| What is the valid format of entries in condor’s grid mapfile at jim_broker, jim_broker_client? | |
| Subjects of the certificates/proxies enclosed in
double quotes followed by the username@domainname which it should be mapped
to. First example below is from the sam service certificate and the second
example is from the user proxy. Please note that for the user proxy the entry
in the gridmap should not contain the “CN=proxy” bit. Example: “/C=US/ST=Illinous/L=Batavia/O=Ferminlab/CN=sam/samgrid.fnal.gov” sam@isdsrv1.fnal.gov “/DC=gov/DC=fnal/O=Fermilab/OU=People/CN=XYZ/USERID=xyz” xyz@fnal.gov [TOP] |
|
| What entries should the condor’s grid-mapfile contain at jim_client? | |
|
Condor’s grid mapfile is not required by the jim_client package. [TOP] |
|
| What entries should the condor’s grid-mapfile contain at jim_broker_client? | |
| a. Subject of the jim_broker_client daemons b. Subject of the jim_broker daemons c. Subject of all the users who will submit the job to this submission site. All the subjects should be mapped to a local identity like “user@domain”. [TOP] |
|
| What entries should the condor’s grid-mapfile contain at jim_broker? | |
| a. Subject of the jim_broker_client daemons b. Subject of the jim_broker daemons c. Subject of the jim_advertise daemons [TOP] |
|
| Which wildcards can be used in condor’s grid-mapfile? | |
| To accept all the users with valid proxies enter
“^.*$” instead of the individual subjects. Note that this is not recommended. [TOP] |
|
| How do I allow anyone to write classads to my system? | |
| To do this you have to disable the security polices
used by condor for writing classads. Insert or modify the following configuration
parameters in the condor_config file. SEC_DEFAULT_AUTHENTICATION
= NEVER [TOP] |
|
| What’s the significance of CONDOR_IDS in the run script? | |
| It tells condor the Linux identity of the user under
which the condor daemons are running. [TOP] |
|
| What’s the significance of GSI_DAEMON_NAME in the condor config of jim_broker, jim_broker_client and jim_advertise? | |
| It tells the condor the identity of the server daemons
I should expect when I send classads. Setting it to * tells condor to trust
all the daemons. This variable could be a comma separated list. [TOP] |
|
| How do I know if my scheduling site is correctly configured and running? | |
| a. Run the command "setup jim_broker_client" b. Run the command "condor_status -schedd". If your scheduler is properly registered with the broker you should be able to see it. [TOP] |
|
| How do I know if my execution site is correctly configured? | |
| a. Run the command "setup jim_client" b. Run the command "samg list resources". If your execution site is properly registered with the broker you should be able to see it. [TOP] |
|
| I submit the job with a valid proxy but the job does not execute and goes on "HOLD"? | |
| There could be several reasons for that. a. Execution site is not configured properly. b. You are not authorized to run the job at the particular execution site. i.e. your subject is not present in the /etc/grid-security/grid-mapfile. c. Your proxy life time was short and expired before your job could be submitted to the execution site. [TOP] |
|
| How do I know if my xmldb_server is correctly configured and running? | |
| a. Go to the URL at which the Xindice should be running. it should
look something like http://machinename.domain:7080/Xindice. If you have
configured tomcat to run at port number other than 7080 (default), use
that port number instead of 7080. Example: http://samgrid.fnal.gov:7080/Xindice [TOP] |
|
| How do I make jim_broker, jim_broker_client, jim_client, jim_advertise use a particular network interface on my system | |
| If you have more than one network interface you need to instruct above
mentioned packages to use a specific network interface. This is typical
case on systems which have a separate network interface for local network
separate from the outside network. Note to use JIM packages you have to
use a interface that is available from/to outside world. Add the
following line to the condor_config of these packages - To find the IP address do - The response to this command should be something like -
Finding the IP address that is not a private address and substitute it in the above configuration line. [TOP] |
|
| I am not able to able to send any classAd to the broker nor am I able to run the condor_q, condor_status commands to retrieve information from the broker. I have more than one network interface could this be a problem? | |
| This could possibly be a problem. See FAQ 13 for
resolution. [TOP] |
Email your questions/suggestions to d0-gritt@fnal.gov