperature spread of 17/23°C permits free (radiative) cooling throughout eight months of the year.
For the Alavi group a distributed 1.5 PB filesystem accessible from the Stuttgart Campus as well as from the MP/CDF computing and data center in Garching was implemented over a dedicated 10 GbE fiber connection. 100 computing nodes of the Alavi department are hosted at the MP/CDF due to cooling constraints in the local server room.
The Xen-virtualisation platform for central services was updated and relies now on a CEPH based distributed storage backend. The services can move freely between three locations in the main building and the new High Precision Lab in order to ensure High Availability of the services.
A new Firewall and VPN remote access strategy was implemented together with significant changes in the institute‘s Identity Management (IdM). The groups focus here was to rely on open industry standards whereever possible to avoid customer lock-in. When needed, proprietary systems like Microsoft Active Directory were provisioned with external help from open sources like Open-LDAP in order to permit software and patch roll-out in Windows environments. These measures focus on the protection of the institute data and infrastructure while enable scientists to access them from other locations. The international collaboration and the inherent nonlocality of science make these tasks highly complex.
An Intrusion Detection System (IDS) was implemented to facilitate the detection of the growing number and intensity of cyber attacks.
more
