[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Condor-users] submit node behind the firewall
- Date: Thu, 14 Jun 2012 10:39:39 -0500
- From: Poornima Pochana <ppreddy@xxxxxxx>
- Subject: Re: [Condor-users] submit node behind the firewall
Thanks Todd. Yes, you did understand the setup correctly, ie., my submit node is the only thing behind a firewall and no firewall between exec node and central manager.
Those 2 settings did the trick. Now there’s bi-directional connectivity established and jobs are getting executed.
On Jun 13, 2012, at 4:53 PM, Todd Tannenbaum wrote:
> On 6/13/2012 10:17 AM, Poornima Pochana wrote:
>> I have installed condor 7.8 and configured it to be a submit node
> pointing to a collector which is on a separate vm. The submit node is
> behind a firewall and for now only outbound connections are being
>> To establish inbound connections to my submit node from the central
> manager and exec nodes, is where I kindly need your suggestions. I have
> read section 3.7 of condor manual for reducing port usage with
> ‘condor_shared_port’ daemon. Is this the way to go about, so that I
> limit the port requests to be allowed for condor? Can I have CCB enabled
> on a node which is just a submit node?
> Hi Poornima -
> If I read the above correctly, you have no firewalls between all the execute node(s) and the central manager node, but you do have your submit machine behind a firewall. Thus I believe all you need to do is insert the following in the condor_config of your submit machine to enable CCB:
> CCB_ADDRESS = $(COLLECTOR_HOST)
> PRIVATE_NETWORK_NAME = some.network.name
> then restart Condor on your submit node... you only need to enable CCB on your submit node.
> I do not think you do not need to bother with the condor_shared_port daemon or do anything to your firewall because your execute nodes are not fire-walled. CCB is all you need if just your submit machine is firewalled (your case), or just your execute machines are firewalled... you only need to do something more than CCB alone if you have your submit machines AND your execute machines behind different firewalls.
> hope the above helps, and hope I understood your setup correctly,
>> Condor-users mailing list
>> To unsubscribe, send a message to condor-users-request@xxxxxxxxxxx with a
>> subject: Unsubscribe
>> You can also unsubscribe by visiting
>> The archives can be found at:
> Todd Tannenbaum <tannenba@xxxxxxxxxxx> University of Wisconsin-Madison
> Center for High Throughput Computing Department of Computer Sciences
> Condor Project Technical Lead 1210 W. Dayton St. Rm #4257
> Phone: (608) 263-7132 Madison, WI 53706-1685