What keys are you talking about? Are you referring to the script
any kind: https://github.com/BYUHPC/BYUJobScriptGenerator. It only
creates a script but doesn't submit it. We could easily add that
copy-paste then "sbatch thefilename" isn't exactly hard.
since it's way too tied to internal systems. Utilization graphs are
pretty easy. You can get some information directly from the database
but we prefer to have more advanced information available. Some of it
have used the perl API but we hadn't looked at it yet... oh well).
integrated into our systems to release it. Among many other things, it
etc. Users can submit jobs and admins can modify node state, etc. The
commands only take well-sanitized input. In other words, if you want to
is only an integer. Even then, bash may happen :)
server isn't a trivial task. You may want to look for existing
looked at those myself. Having done this ourselves, I know that it can
take a long time to do it right.
Post by Lech NierodaRe: [slurm-dev] Re: Authentication and invoking slurm commands from
web app
It seems I was to fast... They don't seem to have open-sourced code.
In fact, they ask for specific Keys for each implementation so I
suppose this is a closed project for their users only... :-(
Brigham Young University has developed a number of web interfaces
https://marylou.byu.edu/documentation/slurm/script-generator
https://marylou.byu.edu/utilization/
https://github.com/BYUHPC/BYUJobScriptGenerator
Thanks Lech,
That is something to start with. The problem is that I plan to add
submission in the future and don't want to start something that will have
to be changed too much with time. So I would prefer to be able to firstly
execute any slurm command from my webserver and for any user...
Regards,
Jose
2014-10-02 15:28 GMT+02:00 Lech Nieroda
Hello José,
you might be interested in ubmod or its successor open
xdmod. It's a
system that queries SLURM regularly, writes the data into
its own database
and makes it available via webserver. You'd probably have
to implement
proper security measures for user management.
Regards,
Lech
(sent from mobile)
Am 02.10.2014 14:38 schrieb
=?ISO-8859-1?Q?Jos=E9_Rom=E1n_Bilbao_Castro?= <
Thanks Brian,
So you propose to have something like an intermediate
database that maps
web portal users to system users and make all calls
internally from the
webserver, right?. I just wanted to avoid the intermediate step for
simplicity, but it seems to be a bad practice.
So, regarding the second step... what is the safest and
more logical
manner of invoking slurm commands from the webserver?. I
mean, at the end I
must pass some credentials for the right user... Or should
I have a tomcat
user that belongs to the sudo group and call invoke
commands as another
user?. I am totally lost and need some thread to start
pulling from it.
Thanks again,
Jose
Hello Jose,
It is never a good idea to have the public facing
credentials be the same
as the private credentials. That is if your public
facing server is
compromised your internal system is compromised. The
limited cases where
direct internal access are needed (e.g. SSH) should be
handled by hardened
servers.
Allowing users to input executable commands on a
webpage is also not a
good security practice. This is essentially how the
shellshock bug works.
This is just my take on things but I would suggest
building a different
system.
--
Regards,
Brian
On Oct 2, 2014, at 06:40, José Román Bilbao Castro
Hi all,
First of all, this is my very first message to the
list and don't even
know if this is the proper place to port this message.
I am facing a simple project that should allow a slurm
user to monitor
his jobs running on a slurm server. I have been
looking at the Slurm
authentication API but I cannot find anything useful
for me as this seems
to be applied to users already logged in the system.
My question is where
to start looking at (technologies, web development
frameworks, etc...) to
be able to enter a user/password on the web browser
that coincides with
that of the Linux user, send the credentials to the
server, execute a slurm
command on behalf of that user and print results back...
May be this is a very complex question, but I have not
much experience in
web development and how it should be done to link
slurm commands execution,
specific user authorization, etc...
Thanks in advance,
Jose
--
*José Román Bilbao Castro*
Ingeniero Consultor
+34 901009188 <tel:%2B34%20901009188>
<http://www.idiria.com/>* <*http://
<http://%20%20/>www.idiria.com/ <http://www.idiria.com/>
<http://www.idiria.com/>*>
--
Idiria Sociedad Limitada - Aviso legal
Este mensaje, su contenido y cualquier fichero
transmitido con él está
dirigido únicamente a su destinatario y es
confidencial. Por ello, se
informa a quien lo reciba por error ó tenga
conocimiento del mismo sin ser
su destinatario, que la información contenida en él es
reservada y su uso
no autorizado, por lo que en tal caso le rogamos nos
lo comunique por la
misma vía o por teléfono (+ 34 690207492
<tel:%28%2B%2034%20690207492>), así como que se
abstenga de
reproducir el mensaje mediante cualquier medio o
remitirlo o entregarlo a
otra persona, procediendo a su borrado de manera inmediata.
Idiria Sociedad Limitada se reserva las acciones
legales que le
correspondan contra todo tercero que acceda de forma
ilegítima al
contenido de cualquier mensaje externo procedente del
mismo.
Para información y consultas visite nuestra web
http://www.idiria.com
Idiria Sociedad Limitada - Disclaimer
This message, its content and any file attached
thereto is for the
intended recipient only and is confidential. If you
have received this
e-mail in error or had access to it, you should note
that the information
in it is private and any use thereof is unauthorised.
In such an event
please notify us by e-mail or by telephone (+ 34
690207492 <tel:%28%2B%2034%20690207492>). Any
reproduction of this e-mail by whatsoever means and
any transmission or
dissemination thereof to other persons is prohibited.
It should be deleted
immediately from your system.
Idiria Sociedad Limitada reserves the right to take
legal action against
any persons unlawfully gaining access to the content
of any external
message it has emitted.
For additional information, please visit our website
http://www.idiria.com
--
*José Román Bilbao Castro*
Ingeniero Consultor
+34 901009188 <tel:%2B34%20901009188>
<http://www.idiria.com/>* <*http://
<http://%20%20/>www.idiria.com/ <http://www.idiria.com/>
<http://www.idiria.com/>*>
--
Idiria Sociedad Limitada - Aviso legal
Este mensaje, su contenido y cualquier fichero transmitido
con él está
dirigido únicamente a su destinatario y es confidencial.
Por ello, se
informa a quien lo reciba por error ó tenga conocimiento
del mismo sin ser
su destinatario, que la información contenida en él es
reservada y su uso
no autorizado, por lo que en tal caso le rogamos nos lo
comunique por la
misma vía o por teléfono (+ 34 690207492
<tel:%28%2B%2034%20690207492>), así como que se abstenga de
reproducir el mensaje mediante cualquier medio o remitirlo
o entregarlo a
otra persona, procediendo a su borrado de manera inmediata.
Idiria Sociedad Limitada se reserva las acciones legales que le
correspondan contra todo tercero que acceda de forma
ilegítima al
contenido de cualquier mensaje externo procedente del mismo.
Para información y consultas visite nuestra web
http://www.idiria.com
Idiria Sociedad Limitada - Disclaimer
This message, its content and any file attached thereto is for the
intended recipient only and is confidential. If you have
received this
e-mail in error or had access to it, you should note that
the information
in it is private and any use thereof is unauthorised. In
such an event
please notify us by e-mail or by telephone (+ 34 690207492
<tel:%28%2B%2034%20690207492>). Any
reproduction of this e-mail by whatsoever means and any
transmission or
dissemination thereof to other persons is prohibited. It
should be deleted
immediately from your system.
Idiria Sociedad Limitada reserves the right to take legal
action against
any persons unlawfully gaining access to the content of
any external
message it has emitted.
For additional information, please visit our website
http://www.idiria.com
--
*José Román Bilbao Castro*
Ingeniero Consultor
+34 901009188 <tel:%2B34%20901009188>
<http://www.idiria.com/>* <*http://
<http://%20%20/>www.idiria.com/ <http://www.idiria.com/>
<http://www.idiria.com/>*>
--
Idiria Sociedad Limitada - Aviso legal
Este mensaje, su contenido y cualquier fichero transmitido con él está
dirigido únicamente a su destinatario y es confidencial. Por ello, se
informa a quien lo reciba por error ó tenga conocimiento del mismo sin ser
su destinatario, que la información contenida en él es reservada y su uso
no autorizado, por lo que en tal caso le rogamos nos lo comunique por la
misma vía o por teléfono (+ 34 690207492
<tel:%28%2B%2034%20690207492>), así como que se abstenga de
reproducir el mensaje mediante cualquier medio o remitirlo o entregarlo a
otra persona, procediendo a su borrado de manera inmediata.
Idiria Sociedad Limitada se reserva las acciones legales que le
correspondan contra todo tercero que acceda de forma ilegítima al
contenido de cualquier mensaje externo procedente del mismo.
Para información y consultas visite nuestra web
http://www.idiria.com
Idiria Sociedad Limitada - Disclaimer
This message, its content and any file attached thereto is for the intended
recipient only and is confidential. If you have received this e-mail in
error or had access to it, you should note that the
information in it is
private and any use thereof is unauthorised. In such an event please notify
us by e-mail or by telephone (+ 34 690207492
<tel:%28%2B%2034%20690207492>). Any reproduction of this
e-mail by whatsoever means and any transmission or
dissemination thereof to
other persons is prohibited. It should be deleted immediately from your
system.
Idiria Sociedad Limitada reserves the right to take legal action against
any persons unlawfully gaining access to the content of any external
message it has emitted.
For additional information, please visit our website
http://www.idiria.com
--
Morris "Moe" Jette
CTO, SchedMD LLC
--
*
José Román Bilbao Castro*
Ingeniero Consultor
+34 901009188
__http://www.idiria.com <http://www.idiria.com/>_ <_http://
<http://%20%20/>www.idiria.com/ <http://www.idiria.com/>_>
--
Idiria Sociedad Limitada - Aviso legal
Este mensaje, su contenido y cualquier fichero transmitido con él está
dirigido únicamente a su destinatario y es confidencial. Por ello, se
informa a quien lo reciba por error ó tenga conocimiento del mismo sin
ser su destinatario, que la información contenida en él es reservada y
su uso no autorizado, por lo que en tal caso le rogamos nos lo
comunique por la misma vía o por teléfono (+ 34 690207492), así como
que se abstenga de reproducir el mensaje mediante cualquier medio o
remitirlo o entregarlo a otra persona, procediendo a su borrado de
manera inmediata.
Idiria Sociedad Limitada se reserva las acciones legales que le
correspondan contra todo tercero que acceda de forma ilegítima al
contenido de cualquier mensaje externo procedente del mismo.
Para información y consultas visite nuestra web http://www.idiria.com
<http://www.idiria.com/>
Idiria Sociedad Limitada - Disclaimer
This message, its content and any file attached thereto is for the
intended recipient only and is confidential. If you have received this
e-mail in error or had access to it, you should note that the
information in it is private and any use thereof is unauthorised. In
such an event please notify us by e-mail or by telephone (+ 34
690207492). Any reproduction of this e-mail by whatsoever means and
any transmission or dissemination thereof to other persons is
prohibited. It should be deleted immediately from your system.
Idiria Sociedad Limitada reserves the right to take legal action
against any persons unlawfully gaining access to the content of any
external message it has emitted.
For additional information, please visit our website
http://www.idiria.com <http://www.idiria.com/>