Priorityuser .

Description

Our goal here is allocate 25% of our pledge resources to users with priorityuser voms role. The first part is make this users authenticate to a special user in our farm, using gums. First editing our $VDT_LOCATION/tomcat/v55/webapps/gums/WEB-INF/config/gums.config like that

%CODE{html}% <vomsUserGroup name='priorityuser' access='read self' description='' vomsServer='cms' matchFQAN='exact' acceptProxyWithoutFQAN='false' voGroup='/cms' role='priorityuser'/>

<groupAccountMapper name='priorityuser' description='' accountName='cmsprio'/>

<groupToAccountMapping name='priorityuser' description='' accountingVoSubgroup='uscms' accountingVo='CMS' userGroups='priorityuser' accountMappers='priorityuser'/> %ENDCODE%

and add in the end of this file, after = groupToAccountMappings= , in some place into your mappings the entry priorityuser It will be necessary restart your tomcat and mysql,

 /etc/init.d/tomcat-55 stop; /etc/init.d/mysql stop;  /etc/init.d/mysql start; /etc/init.d/tomcat-55 start
and don't forget to add cmsprio as your common user:
adduser  cmsprio 
Just if you use NIS,
cd /var/yp
make
Make sure that you can log in into your worker nodes as this user.

The second part is make your condor jobmanager assign, based in the user name, a dedidated group to its jobs: %CODE{perl}% vim $VDT_LOCATION/globus/lib/perl/Globus/GRAM/JobManager/condor.pm map { if ($_->[0] eq "LOGNAME") {$logname = $_->[1]; } } @environment; if ($logname =~ m/cmsprio./) { $AccountingGroup = "group_cmsprio." . $logname; } %ENDCODE% and adding it, in the same file above: %CODE{perl}% print SCRIPT_FILE "+AccountingGroup = \"$AccountingGroup\"\n"; %ENDCODE% After that, we have to define in our condor_negotiator machine (in our case, our gatekeeper) these groups and quotas:

vim /scratch/condor/condor_config.local
GROUP_NAMES = group_cmsprio
GROUP_QUOTA_group_cmsprio = 50
GROUP_AUTOREGROUP_group_cmsprio = True
and make condor re-read its configuration file, using : condor_reconfig In this case we have dedicated 50 job slots (25% of our 200 job slots) to cmsprio user.

About the storage area, we created it in our dCache admin the correspondent directory

mkdir /pnfs/sprace.org.br/data/cms/store/user/priorityuser
and edit our /etc/grid-security/storage-authzdb in our gridftp servers to grant permission to cmsprio write/read it:
authorize cmsprio read-write 0 110 111 / /pnfs/sprace.org.br/data/store/user/priorityuser /pnfs/sprace.org.br/data/
The same must be done to /store/group and /store/results
Topic revision: r5 - 2010-07-06 - MarcoAndreFerreiraDias
 

This site is powered by the TWiki collaboration platform Powered by PerlCopyright © 2008-2024 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback

antalya escort bursa escort eskisehir escort istanbul escort izmir escort