[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [HTCondor-users] CCB info.
- Date: Mon, 29 Mar 2021 17:09:02 -0500 (CDT)
- From: Todd L Miller <tlmiller@xxxxxxxxxxx>
- Subject: Re: [HTCondor-users] CCB info.
From all the networks in the cluster there is access to the ateam
network but from ateam to the cluster there is no access.
I'm not sure I understand your description. The ateam does not
have outbound connectivity to the rest of the cluster, but it does have
inbound connectivity from the rest of the cluster? (That seems rather
From the submitter at the ateam network what will happen when I use
condor_status will it proxy the request via the ccb? I can see that its
looking for the real collectors
CCB is not a proxy. All that CCB does is reverse the direction of
the initial connection between two daemons, both of which must have
outbound access to the broker (collector). The usual use case for CCB is
for machines behind a NAT: the machines can't accept inbound connections
but they can make outbound connections at will. In such a case,
converting inbound connections from anywhere to outbound connections to
anywhere will work, and doing so only requires activating CCB on the
machines behind the NAT (and making sure they have a broker which can
accept inbound connections from anywhere).
In the reverse case, where inbound connections are allowed but
outbound connections are not, you'd need to reverse all your other
connections: every machine _not_ in ateam would have to activate CCB and
use a broker that can accept inbound connections from anywhere (any
machine in ateam and any machine using it as a broker).