-
Notifications
You must be signed in to change notification settings - Fork 313
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Can I add new users and group into cfncluster? #170
Comments
@guorongxu new users cannot submit jobs to the queue because their accounts have to also exist on the compute nodes. The way I was able to implement this was by: 1-create users on Master node manually and save the usernames and UIDs to a file under /home/ec2-user/userlistfile The format of the file should be: username1,user1_uid
username2,user2_uid 2- Add a post-install script to your cluster with the following content: if [ ! -s /etc/exports ] # Assuming that if the exports file is "empty" it is a compute node and NOT the master node. We only want to do this for compute nodes
then
IFS=","
while read USERNAME USERID
do
# -M do not create home since Master node is exporting /homes via NFS
# -u to set UID to match what is set on the Master node
useradd -M -u $USERID $USERNAME
done < "/home/ec2-user/userlistfile"
fi This will add users to compute nodes as they come up, giving them access to submit jobs |
I tried the same on Ubuntu, but I /etc/exports doesn't seem to be empty here. So instead I check if the given user already exists, s.t. this script can also be run on the master node without side-effects: #!/bin/bash
IFS=","
while read USERNAME USERID
do
# -M do not create home since Master node is exporting /homes via NFS
# -u to set UID to match what is set on the Master node
if ! [ `id -u $USERNAME 2>/dev/null || echo -1` -ge 0 ]; then
useradd -M -u $USERID $USERNAME
fi
done < "/home/ubuntu/userlistfile" |
I created a wiki page to sum the approach up. Thanks @johanneshk and @jmenbo for the suggestions! https://github.com/aws/aws-parallelcluster/wiki/MultiUser-Support |
It this is still relevant to anyone, I solved the problem by deploying an OpenLDAP docker container on the head node and configuring the head node itself and the compute nodes to use it. It is also possible to scale the solution by deploying the LDAP server to an external machine and make it accessible from several pclusters. |
@Caian Super cool, mind sharing how you've done this? |
@Caian yes, I would also be interested. |
@Caian that sounds like a great solution, I would also love to know more details about how you configured it. |
Dear All, |
Hi, a blog post was published to show how to combine ParallelCluster with AWS Directory Services to create a multi-user, POSIX-compliant system with centralized authentication and automated home directory creation. |
@lukeseawalker thanks. I am not too familiar with AWS directory service. Is it basically a Kerberos KDC? Can I use my own KDC instead? |
This issue has been automatically closed because there has been no response to our request for more information from the original author. With only the information that is currently in the issue, we don't have enough information to take action. Please reach out if you have or find the answers we need so that we can investigate further. |
Hello,
Can I create some users and group as the default user “ec2-user” or “ubuntu”?
I tried to manually add some users and group after the cluster was created, but I found the new users cannot submit jobs to the queue because of no preinstalled gridentine_client. I am wondering how to add the new users with the same privilege as the default user “ec2-user” or “ubuntu”.
Thanks,
Guorong
The text was updated successfully, but these errors were encountered: