Mailing List Archives
Authenticated access
|
|
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [HTCondor-users] Request for Guidance on Installing HTCondor Multi-Pool Setup on macOS
- Date: Tue, 15 Jul 2025 12:32:00 -0500 (CDT)
- From: Todd L Miller <tlmiller@xxxxxxxxxxx>
- Subject: Re: [HTCondor-users] Request for Guidance on Installing HTCondor Multi-Pool Setup on macOS
However, I've reached a point where I'm unsure how to transition from a
single-machine setup to a full multi-machine configuration.
The most difficult part of this transition is dealing with
security; assigning roles is relatively straightforward (but don't start
with the single-machine configuration). IIRC, both of our recommended
security configurations use IDTOKENS.
There are two ways to make that work: (a) make sure that each node
uses the same security password or (b) give up on a few features and just
make sure that each non-CM machine has an IDTOKEN. The get_htcondor
script does (a), but (b) might be simpler to do by hand.
(Running `condor_store_cred add -c -i` prompts you to enter the
security password; running `condor_token_create -identity
condor@${CONDOR_HOST} > /etc/condor/tokens.d/condor@${CONDOR_HOST}` uses
the security password to generate an IDTOKEN. Replace '${CONDOR_HOST}'
with the FQDN of your CM. Both need to be run as root.)
the guidance does not include platform-specific instructions.
There shouldn't be anything Mac-specific about the kinds of
configuration you're asking about.
Any examples or templates relevant to configuring each role would be
especially helpful.
HTCondor ships with a number of "templates" build-in: the
'submit', 'central_manager', and 'execute' roles, and the corresponding
'get_htcondor_submit', 'get_htcondor_central_manager', and
'get_htcondor_execute' roles. You can see the templates using the
`condor_config` command:
condor_config use role:submit
for example. The "get_htcondor" variants have strong opinions about how
configure security, but the end effect on configuration is documented:
https://htcondor.readthedocs.io/en/latest/getting-htcondor/admin-quick-start.html#what-get-htcondor-does-to-configure-a-role
If you can run containers, we provide pre-configured images that
you can use as inspiration:
https://htcondor.readthedocs.io/en/latest/getting-htcondor/admin-quick-start.html#what-get-htcondor-does-to-configure-a-role
-- ToddM