Dear all, Thank you all of you for the many helpful alternatives!
Unfortunately, system administration isn't my main responsibility so I'm (regrettably) not very good at it and have found LDAP on Ubuntu to be very unfriendly to set up. I do understand that it must be a good solution for a larger setup with a full-time system administrator. But, if I can get away with something simpler for a cluster of just a few nodes, then I might try that instead. So far, no one seems to discourage me from simply copying /etc/passwd between servers. I can understand that this solution seems a bit ad-hoc, but if it works and there are no "significant" downsides, I might give that a try. In fact, perhaps I'll give this a try now, get the cluster up (since others are waiting for it) and while it is running play with one of the options that have been mentioned and see if it is worth swapping out /etc/passwd for this alternative... I guess this should work? I suppose this isn't "urgent", but yes...getting the cluster set up with SLURM soon will allow others to use it. Then, I can take my time with other options. I guess I was worried if copying /etc/passwd will limit what I can do later. I guess if Linux-based UIDs and GIDs match, then I shouldn't have any surprises? Thank you for your replies! They were most helpful! I thought I had only two options for SLURM: /etc/passwd vs LDAP. I didn't realise of other choices available to me. Thank you! Ray On Tue, Apr 11, 2017 at 2:05 PM, Lachlan Musicman <data...@gmail.com> wrote: > On 11 April 2017 at 02:36, Raymond Wan <rwan.w...@gmail.com> wrote: >> >> >> For SLURM to work, I understand from web pages such as >> https://slurm.schedmd.com/accounting.html that UIDs need to be shared >> across nodes. Based on this web page, it seems sharing /etc/passwd >> between nodes appears sufficient. The word LDAP is mentioned at the >> end of the paragraph as an alternative. >> >> I guess what I would like to know is whether it is acceptable to >> completely avoid LDAP and use the approach mentioned there? The >> reason I'm asking is that I seem to be having a very nasty time >> setting up LDAP. It doesn't seem as "easy" as I thought it would be >> [perhaps it was my fault for thinking it would be easy...]. >> >> If I can set up a small cluster without LDAP, that would be great. >> But beyond this web page, I am wondering if there are suggestions for >> "best practices". For example, in practice, do most administrators >> use LDAP? If so and if it'll pay off in the end, then I can consider >> continuing with setting it up... > > > > We have had success with a FreeIPA installation to manage auth - every node > is enrolled in a domain and each node runs SSSD (the FreeIPA client). > > Our auth actually backs onto an Active Directory domain - I don't even have > to manage the users. Which, to be honest, is quite a relief. > > cheers > L. > > ------ > The most dangerous phrase in the language is, "We've always done it this > way." > > - Grace Hopper >
