[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[HTCondor-users] Submitting different users jobs from the single remote user.


We are trying to build an application which submits jobs to the htcondor cluster.
In our test setup we have docker containers in the same network, htcondor cluster 
with CentralManager, Submit and Execute instances sharing the same SHARED_PORT_PORT and CONDOR_HOST settings.
And docker container with application server which uses htcondor python bindings without htcondor itself installed.

I have two questions:

1) Which security model to choose? 
Application server and all htcondor services are in the trusted network, so I guess we may use something simple like
HOST_BASED security and pool password authentication between condor services. 
And token or certificate authentication for the application server.

2) Is it possible to change job owner when it is submitted from the application server to htcondor?
Application server is run under its own user but knows username and uid of the real job owner. All users which
needs to start jobs have same names and uids in every docker container. May be we can use individual token for each user 
with unique identity?

Sergey Komissarov
Senior Software Developer

This message may contain confidential information
constituting a trade secret of DATADVANCE. Any distribution,
use or copying of the information contained in this
message is ineligible except under the internal
regulations of DATADVANCE and may entail liability in
accordance with the current legislation of the Russian
Federation. If you have received this message by mistake
please immediately inform me of it. Thank you!