Friday, December 8
2:00 p.m.3:30 p.m., Maryland Suite
Short, pithy, and fun, Work-in-Progress reports introduce interesting new or ongoing work. If you have work you would like to share or a cool idea that's not quite ready for publication, send a one- or two-paragraph summary to
firstname.lastname@example.org. We are particularly interested in presenting students' work. There are only a few slots available: submit your work before the session fills up! The current list of accepted WiPs is below. Work-in-Progress reports are five-minute presentations; the time limit will be strictly enforced.
Best WiP Award goes to ... Anthony from MSI ("the A/V guy"), who whipped the WiP laptops into presentational shape!
Accepted WiPs (Current as of 10:00 a.m. on December 8, 2006)
Nagios and SEC a Happy (Re-)union for Advanced System Monitoring
John Rouillard, University of Mass, Boston
Nagios is a freely available open source network monitoring package
for services. It comes with the ability to do some simple
de-duplication and time based correlations, however it is missing the
ability to do higher order correlation without cluttering the
interface with dummy services and duplicated entries.
This talk will center on implementation of an event broker module and
patches to nagios 2.x to provide pre and post core correlation of
events using standard nagios plugins and the Simple Event Correlator
(SEC). These patches provide a mechanism for changing the standard
nagios event decisions using an external module. This allows much
better inter-service correlation as well as correlations based on
PoDIM: Policy-Driven Infrastructure Management
Thomas Delaet, K.U. Leuven
I am a Ph.D student at the K.U.Leuven (Belgium). My research is, what
I call in the field of Policy-Driven Infrastructure Management. I am
developing a prototype language/platform to model the policy
specification of a network independent of operating
systems/implementation software used and for all devices in a network.
Special attention goes to conflict detection/dependency modelling
between different devices/subsystems in a network infrastructure.
NIS to Kerberos in a Psynch Environment
David Pullman, National Institue of Standards & Technology
In our org unit, a part of the campus at NIST, we have an NIS domain for
UNIX/Linux logins and for services like pop and imap. We also have an
Active Directory domain for Windows logins. The username/uid is a
campus wide system.
The NIST campus implemented Psynch for password synchronization. The
Psynch implementation is a Windows product and it's simple to hook up
the AD domain. Of course we wanted to have UNIX/Linux and Email
synchronized with the campus system, but we also wanted to migrate from
NIS to a new authentication and account management system. So we built
a Kerberos realm and an LDAP directory, and we use perl-LDAP to connect
the NIS domain and campus account system to the Kerberos realm and the
LDAP directory. Adds and changes to the NIS domain or the campus system
are propagated to the Kerberos and LDAP implementations.
We're testing the login capability of the Kerberos realm and the LDAP
account info on the workstations. Then we'll look into moving the
authentication for Email over to the Kerberos domain.
A User-Mode Redirection Layer for Improving Software Package Management
Marc Chiarini, Tufts University
The installation and use of software packages on modern *NIX systems
is fraught with peril. The pitfalls are myriad: undeclared or
misdeclared package dependencies; attempts to maintain multiple
versions of the same package; upgrades and rollbacks; non-atomic
package manipulation; and in particular, the out-of-band installation
of software via tools such as make. The authors of "An Analysis of
RPM Validation Drift" [ref] observed that many of these pitfalls are
absent or insignificant within core vendor distributions. However, a
comprehensive look at repositories containing contributed packages
revealed severe inconsistencies, especially between packages that
install commonly used shared libraries. This paper introduces a
user-mode redirection layer for isolating the installation and
execution of any software package installed on a host. Our approach
eliminates the problem of library version conflicts and takes great
strides toward mitigating the unknown effects of source-built
installs. We also demonstrate how system-call auditing can be used to
learn about shared package dependencies over time, expanding the
breadth and improving the accuracy of redirection.
Symlinking for Fun and Profit
Wout Mertens, Cisco
Portable Cluster Computers and InfiniBand Clusters
Mitch Williams, Sandia National Laboratories
Works in Progress:
Miniclusters III: Specifications for and status of the next
generation Minicluster project. LinuxBIOS portion of project an
outgrowth of the MIT One Laptop Per Child bios port. Sized at less
than 6"x6"x13", each of these clusters fit into a carry-on case for
Catalyst: 128 Node InfiniBand 'Science Appliance' Cluster.
Prism: Test Cluster composed of 85 InfiniBand interconnected dual
processor Intel EM64T 3.2GHz nodes.
Flustre: cluster consisting of 64TB of DDN storage connected via
InfiniBand, with Lustre file system.
Talon: 128 node InfiniBand Testbed.
Miscellaneous Data Management II
Jason Heiss, Yahoo!
There's a lot of discussion at LISA regarding configuration management.
But a lot of these services we're talking about configuring have some
data that they serve or state that must be retained. Most configuration
management authors pretend that these services can just spring into
being from scratch. But your Kerberos server needs a database to serve!
Managing large chunks of data (large file repositories on file servers,
mail spools, etc.) is a well-understood problem. But what about these
smaller chunks of data that exist in the nooks and crannies of your
server room? I'll present some thoughts on handling backups and
managing this data across server rebuilds.
Configuration Management System
David Parter, University of Wisconsin, Madison
What Is a Computer?
Beth Lynn Eicher, Look and See Network