Page History
- 2019-Oct-14 16:31 tlmiller
- 2019-Sep-23 14:29 tlmiller
- 2019-Sep-20 10:57 tlmiller
- 2019-May-29 16:36 tlmiller
- 2019-May-29 16:24 tlmiller
- 2019-May-29 16:23 tlmiller
- 2019-May-29 16:23 tlmiller
- 2019-May-08 17:11 tlmiller
- 2019-May-08 15:37 tlmiller
- 2019-May-04 19:12 tlmiller
- 2019-May-04 19:06 tlmiller
- 2019-May-04 19:04 tlmiller
- 2019-May-04 19:02 tlmiller
Condor in the Cloud Seed Construction
The following is internal documentation.
- Start the standard RHEL7.6 image.
- Install wget.
yum install wget
- Follow the instructions here.
- Grab the condor-annex-ec2 script:
yum install condor-annex-ec2
- Install the AWS CLI tool needed by that script:
$ yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm $ yum install pip $ pip install --upgrade pip $ pip install awscli
- Configure HTCondor:
/etc/condor/config.d/local
# Make this a single-node pool. DAEMON_LIST = MASTER COLLECTOR SCHEDD STARTD NEGOTIATOR # Taken from the manual's instructions on installing a minicondor. # ------------------------------------------------------------------------------ NETWORK_INTERFACE = * CONDOR_HOST = $(FULL_HOSTNAME) SEC_DAEMON_INTEGRITY = REQUIRED SEC_DAEMON_AUTHENTICATION = REQUIRED SEC_DAEMON_AUTHENTICATION_METHODS = PASSWORD SEC_NEGOTIATOR_INTEGRITY = REQUIRED SEC_NEGOTIATOR_AUTHENTICATION = REQUIRED SEC_NEGOTIATOR_AUTHENTICATION_METHODS = PASSWORD SEC_CLIENT_AUTHENTICATION_METHODS = FS, PASSWORD ALLOW_DAEMON = condor_pool@* # ------------------------------------------------------------------------------ # The following is different from the instructions because the RHEL7 RPM # sets $(LOCAL_DIR) in a deeply unfortunate way. SEC_PASSWORD_FILE = /etc/condor/condor_pool_password # Configure the pool to be externally accessible. While this isn't necessary # for the proper functioning of an AWS-only pool, condor_annex can't verify # the accessibility of this host if it's not externally available, and there's # not presently an option to disable that check. # # Note that EC2PublicIP is set by the condor-annex-ec2 package. TCP_FORWARDING_HOST = $(EC2PublicIP) COLLECTOR_HOST = $(TCP_FORWARDING_HOST):9618 ALLOW_WRITE = $(ALLOW_WRITE) $(TCP_FORWARDING_HOST) ALLOW_NEGOTIATOR = $(ALLOW_NEGOTIATOR) $(TCP_FORWARDING_HOST)
- Fix the condor-annex-ec2 service file by copying the
After=...
line from the[Unit]
section of/usr/lib/systemd/system/condor.service
to[Unit]
section of/usr/lib/systemd/system/condor-annex-ec2.service
. rm /etc/condor/50ec2.config
- Edit
/usr/libexec/condor/condor-annex-ec2
so that it only setsEC2PublicIP
andEC2InstanceID
: remove from after the "Annex-specific code begins here" comment (line 103) all the way down toecho "done." (line 252); leave that line but remove next line and change the return to return 0.
and chown it to that user; then edit- Run
condor_store_cred -c add -f `condor_config_val SEC_PASSWORD_FILE`
- Then copy the pool password file to =~ec2-user/.condor
~ec2-user/.user_config
to point to it; this allowscondor_annex
to copy the pool password file to the new instances. - Run