分享
 
 
 

1.4 当前局限

王朝other·作者佚名  2006-01-09
窄屏简体版  字體: |||超大  

1.4 Current Limitations

当前局限

Limitations on Jobs which can Checkpointed

对于可校验任务的限制

Although Condor can schedule and run any type of process, Condor does have some limitations on jobs that it can transparently checkpoint and migrate:

尽管Condor能编排和运行任何类型的进程,但对于那些可以自动建立校验点和迁移的任务来说Condor还是有一些限制的:

1. Multi-process jobs are not allowed. This includes system calls such as fork(), exec(), and system().

多进程任务不可以。这包括诸如fork(),exec(),和system()等系统调用。

2. Interprocess communication is not allowed. This includes pipes, semaphores, and shared memory.

进程内通讯不可以。这包括管道,信号,和共享内存。

3. Network communication must be brief. A job may make network connections using system calls such as socket(), but a network connection left open for long periods will delay checkpointing and migration.

网络通讯必须简短。一个任务可以使用诸如socket()等系统调用创建网络连接,但是一个长时间的网络连接将对建立校验点和进程迁移造成延误。

4. Sending or receiving the SIGUSR2 or SIGTSTP signals is not allowed. Condor reserves these signals for its own use. Sending or receiving all other signals is allowed.

发送或接收SIGUSR2或SIGTSTP信号不可以。Condor将这些信号留给自己使用。发送或接收其它信号则都是可以的。

5. Alarms, timers, and sleeping are not allowed. This includes system calls such as alarm(), getitimer(), and sleep().

警报,计时器,和休眠都不可以。这包括诸如alarm(),getitimer(),和sleep()等系统调用。

6. Multiple kernel-level threads are not allowed. However, multiple user-level threads are allowed.

多个内核级线程不可以。然而,多个用户级线程是可以的。

7. Memory mapped files are not allowed. This includes system calls such as mmap() and munmap().

内存映射文件不可以。这包括诸如mmap()和munmap()等系统调用。

8. File locks are allowed, but not retained between checkpoints.

文件锁可以,但是对两个校验点之间的文件锁不加保留。

9. All files must be opened read-only or write-only. A file opened for both reading and writing will cause trouble if a job must be rolled back to an old checkpoint image. For compatibility reasons, a file opened for both reading and writing will result in a warning but not an error.

所有文件必须按只读或只写打开。当一个任务必须回退到某个旧的校验映像的时候,如果以可读写方式打开文件就会导致麻烦。出于兼容性的考虑,文件按读写方式打开文件会引发一条警告而非一条错误。

10. A fair amount of disk space must be available on the submitting machine for storing a job's checkpoint images. A checkpoint image is approximately equal to the virtual memory consumed by a job while it runs. If disk space is short, a special checkpoint server can be designated for storing all the checkpoint images for a pool.

在提交任务的机器上需要一块相当大的磁盘空间用来保存任务的校验点映像。一个校验点映像近似于由一项任务在运行期间所消耗的虚拟内存。如果磁盘空间短缺,那么可以指派一个专用校验点服务器来存储某个机群中的所有校验点映像。

11. On Digital Unix (OSF/1), HP-UX, and Linux, your job must be statically linked. Dynamic linking is allowed on all other platforms.

在Digital Unix (OSF/1),HP-UX,和Linux平台上,任务必须被静态连接。在其它平台上则允许动态连接。

Note: these limitations only apply to jobs which Condor has been asked to transparently checkpoint. If job checkpointing is not desired, the limitations above do not apply.

注意:这些限制仅适用于那些让Condor进行自动校验的任务。如果并未要求任务校验,那么上述限制就不起作用。

Security Implications.

安全考量

Condor does a significant amount of work to prevent security hazards, but loopholes are known to exist. Condor can be instructed to run user programs only as the UNIX user nobody, a user login which traditionally has very restricted access. But even with access solely as user nobody, a sufficiently malicious individual could do such things as fill up /tmp (which is world writable) and/or gain read access to world readable files. Furthermore, where the security of machines in the pool is a high concern, only machines where the UNIX user root on that machine can be trusted should be admitted into the pool. Condor provides the administrator with extensive security mechanisms to enforce desired policies.

Condor为预防安全隐患作了大量的工作,但是难免会百密一疏。Condor可以被设定成只能以UNIX的nobody用户身份运行用户程序,这个用户帐号通常只有非常受限的访问权限。但是即便只作为nobody用户,心怀叵测之徒还是能有机可乘的作一些坏事比如填满/tmp(这个目录是公共可写的)并且/或者得到公共可读文件的读权限。此外,鉴于机群中机器的安全性关系重大,只有那些其UNIX的root用户可以被信任的机器才可以纳入机群当中。Condor向管理员提供充分的安全机制用以确保相关保护策略的实施。

Jobs Need to be Re-linked to get Checkpointing and Remote System Calls

任务需要被重连接才能进行校验和远程系统调用

Although typically no source code changes are required, Condor requires that the jobs be re-linked with the Condor libraries to take advantage of checkpointing and remote system calls. This often precludes commercial software binaries from taking advantage of these services because commercial packages rarely make their object code available. Condor's other services are still available for these commercial packages.

尽管通常不需要更改源代码,但Condor需要让任务重连接到Condor库上以次获得校验和远程系统调用功能。这意味着商业软件程序常常被排除在这些功能之外,因为商业程序是很少会开放其代码的。不过对于商业产品来说Condor的其它功能仍然是行之有效的。

未经作者允许,请勿转载译文

译者联系方式:jinhao_beijing@sina.com; jinhao@gmail.com

 
 
 
免责声明:本文为网络用户发布,其观点仅代表作者个人观点,与本站无关,本站仅提供信息存储服务。文中陈述内容未经本站证实,其真实性、完整性、及时性本站不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。
2023年上半年GDP全球前十五强
 百态   2023-10-24
美众议院议长启动对拜登的弹劾调查
 百态   2023-09-13
上海、济南、武汉等多地出现不明坠落物
 探索   2023-09-06
印度或要将国名改为“巴拉特”
 百态   2023-09-06
男子为女友送行,买票不登机被捕
 百态   2023-08-20
手机地震预警功能怎么开?
 干货   2023-08-06
女子4年卖2套房花700多万做美容:不但没变美脸,面部还出现变形
 百态   2023-08-04
住户一楼被水淹 还冲来8头猪
 百态   2023-07-31
女子体内爬出大量瓜子状活虫
 百态   2023-07-25
地球连续35年收到神秘规律性信号,网友:不要回答!
 探索   2023-07-21
全球镓价格本周大涨27%
 探索   2023-07-09
钱都流向了那些不缺钱的人,苦都留给了能吃苦的人
 探索   2023-07-02
倩女手游刀客魅者强控制(强混乱强眩晕强睡眠)和对应控制抗性的关系
 百态   2020-08-20
美国5月9日最新疫情:美国确诊人数突破131万
 百态   2020-05-09
荷兰政府宣布将集体辞职
 干货   2020-04-30
倩女幽魂手游师徒任务情义春秋猜成语答案逍遥观:鹏程万里
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案神机营:射石饮羽
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案昆仑山:拔刀相助
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案天工阁:鬼斧神工
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案丝路古道:单枪匹马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:与虎谋皮
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:李代桃僵
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案镇郊荒野:指鹿为马
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:小鸟依人
 干货   2019-11-12
倩女幽魂手游师徒任务情义春秋猜成语答案金陵:千金买邻
 干货   2019-11-12
 
推荐阅读
 
 
 
>>返回首頁<<
 
靜靜地坐在廢墟上,四周的荒凉一望無際,忽然覺得,淒涼也很美
© 2005- 王朝網路 版權所有