[Beowulf] head node abuse
Michael Di Domenico
mdidomenico4 at gmail.com
Fri Mar 26 13:56:53 UTC 2021
does anyone have a recipe for limiting the damage people can do on
login nodes on rhel7. i want to limit the allocatable cpu/mem per
user to some low value. that way if someone kicks off a program but
forgets to 'srun' it first, they get bound to a single core and don't
bump anyone else.
i've been poking around the net, but i can't find a solution, i don't
understand what's being recommended, and/or i'm implementing the
suggestions wrong. i haven't been able to get them working. the most
succinct answer i found is that per user cgroup controls have been
implemented in systemd v239/240, but since rhel7 is still on v219
that's not going to help. i also found some wonkiness that runs a
program after a user logs in and hacks at the cgroup files directly,
but i couldn't get that to work.
supposedly you can override the user-{UID}.slice unit file and jam in
the cgroup restrictions, but I have hundreds of users clearly that's
not maintainable
i'm sure others have already been down this road. any suggestions?
More information about the Beowulf
mailing list