Slurmrestd Access

Slurm slurmrestd supports incoming HTTP requests on:

  • Unix socket: In this configuration, Slurm-web agent must be collocated with slurmrestd service on the same host.

  • TCP/IP socket: HTTP requests can be sent on the network, Slurm-web agent and slurmrestd service can be hosted on separate hosts.

Slurm also supports two authentication methods for slurmrestd service:

  • local (Unix socket only): based on UID/GID of client process.

  • jwt: based on tokens in HTTP request headers.

Slurm-web also supports two tokens management modes for JWT authentication:

  • auto: Slurm-web agent has access to a copy of Slurm JWT signing key. It generates tokens automatically with a short lifespan when required.

  • static: Token is generated manually by the administrator and set in agent configuration. This implies generating tokens with a long lifespan to avoid updating the token too often.

All these options are represented in this diagram:

slurmrestd access modes

All supported configuration are listed in the table below:

Socket Authentication Mode

Unix

local

-

📖 Read

JWT

auto

📖 Read

static

📖 Read

TCP/IP

auto

📖 Read

static

📖 Read