[ARVADOS] updated: 2.1.0-61-ga3565501a

Git user git at public.arvados.org
Mon Feb 1 14:21:06 UTC 2021

Summary of changes:
 doc/_config.yml                                    |  6 +++--
 doc/admin/user-management-cli.html.textile.liquid  |  6 ++---
 doc/api/permission-model.html.textile.liquid       |  4 +++-
 ....liquid => configure-slurm.html.textile.liquid} | 26 +++++++---------------
 .../install-prerequisites.html.textile.liquid      | 10 ---------
 5 files changed, 18 insertions(+), 34 deletions(-)
 rename doc/install/crunch2-slurm/{install-slurm.html.textile.liquid => configure-slurm.html.textile.liquid} (88%)
 delete mode 100644 doc/install/crunch2-slurm/install-prerequisites.html.textile.liquid

       via  a3565501ab67bae652177a64f7ca1e1f7f3d70d9 (commit)
       via  5c6d183b5dfcbb7ca2e537e2f3d5d8caeafd2f6c (commit)
      from  5945736d7adc0b046d1d9f3767e0f35537f85330 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

commit a3565501ab67bae652177a64f7ca1e1f7f3d70d9
Author: Ward Vandewege <ward at curii.com>
Date:   Fri Jan 29 17:02:57 2021 -0500

    17255: Document the "can_login" permission link in the API section.
    Arvados-DCO-1.1-Signed-off-by: Ward Vandewege <ward at curii.com>

diff --git a/doc/admin/user-management-cli.html.textile.liquid b/doc/admin/user-management-cli.html.textile.liquid
index 8cebf02cd..d68529a22 100644
--- a/doc/admin/user-management-cli.html.textile.liquid
+++ b/doc/admin/user-management-cli.html.textile.liquid
@@ -133,9 +133,9 @@ $ ARVADOS_API_TOKEN=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx arv api_c
 h2. Adding Permissions
-h3. VM login
+h3(#vm-login). VM login
-Give @$user_uuid@ permission to log in to @$vm_uuid@ as @$target_username@
+Give @$user_uuid@ permission to log in to @$vm_uuid@ as @$target_username@ and make sure that @$target_username@ is a member of the @docker@ group
@@ -148,7 +148,7 @@ read -rd $'\000' newlink <<EOF; arv link create --link "$newlink"
+"properties":{"username":"$target_username", "groups": [ "docker" ]}
diff --git a/doc/api/permission-model.html.textile.liquid b/doc/api/permission-model.html.textile.liquid
index 7f1052129..54c4a3331 100644
--- a/doc/api/permission-model.html.textile.liquid
+++ b/doc/api/permission-model.html.textile.liquid
@@ -38,7 +38,7 @@ A permission link is a link object with:
 * @owner_uuid@ of the system user.
 * @link_class@ "permission"
-* @name@ one of *can_read*, *can_write* or *can_manage*
+* @name@ one of *can_read*, *can_write*, *can_manage* or *can_login*
 * @head_uuid@ of some Arvados object
 * @tail_uuid@ of a User or Group.  For Group, the @group_class@ must be a "role".
@@ -46,6 +46,8 @@ This grants the permission in @name@ for @tail_uuid@ accessing @head_uuid at .
 If a User has *can_manage* permission on some object, the user has the ability to read, create, update and delete permission links with @head_uuid@ of the managed object.  In other words, the user has the ability to modify the permission grants on the object.
+The *can_login* @name@ is only meaningful on a permission link with with @tail_uuid@ a user UUID and @head_uuid@ a Virtual Machine UUID. A permission link of this type gives the user UUID permission to log into the Virtual Machine UUID. The username for the VM is specified in the @properties@ field. Group membership can be specified that way as well, optionally. See the "VM login section on the CLI cheat sheet":/install/cheat_sheet.html#vm-login for an example.
 h3. Transitive permissions
 Permissions can be obtained indirectly through nested ownership (*can_manage*) or by following multiple permission links.

commit 5c6d183b5dfcbb7ca2e537e2f3d5d8caeafd2f6c
Author: Ward Vandewege <ward at curii.com>
Date:   Fri Jan 29 15:49:42 2021 -0500

    17245: documenation: re-add a modified version of our Slurm
           configuration page to the index. Re-organize the index a bit to
           make the separation between cloud and Slurm dispatching more
    Arvados-DCO-1.1-Signed-off-by: Ward Vandewege <ward at curii.com>

diff --git a/doc/_config.yml b/doc/_config.yml
index 52cc6888c..7e8bd8f12 100644
--- a/doc/_config.yml
+++ b/doc/_config.yml
@@ -236,12 +236,14 @@ navbar:
       - install/install-shell-server.html.textile.liquid
       - install/install-webshell.html.textile.liquid
       - install/install-arv-git-httpd.html.textile.liquid
-    - Containers API:
+    - Containers API (cloud):
       - install/install-jobs-image.html.textile.liquid
       - install/crunch2-cloud/install-compute-node.html.textile.liquid
       - install/crunch2-cloud/install-dispatch-cloud.html.textile.liquid
-      - install/crunch2-slurm/install-compute-node.html.textile.liquid
+    - Containers API (slurm):
       - install/crunch2-slurm/install-dispatch.html.textile.liquid
+      - install/crunch2-slurm/configure-slurm.html.textile.liquid
+      - install/crunch2-slurm/install-compute-node.html.textile.liquid
       - install/crunch2-slurm/install-test.html.textile.liquid
     - External dependencies:
       - install/install-postgresql.html.textile.liquid
diff --git a/doc/install/crunch2-slurm/install-slurm.html.textile.liquid b/doc/install/crunch2-slurm/configure-slurm.html.textile.liquid
similarity index 88%
rename from doc/install/crunch2-slurm/install-slurm.html.textile.liquid
rename to doc/install/crunch2-slurm/configure-slurm.html.textile.liquid
index 061edf96c..eda330798 100644
--- a/doc/install/crunch2-slurm/install-slurm.html.textile.liquid
+++ b/doc/install/crunch2-slurm/configure-slurm.html.textile.liquid
@@ -1,7 +1,7 @@
 layout: default
 navsection: installguide
-title: Set up Slurm
+title: Configure Slurm
 {% comment %}
 Copyright (C) The Arvados Authors. All rights reserved.
@@ -9,29 +9,19 @@ Copyright (C) The Arvados Authors. All rights reserved.
 SPDX-License-Identifier: CC-BY-SA-3.0
 {% endcomment %}
+{% include 'notebox_begin_warning' %}
+crunch-dispatch-slurm is only relevant for on premises clusters that will spool jobs to Slurm. Skip this section if you are installing a cloud cluster.
+{% include 'notebox_end' %}
 Containers can be dispatched to a Slurm cluster.  The dispatcher sends work to the cluster using Slurm's @sbatch@ command, so it works in a variety of SLURM configurations.
 In order to run containers, you must run the dispatcher as a user that has permission to set up FUSE mounts and run Docker containers on each compute node.  This install guide refers to this user as the @crunch@ user.  We recommend you create this user on each compute node with the same UID and GID, and add it to the @fuse@ and @docker@ system groups to grant it the necessary permissions.  However, you can run the dispatcher under any account with sufficient permissions across the cluster.
+We will assume that you have Slurm and munge running.
-On the API server, install Slurm and munge, and generate a munge key.
-On Debian-based systems:
-<pre><code>~$ <span class="userinput">sudo /usr/bin/apt-get install slurm-llnl munge</span>
-~$ <span class="userinput">sudo /usr/sbin/create-munge-key</span>
-On Red Hat-based systems:
-<pre><code>~$ <span class="userinput">sudo yum install slurm munge slurm-munge</span>
+h3. Sample Slurm configuration file
-Now we need to give Slurm a configuration file.  On Debian-based systems, this is installed at @/etc/slurm-llnl/slurm.conf at .  On Red Hat-based systems, this is installed at @/etc/slurm/slurm.conf at .  Here's an example @slurm.conf@:
+Here's an example @slurm.conf@ for use with Arvados:
diff --git a/doc/install/crunch2-slurm/install-prerequisites.html.textile.liquid b/doc/install/crunch2-slurm/install-prerequisites.html.textile.liquid
deleted file mode 100644
index 23bdd3b26..000000000
--- a/doc/install/crunch2-slurm/install-prerequisites.html.textile.liquid
+++ /dev/null
@@ -1,10 +0,0 @@
-layout: default
-navsection: installguide
-title: Containers API Slurm prerequisites
-{% comment %}
-Copyright (C) The Arvados Authors. All rights reserved.
-SPDX-License-Identifier: CC-BY-SA-3.0
-{% endcomment %}



More information about the arvados-commits mailing list