SQS
SQS is a project, assigned to remote managing of computer
systems, it provides means by which an user may control the task queue.
Scheme.
*******
+-------------------+ +-------------------+
| Local machine 1 | Ethernet Ethernet | local machine 2 |
| +---------+ | | | | +---------+ |
| |**qadd***| | | | | |**qadd***| |
| |**qinfo**| | | +--------------+ | | |**qinfo**| |
| |**qdel***| | | | Server 1 | | | |**qdel***| |
| +---------+ | | | +----------+ | | | +---------+ |
| | | |----|-|**qserver*|-|----| | | |
| +---------+ | | | +----------+ | | | +---------+ |
| |*qclient*|----|----| +--------------+ |----|----|*qclient*| |
| +---------+ | | | | +---------+ |
+-------------------+ | | +-------------------+
| |
+-------------------+ | | +-------------------+
| Local machine 3 | | | | Local machine 4 |
| +---------+ | | | | +---------+ |
| |**qadd***| | | | | |**qadd***| |
| |**qinfo**| | | +--------------+ | | |**qinfo**| |
| |**qdel***| | | | Server 2 | | | |**qdel***| |
| +---------+ | | | +----------+ | | | +---------+ |
| | | |----|-|**qserver*|-|----| | | |
| +---------+ | | | +----------+ | | | +---------+ |
| |*qclient*|----|----| +--------------+ |----|----|*qclient*| |
| +---------+ | | | | +---------+ |
+-------------------+ | | +-------------------+
.... | ..... | .....
| |
+---------------------------------------------------------------------------+
| Common file system (for example NFS) |
+---------------------------------------------------------------------------+
Distributive consist of:
qserver - this program should be installed on machine which would be used as the task
server. It is run with root's privileges as a daemon and will create
task queue at the start. Tasks are performed in succession. In order to
perform a task qserver executes an user's program in the current user
directory with user rights, redirects stdout to result-file (it is
created in the current user directory) and relate stdin and stderr with
/dev/null. After the user's program is finished qserver kills all
processes except for privileged ones (e.g. process with uid 0,
privileged uids can be set by config) and removes all ipc-resources
(such as shared memory, message queue, semaphore). Also, qserver
checks every executable for permissions (must be rwx for owner) and for
owner (user must be owner of executable, except for script "mpirun"),
provides means for handling of tasks (adding and deleting tasks, and
listing queue). Time of perfomance of a task is limited by qserver.
The number of task in the queue from one user is also limited. It is
possible to use several server machines each of which needs
running of qserver on it.
qclient
qclient is a local daemon which must be installed on each local machine
which will diliver commands from an user to indicated server. TCP/IP protocol
is used for communication. It starts with root's privileges but for security
measures changes GID to nobody. It also prints results from the server to
terminal from which qadd, qinfo, qdel is executed.
qadd, qdel, qinfo - programs for remote controling task queue.
qadd adds task to the queue.
qdel removes tyask from the queue.
qinfo prints queue status.
After you have installed these programs, they is owned by group nobody.
They change GID to nobody at the begining of load and after that they can
use message queue, created by qclient on the local machine. Thewrefore
only these programs are allowed to use qclient to sending task to the server.
Number of that server is indicated by command line arguments.
!!! It necessity for you to use common file system, that is
home directories of the users on the local machines and on the servers
must be the same.
Configuring
*****************
Use sqs.conf for configuring system
# comments
argument parametr
argument parametr1 parametr2 parametr3
ServerPort - qserver listening port.
ServerAccessLog, ServerErrorLog, ClientAccessLog, ClientErrorLog -
log files
ServerPidFile - server's PID file.
ServerKill - (on/off) - on - allow server to "kill" all process after every task.
ProcessList -
ServerDaemon - (on/off) - on - allow to start qserver in daemon mode.
ServerList - server list (ip or hostname).
ClientPort - qclient listening port
Delay - delay in sec. 0 - no delay.
ClientDaemon - (on/off) - allow to start qclient in daemon mode.
TimeLimit - maximum task's time.
UidLimit - maximum number of tasks from one user.
QueueSize - maximum queue size.
P_User - list of uid's of users with priveleges.
Rand, Key - path to key.
Security.
*********
Qclient and qserver use encoding and decoding of packets (lib: libmcrypt,
algorithm: cast-128, mode: ecb). qclient and
user utilities (qadd, qinfo, qdel) communicate via message queue.
Write to and read from it can only these programs.
Thus, the possibility of wrong data transmission is excluded.
