Odin

From CSLabsWiki
Revision as of 20:44, 3 June 2017 by Jared (talk | contribs)

Jump to: navigation, search
Odin
IP Address(es): 128.153.145.141
Contact Person: Jared Dunbar
Last Update: March 2017
VM Host (Physical): hydra
Host VM: Odin or cs141 or thor
Services: CS141 Instructional machine


Hostname: odin.cslabs.clarkson.edu
Operating system: Debian Jessie (8) amd64
LDAP Support: No
Development Status: Stable
Status: Running


Odin is a instructional machine used for CS courses where coursework assumes access to a Linux machine. It is a lab-managed response to Polaris, OIT's server for the same purpose, although:

  • Polaris uses AD, while Odin presently does not (though it possibly can by leveraging OIT'S CAS);
  • Polaris has access to AFS, while Odin does not (we would need a trust relationship);
  • We cannot administer Polaris, but we can and do Odin;
  • Polaris runs an outdated CentOS 5 with similarly outdated compilers, whereas Odin runs a newer stable Debian that is updated at least a couple times per year;
  • Polaris is a two-core, 8GB RAM, low-priority VM with 10G disk (backing only /tmp and the core system) plus AFS mounts for most storage, whereas Odin is a four-core, 12GB RAM VM with 10G disk only (which can be expanded) and nested virtualization enabled, making it especially suitable for OS work;
  • Polaris uses AFS ACLs for most administration, whereas Odin uses UNIX permission bits with POSIX ACLs where needed;
  • Polaris and its operation is OIT's responsibility, while Odin is ours;

...and so on; this list is not necessarily complete.

Setup

Odin is, more or less, a plain Debian machine. Users are added and administered using the standard /etc/passwd file and the various utilities which manage it. It is unfirewalled and has an SSH server default ports (in addition to our various non-standard ports)--fail2ban might be a good idea in the future, but it is presently not implemented--and any such implementation should be lenient to prevent accidental lockout of students.

For running VMs, as is important in CS444, QEMU (system i386 and x64) and KVM are installed. Users need access to the /dev/kvm node for this to work; one can either:

  1. Add all users to the kvm group, or
  2. Edit the appropriate udev rule (I found ours in /lib/udev/rules.d/60-qemu-system-common.rules) from MODE="0660" to MODE="0666" (and chmod a+rw /dev/kvm) to allow any user to access it.

For ease, we have done the latter in the present installation.

As mentioned below, /root/scripts is a clone of this repository.

Operations

While courses' terms are handled by the instructors, there exist a number of scripts in /root/scripts which are meant to facilitate this work, especially for large classes. See the current README on the repository for more information and assistance, and report issues there.

Legal Matter

Odin contains assignment data and coursework. As such, the information thereon is protected by FERPA, and administrators must be aware of the FERPA standards and be especially vigilant about preventing accidental information leaks. We assume all course instructors are so informed, but any user which can view other users' file trees (currently, users in groups admin and sudo) must be officially recognized as "FERPA certified". At present, a quiz exists on PeopleSoft for all current students, and takes only a few minutes to complete. Should that disappear for any reason, OIT can be asked to enable it per-student.