joshiggins
commented
7 years ago Default ports for Torque
- For client communication to pbs_server, all privileged ports must be open (ports under 1024).
- For pbs_server communication to pbs_mom, the default port is 15003.
- For pbs_mom to pbs_server, the default port is 15001.
They can be changed, look here. If we want to change them, it's probably best to set these environment vars in the service files:
PBS_BATCH_SERVICE_PORT- when set on
pbs_server, controls the port that it will listen on - when set on
pbs_mom, controls the port that the mom will use to communicate with server
- when set on
PBS_MOM_SERVICE_PORT- when set on
pbs_mom, controls the port that it will listen on - when set on
pbs_server, controls the port that the server will use to communicate with the mom
- when set on
Additionally, in the hook that sets the $PBS_HOME/server_name file, it should set server_name to server_name:$PBS_BATCH_SERVICE_PORT.
But really the only problematic one is all privileged ports must be open (ports under 1024) and this is why we are using --net=host.
Privileged ports are disabled at compile time with the switch --disable-privports. This disables authentication between server and moms - potentially anyone could submit jobs as any other user. This can be fixed by using munge instead.
We should only expose the ports that are needed instead of requiring
--net=host.