The CERN Windows Terminal Service infrastructure is an aggregation of multiple
virtual servers running Remote Desktop Services, accessed by hundreds of users every day; it has two purposes: provide external access to the CERN network, and exercise access control to certain parts of the accelerator complex.
Currently, the deployment and configuration of these servers and services requires
some interaction by system administrators, although scripts and tools developed at CERN do contribute to alleviate the problem. Scaling up and down the infrastructure (i.e., adding or removing servers) is also an issue, since it’s done manually.
However, recent changes in the infrastructure and the adoption of new software tools
that automate software deployment and configuration open new possibilities to improve
and orchestrate the current service. Automation and Orchestration will not only reduce
the time and effort necessary to deploy new instances, but also simplify operations like
patching, analysis and rebuilding of compromised nodes and will provide better performance in response to load increase.
The goal of this CERN project, we’re now a part of, is to automate provisioning (and
decommissioning) and scaling (up and down) of the infrastructure. Given the scope and magnitude of problems that must be solved, no single solution is capable of addressing all; therefore, multiple technologies are required. For deployment and configuration of Windows Server systems we resort to Puppet, while for orchestration tasks, Microsoft Service Management Automation will be used
