Mailing List Archives Authenticated access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] HTCondor 23.0.24, 23.10.24, 24.0.7, and 24.7.3 Released

Date: Fri, 25 Apr 2025 14:16:20 -0500
From: Greg Thain <gthain@xxxxxxxxxxx>
Subject: Re: [HTCondor-users] HTCondor 23.0.24, 23.10.24, 24.0.7, and 24.7.3 Released

On 4/25/25 02:28, Thomas Hartmann wrote:

But seeing the announcement, I would be curious about yourexperiences, and if shaping IPAddress{Allow,Deny} drop-ins for all theCondor units would be the way to go for an admin or maybe if anextension of the network control within the job namespaces would be areasonable idea? I.e., Condor knobs for admins to control which IPranges daemons or starters are allowed/denied to talk to?



Hi Thomas:

Interesting ideas -- the use case we had in mind here was glidein, wherean administrator is willing to let a glided-in condor use the network tofetch the job, report status, etc., but they don't want the job to useany of the bandwidth.Â Perhaps the bandwidth at the site is verylimited.Â I suspect setting a deny list might be better security, butharder to maintain over time?


-greg

References:
- [HTCondor-users] HTCondor 23.0.24, 23.10.24, 24.0.7, and 24.7.3 Released
  - From: Tim Theisen
- Re: [HTCondor-users] HTCondor 23.0.24, 23.10.24, 24.0.7, and 24.7.3 Released
  - From: Thomas Hartmann

Prev by Date: Re: [HTCondor-users] condor_drain error
Next by Date: Re: [HTCondor-users] permission question about /var/lib/condor/spool/local_univ_execute and /var/lib/condor/execute
Previous by thread: Re: [HTCondor-users] HTCondor 23.0.24, 23.10.24, 24.0.7, and 24.7.3 Released
Next by thread: [HTCondor-users] HTCondor-CE tokens & APEL accounting support
Index(es):
- Date
- Thread

Mailing List Archives

Authenticated access

Re: [HTCondor-users] HTCondor 23.0.24, 23.10.24, 24.0.7, and 24.7.3 Released