search

mar-file-system / marfs

MarFS provides a scalable near-POSIX file system by using one or more POSIX file systems as a scalable metadata component and one or more data stores (object, file, etc) as a scalable data component.
Other
97 stars 27 forks source link

Open Science Campaign Storage Security Baseline #50

Closed brettkettering closed 8 years ago

brettkettering commented 8 years ago

We need to have an Open Science Campaign Storage Security Baseline approved by the CCB by 1/14/16 so that we can begin use of it on 1/19/16 when Open Science is scheduled to begin. The decision will be made on 12/21/15 about whether it will be MarFS over Scality or GPFS over ZFS.

brettkettering commented 8 years ago

CCB says we only need a security baseline for the FTAs, not the object store or the GPFS metadata file system.

I'll send this to Chris Mitchell as a security baseline for the Open Science FTAs.

brettkettering commented 8 years ago

Kyle Lamb will draw a picture of the FTAs, file systems, object store, masters, etc. to clearly show the paths to the various nodes for the users, for the admins, and for the data to move around the network to the storage repositories.

brettkettering commented 8 years ago

Richard Hammer says the logging and notification is working.

The CFengine configuration does the restricted SSH and only allows pfls, pfcp, and pfcm. This has been tested.

Dave Bonnie needs to workout how to do the SSHFS chroot configuration in CFengine.

This will need CCB approval once SSHFS configuration is working.

The target date for production users in Open Science is 2/8/16.

brettkettering commented 8 years ago

Chris H. is working through building a pristine OS system clearing out Scality ring and properly configuring FTAs.

brettkettering commented 8 years ago

This is done.