Mailing List Archives Public Access	UW Madison Computer Sciences Department Computer Systems Lab

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [HTCondor-users] [External] - Re: condor_q -better-analyze: "Could not fetch startd ads"

Date: Wed, 05 Aug 2020 20:34:18 +0000
From: Wesley Taylor <wesley.taylor@xxxxxxxxxxx>
Subject: Re: [HTCondor-users] [External] - Re: condor_q -better-analyze: "Could not fetch startd ads"

Thanks Zach!

I have confirmed that that it is Kerberos alone which is causing the issue, I switched to FS_Remote, FS, and PASSWORD authentication as a backup, and now the authentication for users and machines works fine. So no rush on this particular issue, but I am curious as to what in the Kerberos authentication is causing that result. I dug through the condor source code and that didn't give me any leads.

Appreciate your time,
Wes


Property of Numerica

-----Original Message-----
From: HTCondor-users <htcondor-users-bounces@xxxxxxxxxxx> On Behalf Of Zach Miller
Sent: Tuesday, August 4, 2020 9:14 AM
To: HTCondor-Users Mail List <htcondor-users@xxxxxxxxxxx>
Subject: Re: [HTCondor-users] [External] - Re: condor_q -better-analyze: "Could not fetch startd ads"

CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.


Hi Wes,

Just FYI, I haven't yet had time to look into the Kerberos issue of the "Success! / No creds found...." that you posted.  Somehow, your environment is different from the other Kerberos-based installations since this is the first time I've seen this problem.  I hope to get to it soon.


Cheers,
-zach


ïOn 8/3/20, 1:50 PM, "HTCondor-users on behalf of Wesley Taylor" <htcondor-users-bounces@xxxxxxxxxxx on behalf of wesley.taylor@xxxxxxxxxxx> wrote:

    Ah yes, read is not working because the TOOL subsystem is only able to use FS,
    KERBEROS, GSI, and CLAIMTOBE authentication, but I have been trying to work
    around those issues I have been having with Kerberos I mentioned last week.

    Has anyone been able to take another look at that? That error has me really
    stumped.

    Thanks for helping me find the root cause of that Todd,

    Wes


    Public Content

    -----Original Message-----
    From: Todd Tannenbaum <tannenba@xxxxxxxxxxx>
    Sent: Monday, August 3, 2020 9:47 AM
    To: HTCondor-Users Mail List <htcondor-users@xxxxxxxxxxx>; Wesley Taylor
    <wesley.taylor@xxxxxxxxxxx>
    Subject: [External] - Re: [HTCondor-users] condor_q -better-analyze: "Could
    not fetch startd ads"

    CAUTION: This email originated from outside of the organization. Do not click
    links or open attachments unless you recognize the sender and know the content
    is safe.


    On 7/31/2020 6:20 PM, Wesley Taylor wrote:
    > Hey all, its me again.
    >
    > Finally got HTCondor ready for preliminary smoke testing on the production
    > network, and have been debugging issues as we go. There has been one really
    > weird error I haven't been able to figure out on my own. When I run
    > "condor_q" it runs fine. However, if I run "condor_q -analyze" or
    > "condor_q -better-analyze" I get back "Error: Could not fetch startd ads".

    On the same machine where "condor_q" works but "condor_q -analyze" fails, does
    "condor_status" work for you?

    If "condor_status" also does not work, then my guess is the security
    permissions on your pool's central manager are setup in a manner that is now
    allowing read access to the condor_collector from the machine where
    condor_status/condor_q -analyze fails.  From this same machine try running
    this command to confirm/deny if read access is being blocked:

         condor_ping -pool condor.cs.wisc.edu -type collector READ

    If you can connect but READ is being denied, look at the ALLOW_READ setting in
    the condor_config file(s) on your central manager.

    Hope the above helps
    Todd



_______________________________________________
HTCondor-users mailing list
To unsubscribe, send a message to htcondor-users-request@xxxxxxxxxxx with a
subject: Unsubscribe
You can also unsubscribe by visiting
https://usg02.safelinks.protection.office365.us/?url=https%3A%2F%2Flists.cs.wisc.edu%2Fmailman%2Flistinfo%2Fhtcondor-users&amp;data=02%7C01%7C%7C7d69af02d3304455153908d838895a2c%7Cfae7a2aedf1d444e91bebabb0900b9c2%7C0%7C0%7C637321509866731069&amp;sdata=Ett3dEGuShIwgAduoijfuEPYSQYSZoTqFesI1O5l2tQ%3D&amp;reserved=0

The archives can be found at:
https://usg02.safelinks.protection.office365.us/?url=https%3A%2F%2Flists.cs.wisc.edu%2Farchive%2Fhtcondor-users%2F&amp;data=02%7C01%7C%7C7d69af02d3304455153908d838895a2c%7Cfae7a2aedf1d444e91bebabb0900b9c2%7C0%7C0%7C637321509866741064&amp;sdata=dboga0picsoYbcKDSXLxu%2BuMZxPgYr3SODzUYwf7HMY%3D&amp;reserved=0

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Follow-Ups:
- Re: [HTCondor-users] [External] - Re: condor_q -better-analyze: "Could not fetch startd ads"
  - From: Zach Miller

References:
- Re: [HTCondor-users] condor_q -better-analyze: "Could not fetch startd ads"
  - From: Todd Tannenbaum
- Re: [HTCondor-users] [External] - Re: condor_q -better-analyze: "Could not fetch startd ads"
  - From: Wesley Taylor
- Re: [HTCondor-users] [External] - Re: condor_q -better-analyze: "Could not fetch startd ads"
  - From: Zach Miller

Prev by Date: Re: [HTCondor-users] Are file paths in the config macros strings or expressions?
Next by Date: Re: [HTCondor-users] Are file paths in the config macros strings or expressions?
Previous by thread: Re: [HTCondor-users] [External] - Re: condor_q -better-analyze: "Could not fetch startd ads"
Next by thread: Re: [HTCondor-users] [External] - Re: condor_q -better-analyze: "Could not fetch startd ads"
Index(es):
- Date
- Thread

Mailing List Archives

Public Access

Re: [HTCondor-users] [External] - Re: condor_q -better-analyze: "Could not fetch startd ads"