Introduction

One of the benefits of a grid computing environment is that users are able to widen their access to different resources throughout the world. By leveraging a full-featured batch system, the NMI framework is able to execute jobs on computing resources beyond the local administrative domain. Thus, users may access specific operating system and architecture combinations that may not be available locally.

Currently, an NMI user must declare in their build or test specification file that the platform tasks should be routed to a remote execution site, and must provide the explicit location of that site. In future NMI releases, the system will be able to migrate jobs automatically to remote sites, if a match is unable to be made locally.

For purposes of these instructions, we refer to the site at which the jobs are being submitted as the local site, and the site to which the jobs are being sent as the remote site.

Local Pool Configuration

In order to enable the remote site execution, the local Condor installation (that is, the Condor installation where the jobs will be submitted from) must be configured to enable Condor’s grid technologies. As of Condor 6.8, this should be enabled by default.

Another important consideration is the authorization mechanism that the two Condor installations will use to all jobs to execute. For testing purposes, the following parameters can be added to Condor’s configuration file.

SEC_DEFAULT_NEGOTIATION = OPTIONAL
SEC_DEFAULT_AUTHENTICATION_METHODS = CLAIMTOBE

This should only be a temporary option. It is highly advised that you switch to use a more secure Condor authentication mechanism when deploying the NMI framework into production mode.

Remote Pool Configuration

The remote execution site must be configured to allow outside connections to the Condor daemons. The following options should be included in the remote Condor’s configuration file, where local-condor.example.com is the address of the schedd on the local machine.

HOSTALLOW_WRITE = $(HOSTALLOW_WRITE), local-condor.example.com
HOSTALLOW_READ = $(HOSTALLOW_READ), local-condor.example.com

You may also use the wildcard option to allow an entire domain to communicate with Condor:

HOSTALLOW_WRITE = $(HOSTALLOW_WRITE), *.example.com
HOSTALLOW_READ = $(HOSTALLOW_READ), *.example.com

The remote Condor installation must also specify the authorization method that it will try to negotiate with the other site:

SEC_DEFAULT_NEGOTIATION = OPTIONAL
SEC_DEFAULT_AUTHENTICATION_METHODS = CLAIMTOBE

For information about how to configure Condor to operate correctly through firewalls, please refer to this section of the Condor manual.

Additional Information

More information about Condor’s grid technology can be found in the Condor manual.