Lychee sytem: Difference between revisions
| (10 intermediate revisions by 2 users not shown) | |||
| Line 1: | Line 1: | ||
__TOC__ | |||
== ssh Hostbased Authentication == | == ssh Hostbased Authentication == | ||
In order to make queue transfer data from and to cluster nodes (mango*) smoothly, ssh host based Authentication must be correctly setup. | In order to make queue transfer data from and to cluster nodes (mango*) smoothly, ssh host based Authentication must be correctly setup. | ||
| Line 33: | Line 35: | ||
* restart sshd server and it should work. | * restart sshd server and it should work. | ||
see also: | |||
http://www.snailbook.com/faq/trusted-host-howto.auto.html | |||
https://www.cs.uwaterloo.ca/twiki/view/CF/SSHHostBasedAuthentication | |||
http://docs.hp.com/en/5992-4213/ch04s06.html | |||
== Torque PBS qsub wrapper == | |||
Using a wrapper of qsub will be helpful in case that some rules/restrains to the jobs are difficult to be added by qmgr. | |||
To use a filter, add the this to /var/spool/PBS/torque.cfg . | |||
SUBMITFILTER /path/to/your/wrapper | |||
The wrapper will read lines, which is content of the job script, from STDIN, analyze it, and output the modified version to STDOUT. Useful information can be displayed by writing to STDERR as well. | |||
== LDAP server gidName index for group name searching == | |||
quoted from martin's email | |||
The fedora-ds install configuration builds indexes for most of the commonly searched attributes, but | |||
not for "gidNumber". The fedora-ds GUI console provides an "indexes" page, where this (and other | |||
attributes) may be added. Following any changes, the DS must be stopped and a db2index command run to | |||
recreate the indexes. | |||
== LDAP server open file descriptor problem == | |||
See [[FedoraLdap]] | |||
Latest revision as of 06:27, 12 May 2009
ssh Hostbased Authentication
In order to make queue transfer data from and to cluster nodes (mango*) smoothly, ssh host based Authentication must be correctly setup.
- /etc/ssh/sshd_config on servers (actually everynodes & lychee) must have the following lines:
AllowUsers root *@mango* *@lychee*
HostbasedAuthentication yes IgnoreUserKnownHosts yes
- /etc/ssh/ssh_config on clients (mango* & lychee) must have:
Host *
HostbasedAuthentication yes
EnableSSHKeysign yes
- /etc/ssh/ssh_known_hosts2 stores protocol 2 ssh public keys, which can be obtained by:
ssh-keyscan -vt rsa mango02 >> /etc/ssh/ssh_known_host2
Different entries can share the same key, as long as the host machines use the same ssh_host_rsa_key key pairs(recommended).
- /etc/hosts.equiv stores all the possible hostname one in a line like
mango01 192.168.0.3 mango02 192.168.0.4 .... lychee lychee.md.smms.uq.edu.au 192.168.1.249 ...
- restart sshd server and it should work.
see also:
http://www.snailbook.com/faq/trusted-host-howto.auto.html
https://www.cs.uwaterloo.ca/twiki/view/CF/SSHHostBasedAuthentication
http://docs.hp.com/en/5992-4213/ch04s06.html
Torque PBS qsub wrapper
Using a wrapper of qsub will be helpful in case that some rules/restrains to the jobs are difficult to be added by qmgr.
To use a filter, add the this to /var/spool/PBS/torque.cfg .
SUBMITFILTER /path/to/your/wrapper
The wrapper will read lines, which is content of the job script, from STDIN, analyze it, and output the modified version to STDOUT. Useful information can be displayed by writing to STDERR as well.
LDAP server gidName index for group name searching
quoted from martin's email
The fedora-ds install configuration builds indexes for most of the commonly searched attributes, but not for "gidNumber". The fedora-ds GUI console provides an "indexes" page, where this (and other attributes) may be added. Following any changes, the DS must be stopped and a db2index command run to recreate the indexes.
LDAP server open file descriptor problem
See FedoraLdap
