Running jobs and management tasks in the Slurm cluster requires connecting to the Slurm login node. Login nodes are configured on a per-user basis and deployed as a sub-chart to the Slurm chart. This page shows administrators how to enable per-user Slurm login pods in SUNK, integrate them with a directory service, and verify the resulting resources. Individual login pods isolate each user’s session, simplify access control, and allow directory service integration to manage user identities centrally. Pass these configuration values from the values.yaml of the Slurm chart to define how slurm-login integrates and functions.
Manage individual login pods
You can manage individual login pods using the following features:
-
Enable the deployment of the sub-chart: To enable the
slurm-login functionality as part of the Slurm chart, set the slurm-login.enabled parameter to true.
-
Reboot individual login pods: If an individual login pod is out of sync with the underlying StatefulSet, run the
reboot command from within the pod. This command deletes and recreates the pod using the updated version. If the pod is out of sync, a Message of the Day (MOTD) appears on SSH login with instructions to reboot:
**********************************************************************
* *
* The login statefulset has been updated, please restart your login *
* pod to get the latest changes. *
* *
* To restart the login pod, issue the command "reboot". *
**********************************************************************
-
Access individual login pods: For instructions on accessing each individual Slurm login pod and running Slurm jobs, refer to Connect to a Slurm login node.
Manage user identities and provision resources
The slurm-login.directoryCache parameter defines the directory service configuration used for managing user identities and provisioning resources. The following sections describe its key sub-values.
Select users by group
slurm-login.directoryCache.selectGroups provides a list of user groups, from which the slurm-login chart retrieves all associated users. This acts as a filter, meaning only users belonging to any of the specified groups are included. It uses OR logic, so a user must be in at least one of the listed groups to be selected.
Define the polling interval
slurm-login.directoryCache.interval defines the polling interval for detecting changes to users and user groups. This interval determines how frequently updates are applied and modifies resources accordingly.
List directory services
slurm-login.directoryCache.directoryService.directories specifies a list of directory services to configure. This is similar to the directoryService configuration in Slurm and can be duplicated or referenced using a YAML anchor for reuse.
Example nsscache configuration
The following shows a typical nsscache configuration:
slurm-login:
enabled: true
directoryCache:
source: nsscache
selectGroups: ["group1", "group2"]
nsscache for instructions on configuring nsscache.
Example SSSD configuration
The following shows a typical SSSD configuration:
slurm-login:
enabled: true
directoryCache:
source: sssd
selectGroups: ["group1", "group2"]
interval: 1m
directoryService:
# Google Secure LDAP
directories:
- name: google-example.com
enabled: true
ldapUri: ldaps://ldap.google.com:636
user:
canary: user@google-example.com
defaultShell: "/bin/bash"
fallbackHomeDir: "/home/%u"
overrideHomeDir: /mnt/nvme/home/%u
ldapsCert: google-ldaps-cert
schema: rfc2307bis
Verify individual Slurm login resources
To verify created resources, use the StatefulSets and Services as shown in the following commands.
The output is similar to the following:
NAME READY AGE
slurm-login 1/1 20d
slurm-login-slurmuser1-7fcd49e 1/1 31d
slurm-login-slurmuser2-a19c153 1/1 31d
slurm-login-slurmuser3-4fe7f1d 1/1 31d
slurm-login-slurmuser4-4f705de 1/1 31d
slurm-login-slurmuser5-5e909b3 1/1 31d
NAME TYPE CLUSTER-IP EXTERNAL-IP PORT(S) AGE
slurm-login LoadBalancer 10.96.46.53 <pending> 22:31408/TCP 35d
slurm-login-0 LoadBalancer 10.96.146.233 <pending> 22:31276/TCP 35d
slurm-login-slurmuser1-7fcd49e ClusterIP 10.96.61.246 <none> 22/TCP 32d
slurm-login-slurmuser2-a19c153 ClusterIP 10.96.160.110 <none> 22/TCP 32d
slurm-login-slurmuser3-4fe7f1d ClusterIP 10.96.2.45 <none> 22/TCP 32d
slurm-login-slurmuser4-4f705de ClusterIP 10.96.203.63 <none> 22/TCP 32d
slurm-login-slurmuser5-5e909b3 ClusterIP 10.96.184.148 <none> 22/TCP 32d
slurm-login Service.
Parameter reference table
The following table summarizes the slurm-login parameters described in the preceding sections for quick reference.
| Parameter | Description |
|---|
slurm-login.enabled | Set this value to true in the Slurm chart to enable the slurm-login chart. |
slurm-login.directoryCache | Defines the directory service configuration used for managing user identities and provisioning resources. The key sub-values include: |
slurm-login.directoryCache.selectGroups | Provides a list of user groups that the slurm-login chart uses to retrieve all associated users. This acts as a filter, meaning only users belonging to any of the specified groups are included. It uses OR logic, so a user must be in at least one of the listed groups to be selected. |
slurm-login.directoryCache.interval | Defines the polling interval for detecting changes to users and user groups. This interval determines how frequently updates are applied, and resources are modified accordingly. |
slurm-login.directoryCache.directoryService.directories | Specifies a list of directory services to configure. This is similar to the directoryService configuration in Slurm and can be duplicated or referenced using a YAML anchor for reuse. |
Last modified on May 27, 2026
