[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] Request for Guidance on Installing HTCondor Multi-Pool Setup on macOS



However, I've reached a point where I'm unsure how to transition from a single-machine setup to a full multi-machine configuration.

The most difficult part of this transition is dealing with security; assigning roles is relatively straightforward (but don't start with the single-machine configuration). IIRC, both of our recommended security configurations use IDTOKENS.

There are two ways to make that work: (a) make sure that each node uses the same security password or (b) give up on a few features and just make sure that each non-CM machine has an IDTOKEN. The get_htcondor script does (a), but (b) might be simpler to do by hand.

(Running `condor_store_cred add -c -i` prompts you to enter the security password; running `condor_token_create -identity condor@${CONDOR_HOST} > /etc/condor/tokens.d/condor@${CONDOR_HOST}` uses the security password to generate an IDTOKEN. Replace '${CONDOR_HOST}' with the FQDN of your CM. Both need to be run as root.)

the guidance does not include platform-specific instructions.

There shouldn't be anything Mac-specific about the kinds of configuration you're asking about.

Any examples or templates relevant to configuring each role would be especially helpful.

HTCondor ships with a number of "templates" build-in: the 'submit', 'central_manager', and 'execute' roles, and the corresponding 'get_htcondor_submit', 'get_htcondor_central_manager', and 'get_htcondor_execute' roles. You can see the templates using the `condor_config` command:

condor_config use role:submit

for example. The "get_htcondor" variants have strong opinions about how configure security, but the end effect on configuration is documented:
https://htcondor.readthedocs.io/en/latest/getting-htcondor/admin-quick-start.html#what-get-htcondor-does-to-configure-a-role

If you can run containers, we provide pre-configured images that you can use as inspiration:

https://htcondor.readthedocs.io/en/latest/getting-htcondor/admin-quick-start.html#what-get-htcondor-does-to-configure-a-role

-- ToddM