On Feb 6, 2007, at 6:05 PM, Heywood, Todd wrote:
> I know this is an OpenMPI list, but does anyone know how common or
> uncommon LDAP-based clusters are? I would have thought this issue
> would have arisen elsewhere, but Googling MPI+LDAP (and similar)
> doesn't turn up much.
FWIW, when I was back at Indiana University, we had a similar issue
with a 128 node cluster -- starting parallel jobs would overwhelm the
central slapd's and logins would start failing.
IIRC, the admins tried a variety of things that didn't end up working
or were too complicated to maintain in the long term. So they ended
up replicating the /etc/shadow and /etc/passwd from LDAP every X
hours (24, I think?) so that all authentications on the cluster were
local. Then they simply disallowed changing user information the
cluster (password, shell, etc.) and said "if you want to change
information, change it elsewhere and it will sync to the cluster
within X hours".
Not an optimal solution, but it was the one they opted for because
all things being equal, I think it was the simplest.
This is all from quite a while ago, so I might not have the details
I don't know much about LDAP, but if proxying / caching LDAP servers
exist, it might help considerably (e.g., put a caching proxy on the
cluster head node that can respond quickly to hundreds of
simultaneous LDAP requests from across the cluster instead of having
the cluster nodes all talk to a central LDAP server). I don't know
if that even makes sense (caching LDAP queries), but it was just a
Server Virtualization Business Unit