[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] Nodes missing in condor_status list

On Thu, Sep 18, 2014 at 10:25:00AM +0000, Lukas Koschmieder wrote:
> Hi,
> I've set COLLECTOR_DEBUG to D_SECURITY but /var/log/condor/CollectorLog doesn't  contain any PERMISSION DENIED lines.
> There is an entry in the collector log though saying that my external/invisible node is granted READ level access (which explains why I can see my Condor pool on this node even though the not itself is not being listed):
> 09/18/14 10:47:57 PERMISSION GRANTED to unauthenticated@unmapped from host <IP> for command 5 (QUERY_STARTD_ADS), access level READ: reason: READ authorization policy allows IP address <IP>; identifiers used for this remote host <IP>, <HOSTNAME>
> But I can't find a corresponding line for WRITE level access. Actually, there is no such line even for the other node which do show up in the condor_status list... So how do I verify that a given node has been given WRITE access by the collector?

If you aren't seeing the machines in condor_status, and you aren't seeing
PERMISSION DENIED, it sounds like the updates aren't even making it to the
collector.  Is it possible UDP packets could not get routed between the two
networks?  Perhaps try TCP updates:

And see if that changes anything.

Perhaps a longer chunk of the CollectorLog may help as well... feel free to send
that off-list if you'd like me to look at it.  You should see lines like:
  ScheddAd     : Inserting ** "< ingwe.cs.wisc.edu , >"
  StartdAd     : Inserting ** "< slot1@xxxxxxxxxxxxxxxxx , >"

When ads are succesfully making it to the collector.