[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[HTCondor-users] Submitting different users jobs from the single remote user.
- Date: Thu, 20 Jun 2019 15:19:27 +0300 (MSK)
- From: "Sergey A. Komissarov" <sergey.komissarov@xxxxxxxxxxxxxx>
- Subject: [HTCondor-users] Submitting different users jobs from the single remote user.
We are trying to build an application which submits jobs to the htcondor cluster.
In our test setup we have docker containers in the same network, htcondor cluster
with CentralManager, Submit and Execute instances sharing the same SHARED_PORT_PORT and CONDOR_HOST settings.
And docker container with application server which uses htcondor python bindings without htcondor itself installed.
I have two questions:
1) Which security model to choose?
Application server and all htcondor services are in the trusted network, so I guess we may use something simple like
HOST_BASED security and pool password authentication between condor services.
And token or certificate authentication for the application server.
2) Is it possible to change job owner when it is submitted from the application server to htcondor?
Application server is run under its own user but knows username and uid of the real job owner. All users which
needs to start jobs have same names and uids in every docker container. May be we can use individual token for each user
with unique identity?
Senior Software Developer
This message may contain confidential information
constituting a trade secret of DATADVANCE. Any distribution,
use or copying of the information contained in this
message is ineligible except under the internal
regulations of DATADVANCE and may entail liability in
accordance with the current legislation of the Russian
Federation. If you have received this message by mistake
please immediately inform me of it. Thank you!