[Beowulf] head node abuse

Michael Di Domenico mdidomenico4 at gmail.com
Fri Mar 26 13:56:53 UTC 2021

does anyone have a recipe for limiting the damage people can do on
login nodes on rhel7.  i want to limit the allocatable cpu/mem per
user to some low value.  that way if someone kicks off a program but
forgets to 'srun' it first, they get bound to a single core and don't
bump anyone else.

i've been poking around the net, but i can't find a solution, i don't
understand what's being recommended, and/or i'm implementing the
suggestions wrong.  i haven't been able to get them working.  the most
succinct answer i found is that per user cgroup controls have been
implemented in systemd v239/240, but since rhel7 is still on v219
that's not going to help.  i also found some wonkiness that runs a
program after a user logs in and hacks at the cgroup files directly,
but i couldn't get that to work.

supposedly you can override the user-{UID}.slice unit file and jam in
the cgroup restrictions, but I have hundreds of users clearly that's
not maintainable

i'm sure others have already been down this road.  any suggestions?

More information about the Beowulf mailing list