Aws-parallelcluster

------

**ENHANCEMENTS**
- Add validation for `DirectoryService/PasswordSecretArn` to fail in case the secret does not exist.

**CHANGES**
- Upgrade Slurm to version 21.08.8-2.
- Build Slurm with JWT support.
- Do not require `PlacementGroup/Enabled` to be set to `true` when passing an existing `PlacementGroup/Id`.
- Add `lambda:TagsResource` to `ParallelClusterUserRole` used by ParallelCluster API stack for cluster creation and image creation.

**BUG FIXES**
- Fix the ability to export cluster's logs when using `export-cluster-logs` command with the `--filters` option.
- Fix AWS Batch Docker entrypoint to use `/home` shared directory to coordinate Multi-node-Parallel job execution.

------

**ENHANCEMENTS**
- Execute SSH key creation alongside with the creation of HOME directory, i.e.
during SSH login, when switching to another user and when executing a command as another user.
- Add support for both FQDN and LDAP Distinguished Names in the configuration parameter `DirectoryService/DomainName`. The new validator now checks both the syntaxes.
- New `update_directory_service_password.sh` script deployed on the head node supports the manual update of the Active Directory password in the SSSD configuration.
The password is retrieved by the AWS Secrets Manager as from the cluster configuration.
- Add support to deploy API infrastructure in environments without a default VPC.
- Add validation for `DirectoryService/AdditionalSssdConfigs` to fail in case of invalid overrides.
- Make `DirectoryService/AdditionalSssdConfigs` be merged into final SSSD configuration rather than be appended.

**CHANGES**
- Disable deeper C-States in x86_64 official AMIs and AMIs created through `build-image` command, to guarantee high performance and low latency.
- OS package updates and security fixes.
- Change Amazon Linux 2 base images to use AMIs with Kernel 5.10.

**BUG FIXES**
- Fix build-image stack in `DELETE_FAILED` after image built successful, due to new EC2ImageBuilder policies.
- Fix the configuration parameter `DirectoryService/DomainAddr` conversion to `ldap_uri` SSSD property when it contains multiples domain addresses.
- Fix DCV not loading user profile at session start. The user's PATH was not correctly set at DCV session connection.

------

**CHANGES**
- Upgrade Slurm to version 21.08.6.

**BUG FIXES**
- Fix the update of `/etc/hosts` file on computes nodes when a cluster is deployed in subnets without internet access.
- Fix compute nodes bootstrap by waiting for ephemeral drives initialization before joining the cluster.

------

**ENHANCEMENTS**
- Add support for multiple users cluster environments by integrating with Active Directory (AD) domains managed via AWS Directory Service.
- Enable cluster creation in subnets with no internet access.
- Add abbreviated flags for `cluster-name` (-n), `region` (-r), `image-id` (-i) and `cluster-configuration` / `image-configuration` (-c) to the cli.
- Add support for multiple compute resources with same instance type per queue.
- Add support for `UseEc2Hostnames` in the cluster configuration file. When set to `true`, use EC2 default hostnames (e.g. ip-1-2-3-4) for compute nodes.
- Add support for GPU scheduling with Slurm on ARM instances with NVIDIA cards. Install NVIDIA drivers and CUDA library for ARM.
- Add `parallelcluster:compute-resource-name` tag to LaunchTemplates used by compute nodes.
- Add support for `NEW_CHANGED_DELETED` as value of FSx for Lustre `AutoImportPolicy` option.
- Explicitly set cloud-init datasource to be EC2. This save boot time for Ubuntu and CentOS platforms.
- Improve Security Groups created within the cluster to allow inbound connections from custom security groups when `SecurityGroups` parameter is specified for head node and/or queues.
- Build Slurm with `slurmrestd` support.

**CHANGES**
- Upgrade Slurm to version 21.08.5.
- Upgrade NICE DCV to version 2021.3-11591.
- Upgrade NVIDIA driver to version 470.103.01.
- Upgrade CUDA library to version 11.4.4.
- Upgrade NVIDIA Fabric manager to version 470.103.01.
- Upgrade Intel MPI Library to 2021.4.0.441.
- Upgrade PMIx to version 3.2.3.
- Disable package update at instance launch time on Amazon Linux 2.
- Enable possibility to suppress `SlurmQueues` and `ComputeResources` length validators.
- Use compute resource name rather than instance type in compute fleet Launch Template name.
- Disable EC2 ImageBuilder enhanced image metadata when building ParallelCluster custom images.
- Remove dumping of failed compute nodes to `/home/logs/compute`. Compute nodes log files are available in CloudWatch
and in EC2 console logs.

**BUG FIXES**
- Redirect stderr and stdout to CLI log file to prevent unwanted text to pollute the `pcluster` CLI output.
- Fix exporting of cluster logs when there is no prefix specified, previously exported to a `None` prefix.
- Fix rollback not being performed in case of cluster update failure.
- Do not configure GPUs in Slurm when NVIDIA driver is not installed.
- Fix `ecs:ListContainerInstances` permission in `BatchUserRole`.
- Fix `RootVolume` schema for the `HeadNode` by raising an error if unsupported `KmsKeyId` is specified.
- Fix `EfaSecurityGroupValidator`. Previously, it may produce false failures when custom security groups were provided and EFA was enabled.
- Fix FSx metrics not displayed in Cloudwatch Dashboard.

-----

**CHANGES**
- Disable log4j-cve-2021-44228-hotpatch service on Amazon Linux to avoid incurring in potential performance degradation.

-----

**CHANGES**
- Upgrade EFA installer to version 1.14.1. Thereafter, EFA enables GDR support by default on supported instance type(s).
ParallelCluster does not reinstall EFA during node start. Previously, EFA was reinstalled if `GdrSupport` had been
turned on in the configuration file. The `GdrSupport` parameter has no effect and should no longer be used.
- EFA configuration: ``efa-config-1.9-1``
- EFA profile: ``efa-profile-1.5-1``
- EFA kernel module: ``efa-1.14.2``
- RDMA core: ``rdma-core-37.0``
- Libfabric: ``libfabric-1.13.2``
- Open MPI: ``openmpi40-aws-4.1.1-2``

**BUG FIXES**
- Fix issue that is preventing cluster names to start with `parallelcluster-` prefix.