[gridengine users] cgroups Integration in OGS/GE 2011.11 update 1

Mark Dixon m.c.dixon at leeds.ac.uk
Mon May 28 09:14:25 UTC 2012 

On Fri, 25 May 2012, Rayson Ho wrote:

> On Fri, May 25, 2012 at 12:01 PM, Mark Dixon <m.c.dixon at leeds.ac.uk> wrote:
>> That's what I was wondering was the answer :)
>>
>> In my opinion there are simpler ways round it as long as not having
>> encrypted X11 within the cluster is ok:
>>
>> As I've mentioned before, adding "X11UseLocalhost no" to a submit host's
>> sshd config makes it bind your session's X11 forwarding port to the wildcard
>> address (instead of just the loopback) and puts a real hostname in your
>> DISPLAY variable. "qsub -V" then makes sure the compute nodes get it.
>
> I haven't looked at the setup you mentioned - but doesn't it require a
> "real" SSH daemon running on the machine??
...

Only on the submit host.

If the following assumptions are true, it magically Just Works(tm):

* No (or permissive) firewalls internal to your cluster.

* Submit and compute nodes share the same home directory.

If those assumptions aren't true, then there's a little more work 
involved.


Forgive me for the length of this but, so that I can refer people back to 
this email in future, the detail of what is happening is:

* Login to submit host foo.bar with X forwarding enabled, giving a DISPLAY 
variable containing, say, foo.bar:10.0. sshd listens at 6010/tcp on 
foo.bar and tunnels everything back to your X server.

* During that login, on most modern systems these days, an MIT magic 
cookie for your X server gets put into your ~/.Xauthority file against 
display foo.bar:10.0 (this requires the "xauth" binary to be present - 
package xorg-x11-xauth on RHEL).

* User submits job to GE with "-V" flag.

* Job runs on compute node, DISPLAY variable is set and contains 
foo.bar:10.0

* Job runs an X11 program which attempts to connect to port 6010/tcp on 
foo.bar

* Connection to foo.bar 6010/tcp gets ssh tunnelled back to your X server.

* X11 program reads the MIT magic cookie for foo.bar:10.0 from your 
~/.Xauthority file and uses it to authenticate against the X server.

* X11 starts working.


Mark
-- 
-----------------------------------------------------------------
Mark Dixon                       Email    : m.c.dixon at leeds.ac.uk
HPC/Grid Systems Support         Tel (int): 35429
Information Systems Services     Tel (ext): +44(0)113 343 5429
University of Leeds, LS2 9JT, UK
-----------------------------------------------------------------

More information about the users mailing list