How To Mix Firewalls And Ht Condor

Not logged in

• Browse
• Help
• Home
• Login
• Reports
• Search
• Timeline
• Wiki

• Contents
• No-Diff
• Text

 
 *:The execute machine with the condor_startd is installed on a machine named E with IP address 192.168.0.2.
 
-*:The firewall has an external, Internet facing, IP address of 10.0.0.1, and an internal, local network facing, IP address of 192.168.0.250 on a machine named F. IP address 10.0.0.1 is actually not a routable address, but pretend that it is for the duration of this document. S and E are in the domain =mydomain.net=.
+*:The firewall has an external, Internet facing, IP address of 10.0.0.1, and an internal, local network facing, IP address of 192.168.0.250 on a machine named F. IP address 10.0.0.1 is actually not a routable address, but pretend that it is for the duration of this document.
+*:S and E are in the domain =mydomain.net=.
 
-Then we will make the following changes to =condor_config.local= on S (the schedd).  To find your HTCondor configuration files, the command =condor_config_val -dump= will be a big help, as the files are listed in the header of the output
+Make changes to file =condor_config.local= on machine S.  To find this configuration file, see the very beginning of the output generated by the command =condor_config_val -dump=.
 
 {code}
 USE_SHARED_PORT = True
@@ -22,7 +23,7 @@
 PRIVATE_NETWORK_INTERFACE = eth0
 TCP_FORWARDING_HOST = 10.0.0.1
 {endcode}
-In the configuration settings above, the port 9617 was chosen out of a hat; there is no reason it cannot be any port on the system.  9618 is often chosen; it is the well-known port of the HTCondor collector.  In our setup, we are not assuming that there is a collector in the 192.168.0.0/24 network that will be contacted from outside 192.168.0.0/24, so 9618 is also a valid port number; but you may well want to avoid 9618 if you have an internal collector.  Note that the =TCP_FORWARDING_HOST= must match the external address of the collector.
+In these configuration settings, the port 9617 was chosen out of a hat; there is no reason it cannot be any port on the system.  9618 is often chosen; it is the well-known port of the HTCondor collector.  In our setup, we are not assuming that there is a collector in the 192.168.0.0/24 network that will be contacted from outside 192.168.0.0/24, so 9618 is also a valid port number; but you may well want to avoid 9618 if you have an internal collector.  Note that the =TCP_FORWARDING_HOST= must match the external address of the collector.
 
 On the execute node E, we have similar configuration changes, except for the shared port:
 {code}

This work is supported by NSF under Cooperative Agreement OAC-2030508 as part of the PATh Project. Any opinions, findings, and conclusions or recommendations expressed in this material are those of the author(s) and do not necessarily reflect the views of the NSF. Site built using CVSTrac.