Week of 161114

WLCG Operations Call details

  • At CERN the meeting room is 513 R-068.

  • For remote participation we use the Vidyo system. Instructions can be found here.

General Information

  • The purpose of the meeting is:
    • to report significant operational issues (i.e. issues which can or did degrade experiment or site operations) which are ongoing or were resolved after the previous meeting;
    • to announce or schedule interventions at Tier-1 sites;
    • to inform about recent or upcoming changes in the experiment activities or systems having a visible impact on sites;
    • to provide important news about the middleware;
    • to communicate any other information considered interesting for WLCG operations.
  • The meeting should run from 15:00 until 15:20, exceptionally to 15:30.
  • The SCOD rota for the next few weeks is at ScodRota
  • General information about the WLCG Service can be accessed from the Operations Web
  • Whenever a particular topic needs to be discussed at the daily meeting requiring information from site or experiments, it is highly recommended to announce it by email to wlcg-operations@cernSPAMNOTNOSPAMPLEASE.ch to make sure that the relevant parties have the time to collect the required information or invite the right people at the meeting.

Tier-1 downtimes

Experiments may experience problems if two or more of their Tier-1 sites are inaccessible at the same time. Therefore Tier-1 sites should do their best to avoid scheduling a downtime classified as "outage" in a time slot overlapping with an "outage" downtime already declared by another Tier-1 site supporting the same VO(s). The following procedure is recommended:

  1. A Tier-1 should check the downtimes calendar to see if another Tier-1 has already an "outage" downtime in the desired time slot.
  2. If there is a conflict, another time slot should be chosen.
  3. In case stronger constraints cannot allow to choose another time slot, the Tier-1 will point out the existence of the conflict to the SCOD mailing list and at the next WLCG operations call, to discuss it with the representatives of the experiments involved and the other Tier-1.

As an additional precaution, the SCOD will check the downtimes calendar for Tier-1 "outage" downtime conflicts at least once during his/her shift, for the current and the following two weeks; in case a conflict is found, it will be discussed at the next operations call, or offline if at least one relevant experiment or site contact is absent.

Links to Tier-1 downtimes




  • local: Andrea (MW Officer), Belinda (storage), Julia (WLCG), Kate (databases), Maarten (SCOD + ALICE), Marcelo (LHCb), Maria A (WLCG), Marian (networks), Oliver (CMS), Vincent (security)
  • remote: Antonio (CNAF), David (FNAL), Di (TRIUMF), FaHui (ASGC), Gareth (RAL), Jens (NDGF), Onno (NLT1), Peter (ATLAS), Preslav (KIT), Rolf (IN2P3), Sang-Un (KISTI), Victor (JINR), Vincenzo (EGI), Xin (BNL)

Experiments round table:

  • ATLAS reports ( raw view) -
    • review of potential new nuclei sites to be done, want ~10 stable sites
    • lifetime deletion completed, 4PB cleared on nuclei sites
    • CERN tape slowness being investigated, news?
      • Belinda: the matter is in hand: email communication "ATLAS tape recall campaign" (no ticket) ongoing between T0-team, CASTOR, Alessandro
    • Need to reprocess physics delayed stream this week, 50k cores will be 1 week workload, from tape directly to see tape performance, plan is to leave staging to workflow and not pre-stage anything
    • atlas-adc-cloud-US didn't reply to GGUS:124909, this was FTS issue to TW, now recovered but were communications ok?

  • CMS reports ( raw view) -
    • Heavy Ion data taking progresses with switch to 8 TeV pPb data taking on Wednesday
    • Production activity high with MC re-processing going on
    • Analysis activity high
    • Communication issue: lxplus change to default credential forwarding to “no”
      • INC:1179160
      • Users use lxplus to login to other machines, credential forwarding is needed
      • Please communicate changes like this in advance and coordinate with the experiments
    • Transparent lxplus intervention was not really transparent
      • OTG:0033849
      • voms-proxy-* commands have changed from v3 to v2 for a few days and back to v3
      • Users use lxplus as reference debugging platform to reproduce problems to get support
      • Please communicate changes like this in advance and coordinate with the experiments
    • Production infrastructure and T0 infrastructure lost Oracle connection around 8:50 AM CERN time on Sunday, Nov. 13
      • Was recovered by restarting the services
        • Kate: see the databases report below; CMS may want to look into an auto-restart option, as that would have worked
        • Oliver: we will look into that
    • CERN IT infrastructure hosting the offline copies of the CMS online database ( cms_orcon_adg and cms_omds_adg ) problems since Friday, Nov. 11, 10 AM CERN time
      • delay in the synchronization of the copy and instability in the network serving part of the computer center
      • Traffic was redirected to their Wigner clones
        • Kate: see the databases report below

Maarten, Maria A, Julia: as of this week the SCOD will check the IT SSB and include references to any incidents and interventions that look potentially significant for the context of this meeting; the lxplus reconfiguration might thus have been announced explicitly, but note that the fall-out actually was unexpected; we also will follow up when the text of an outage could have been clearer

  • ALICE -
    • NTR

Sites / Services round table:

  • BNL: NTR
  • CNAF:
    • New security update will require a drain of the worker nodes and a reboot of them.
      • Maarten, Vincent: RedHat did not yet provide a fix for CVE-2016-7117
    • We ask for an update from ATLAS concerning the file protocol changes.
      • Peter: we will follow up
  • EGI: NTR
  • GridPP:
  • IN2P3: NTR
  • KIT:
    • There was a storage downtime for CMS dCache instance today, to replace a troublesome file server, that caused issues for a GPFS cluster. The intervention was successful.
    • A new HTCondor managed sub-cluster with two ARC CEs in front of it is available for testing. Experiments have been contacted and asked to start commissioning the resource.
  • NDGF:
    • Triple disk failure in a RAID6 Alice pool. Investigation and resurrection attempts in progress. Potentially 30 TB of data in 1.2 million files lost. File list posted to Alice when we are really sure the data is gone.
    • Wed 9:30-11:30 CET there will be tests of the redundant dCache setup
    • as there are upstream kernel patches for CVE-2016-7117 available,
      a site could build its own fixed kernel; some NDGF sites have done that
  • NL-T1: Network maintenance at Surfsara tomorrow; should be transparent. https://goc.egi.eu/portal/index.php?Page_Type=Downtime&id=21951
  • NRC-KI:
  • OSG:
  • PIC:
  • RAL: We had some problems with Atlas Frontier. (GGUS:125001) We believe these are now fixed.
  • TRIUMF: The broken UPS inductor has been successfully replaced last Tuesday (Nov. 8). For the replacement work, we had to shutdown the whole data center and the overall outage was a bit less than 5 hours.

  • CERN computing services:
  • CERN storage services: NTR
  • CERN databases:
    • CMSONR ADG in CC was not functional Friday, problems were traced to network issues. Aliases were moved to Wigner and moved back today.
    • One of CMSR instances was restarted by clusterware on Sunday morning. The database was available at all times.
  • Monitoring:
    • (Sorry for the absence today)
    • Link: http://monit.cern.ch
    • Presented to CMS and ALICE. Will try with some use cases in the coming weeks.
  • MW Officer:
  • Networks:
    • Wigner GEANT maintenance Nov 15 23:00 - Nov 16 05:00 CET (OTG:0033627)
      • congestion may be expected on the remaining link
  • Security: EGI has sent an Advisory/Heads-up about CVE-2016-7117, rating it 'CRITICAL' for EGI: https://wiki.egi.eu/wiki/SVG:Advisory-SVG-CVE-2016-7117
    • The remote part is mostly irrelevant (almost no application using that function and hard to trigger anyway)
    • This vulnerability also has an interesting local escalation part, easy to trigger but seemingly hard to exploit, see e.g. https://blog.lizzie.io/notes-about-cve-2016-7117.html
    • Redhat has rated it important a month ago, but still hasn't released any patch/mitigation: we can only wait...
      • Maarten: or build your own patched kernel, as reported by NDGF


Maria A: each experiment should decide if lxplus should be added to the set of critical services and then provide values for the corresponding impact and urgency (See WLCG Critical Services); this will be followed up offline

Edit | Attach | Watch | Print version | History: r27 < r26 < r25 < r24 < r23 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r27 - 2016-11-15 - MaartenLitmaath
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    LCG All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright &© 2008-2021 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
or Ideas, requests, problems regarding TWiki? use Discourse or Send feedback