Mailing List Archives
Public Access
|
|
![[Computer Systems Lab]](https://www-auth.cs.wisc.edu/pics/csl_logo.gif)
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [Condor-users] negotiating with schedds when a client has FW
- Date: Thu, 23 Jun 2005 11:37:26 +0100
- From: "Kewley, J \(John\)" <j.kewley@xxxxxxxx>
- Subject: RE: [Condor-users] negotiating with schedds when a client has FW
If they have condor on their machine and a firewall, then they must have these
settings. If they change the firewall, the settings must be changed, most likely
they will only change their FW to allow more people onto their machine
occasionally, until then there is no major problem - jobs just won't go there. If they
open up their FW without telling you (and without changing the settings), then
the jobs still won't go there.
The problems you describe sound problematic for any type of network access,
never mind running a condor pool. Maybe you can tune some of the timeouts/retry
flags?
[thinking out loud]
A job gets matched to a m/c, tries to go there and times out. Should it retry
before going back for renegotiation? Should this (potentially temporary) mis-match
be stored? I think there was a proposal that condor didn't go back to a machine
just matched before, but I can't remember if this was just an idea, or something
that was getting implemented.
JK
> -----Original Message-----
> From: condor-users-bounces@xxxxxxxxxxx
> [mailto:condor-users-bounces@xxxxxxxxxxx]On Behalf Of Andrey Kaliazin
> Sent: 23 June 2005 11:12
> To: 'Condor-Users Mail List'
> Subject: RE: [Condor-users] negotiating with schedds when a client has
> FW
>
>
> John,
>
> Your suggestion is good if you strongly believe in people's
> goodwill. :-)
> The thing is that you cannot really rely on it if you have dozens of
> colleagues in different
> buildings, but more importantly, the firewall is not the only
> and not even
> the major source
> of this kind of problems. Network has very complex structure
> at our uni and
> firewall rules
> are on and constantly changing between VLANs; there are
> faulty switches,
> etc.
> My point was that this is to be expected in any live system other than
> trivial and Condor should
> have mechanism to overcome those issues and not to stumble upon them.
>
> cheers,
>
> Andrey
>
> > -----Original Message-----
> > From: condor-users-bounces@xxxxxxxxxxx
> > [mailto:condor-users-bounces@xxxxxxxxxxx] On Behalf Of
> > Kewley, J (John)
> > Sent: Thursday, June 23, 2005 10:39 AM
> > To: Condor-Users Mail List
> > Subject: RE: [Condor-users] negotiating with schedds when a
> > client has FW
> >
> > Andrey (maybe also Dan)
> >
> > I had similar problems in my pool caused by people adding
> > firewalls unexpectedly
> > on their machines. When I tried to add new machines to the
> > pool, I had to go round all
> > machine owners and try and persuade them to open up firewalls
> > for this new machine
> > as I had no admin rights.
> >
> > What I came up with I refer to as "Firewall Mirroring" and is
> > described in
> >
> > http://tardis.dl.ac.uk/Condor/docs/FW_condor.pdf
> > and
> > http://tardis.dl.ac.uk/Condor/slides/FW_Avoidance.ppt
> >
> > The idea is to try and persuade Condor not to send jobs to
> > machines which cannot be
> > reached from the submit node.
> >
> > I hope it is of some use.
> >
> > Cheers
> >
> > JK
> >
> > _______________________________________________
> > Condor-users mailing list
> > Condor-users@xxxxxxxxxxx
> > https://lists.cs.wisc.edu/mailman/listinfo/condor-users
> >
>
> _______________________________________________
> Condor-users mailing list
> Condor-users@xxxxxxxxxxx
> https://lists.cs.wisc.edu/mailman/listinfo/condor-users
>