Account Management and Role Based Access Control
Managing users and groups is an important piece of a successful HPC cluster.
ClusterVisor provides its own LDAP server component for use inside your cluster. This server will be used to manage users, groups across all nodes. A full easy-to-use web GUI is available for managing your accounts, as well as command line tools. No need to learn LDAP and create LDIF files for managing accounts.
Along with making users, the ClusterVisor system can make home directories, SSH keys, and SLURM accounting users automatically for you. This greatly simplifies the process of onboarding new users to your system.
While ClusterVisor’s internal LDAP server is great for a lot of customers, if you already have an LDAP or Active Directory infrastructure you’d like to authenticate against, that’s fully supported. ClusterVisor can even support using the internal ClusterVisor LDAP and external LDAP at the same time. This allows you to make cluster only service accounts, while still having most of your users authenticate from your existing directory.
Role based access control (RBAC)
ClusterVisor’s web UI provides a lot of useful information, some of which you may wish to let your end users see. The default behavior is you must be a “Cluster Admin” to see the information inside of ClusterVisor. With the RBAC system, you can define custom roles that contain unix users or groups (these can come from the internal or external LDAP) that expose just the data you want the users to see.