1 // Copyright (C) The Arvados Authors. All rights reserved.
3 // SPDX-License-Identifier: AGPL-3.0
15 "git.arvados.org/arvados.git/sdk/go/arvados"
16 "github.com/ghodss/yaml"
19 type deprRequestLimits struct {
20 MaxItemsPerResponse *int
21 MultiClusterRequestConcurrency *int
24 type deprCluster struct {
25 RequestLimits deprRequestLimits
26 NodeProfiles map[string]nodeProfile
28 GoogleClientID *string
29 GoogleClientSecret *string
30 GoogleAlternateEmailAddresses *bool
32 ProviderAppSecret *string
35 SendUserSetupNotificationEmail *bool
36 SupportEmailAddress *string
40 type deprecatedConfig struct {
41 Clusters map[string]deprCluster
44 type nodeProfile struct {
45 Controller systemServiceInstance `json:"arvados-controller"`
46 Health systemServiceInstance `json:"arvados-health"`
47 Keepbalance systemServiceInstance `json:"keep-balance"`
48 Keepproxy systemServiceInstance `json:"keepproxy"`
49 Keepstore systemServiceInstance `json:"keepstore"`
50 Keepweb systemServiceInstance `json:"keep-web"`
51 DispatchCloud systemServiceInstance `json:"arvados-dispatch-cloud"`
52 RailsAPI systemServiceInstance `json:"arvados-api-server"`
53 Websocket systemServiceInstance `json:"arvados-ws"`
54 Workbench1 systemServiceInstance `json:"arvados-workbench"`
57 type systemServiceInstance struct {
63 func (ldr *Loader) applyDeprecatedConfig(cfg *arvados.Config) error {
64 var dc deprecatedConfig
65 err := yaml.Unmarshal(ldr.configdata, &dc)
69 hostname, err := os.Hostname()
73 for id, dcluster := range dc.Clusters {
74 cluster, ok := cfg.Clusters[id]
76 return fmt.Errorf("can't load legacy config %q that is not present in current config", id)
78 for name, np := range dcluster.NodeProfiles {
79 if name == "*" || name == os.Getenv("ARVADOS_NODE_PROFILE") || name == hostname {
81 } else if ldr.Logger != nil {
82 ldr.Logger.Warnf("overriding Clusters.%s.Services using Clusters.%s.NodeProfiles.%s (guessing %q is a hostname)", id, id, name, name)
84 applyDeprecatedNodeProfile(name, np.RailsAPI, &cluster.Services.RailsAPI)
85 applyDeprecatedNodeProfile(name, np.Controller, &cluster.Services.Controller)
86 applyDeprecatedNodeProfile(name, np.DispatchCloud, &cluster.Services.DispatchCloud)
88 if dst, n := &cluster.API.MaxItemsPerResponse, dcluster.RequestLimits.MaxItemsPerResponse; n != nil && *n != *dst {
91 if dst, n := &cluster.API.MaxRequestAmplification, dcluster.RequestLimits.MultiClusterRequestConcurrency; n != nil && *n != *dst {
94 if dst, addr := &cluster.Users.SupportEmailAddress, dcluster.Mail.SupportEmailAddress; addr != nil {
96 ldr.Logger.Warnf("using your old config key Mail.SupportEmailAddress -- but you should rename it to Users.SupportEmailAddress")
98 if dst, b := &cluster.Users.SendUserSetupNotificationEmail, dcluster.Mail.SendUserSetupNotificationEmail; b != nil {
100 ldr.Logger.Warnf("using your old config key Mail.SendUserSetupNotificationEmail -- but you should rename it to Users.SendUserSetupNotificationEmail")
103 // Google* moved to Google.*
104 if dst, n := &cluster.Login.Google.ClientID, dcluster.Login.GoogleClientID; n != nil && *n != *dst {
107 // In old config, non-empty ClientID meant enable
108 cluster.Login.Google.Enable = true
111 if dst, n := &cluster.Login.Google.ClientSecret, dcluster.Login.GoogleClientSecret; n != nil && *n != *dst {
114 if dst, n := &cluster.Login.Google.AlternateEmailAddresses, dcluster.Login.GoogleAlternateEmailAddresses; n != nil && *n != *dst {
118 cfg.Clusters[id] = cluster
123 func (ldr *Loader) applyDeprecatedVolumeDriverParameters(cfg *arvados.Config) error {
124 for clusterID, cluster := range cfg.Clusters {
125 for volID, vol := range cluster.Volumes {
126 if vol.Driver == "S3" {
128 AccessKey string `json:",omitempty"`
129 SecretKey string `json:",omitempty"`
131 SecretAccessKey string
133 err := json.Unmarshal(vol.DriverParameters, ¶ms)
135 return fmt.Errorf("error loading %s.Volumes.%s.DriverParameters: %w", clusterID, volID, err)
137 if params.AccessKey != "" || params.SecretKey != "" {
138 if params.AccessKeyID != "" || params.SecretAccessKey != "" {
139 return fmt.Errorf("cannot use old keys (AccessKey/SecretKey) and new keys (AccessKeyID/SecretAccessKey) at the same time in %s.Volumes.%s.DriverParameters -- you must remove the old config keys", clusterID, volID)
141 var allparams map[string]interface{}
142 err = json.Unmarshal(vol.DriverParameters, &allparams)
144 return fmt.Errorf("error loading %s.Volumes.%s.DriverParameters: %w", clusterID, volID, err)
146 for k := range allparams {
147 if lk := strings.ToLower(k); lk == "accesskey" || lk == "secretkey" {
151 ldr.Logger.Warnf("using your old config keys %s.Volumes.%s.DriverParameters.AccessKey/SecretKey -- but you should rename them to AccessKeyID/SecretAccessKey", clusterID, volID)
152 allparams["AccessKeyID"] = params.AccessKey
153 allparams["SecretAccessKey"] = params.SecretKey
154 vol.DriverParameters, err = json.Marshal(allparams)
158 cluster.Volumes[volID] = vol
166 func applyDeprecatedNodeProfile(hostname string, ssi systemServiceInstance, svc *arvados.Service) {
171 if svc.InternalURLs == nil {
172 svc.InternalURLs = map[arvados.URL]arvados.ServiceInstance{}
178 if strings.HasPrefix(host, ":") {
179 host = hostname + host
181 svc.InternalURLs[arvados.URL{Scheme: scheme, Host: host, Path: "/"}] = arvados.ServiceInstance{}
184 func (ldr *Loader) loadOldConfigHelper(component, path string, target interface{}) error {
188 buf, err := ioutil.ReadFile(path)
193 ldr.Logger.Warnf("you should remove the legacy %v config file (%s) after migrating all config keys to the cluster configuration file (%s)", component, path, ldr.Path)
195 err = yaml.Unmarshal(buf, target)
197 return fmt.Errorf("%s: %s", path, err)
202 type oldCrunchDispatchSlurmConfig struct {
203 Client *arvados.Client
205 SbatchArguments *[]string
206 PollPeriod *arvados.Duration
207 PrioritySpread *int64
209 // crunch-run command to invoke. The container UUID will be
210 // appended. If nil, []string{"crunch-run"} will be used.
212 // Example: []string{"crunch-run", "--cgroup-parent-subsystem=memory"}
213 CrunchRunCommand *[]string
215 // Extra RAM to reserve (in Bytes) for SLURM job, in addition
216 // to the amount specified in the container's RuntimeConstraints
217 ReserveExtraRAM *int64
219 // Minimum time between two attempts to run the same container
220 MinRetryPeriod *arvados.Duration
222 // Batch size for container queries
226 const defaultCrunchDispatchSlurmConfigPath = "/etc/arvados/crunch-dispatch-slurm/crunch-dispatch-slurm.yml"
228 func loadOldClientConfig(cluster *arvados.Cluster, client *arvados.Client) {
232 if client.APIHost != "" {
233 cluster.Services.Controller.ExternalURL.Host = client.APIHost
234 cluster.Services.Controller.ExternalURL.Path = "/"
236 if client.Scheme != "" {
237 cluster.Services.Controller.ExternalURL.Scheme = client.Scheme
239 cluster.Services.Controller.ExternalURL.Scheme = "https"
241 if client.AuthToken != "" {
242 cluster.SystemRootToken = client.AuthToken
244 cluster.TLS.Insecure = client.Insecure
246 for i, u := range client.KeepServiceURIs {
252 cluster.Containers.SLURM.SbatchEnvironmentVariables = map[string]string{"ARVADOS_KEEP_SERVICES": ks}
255 // update config using values from an crunch-dispatch-slurm config file.
256 func (ldr *Loader) loadOldCrunchDispatchSlurmConfig(cfg *arvados.Config) error {
257 if ldr.CrunchDispatchSlurmPath == "" {
260 var oc oldCrunchDispatchSlurmConfig
261 err := ldr.loadOldConfigHelper("crunch-dispatch-slurm", ldr.CrunchDispatchSlurmPath, &oc)
262 if os.IsNotExist(err) && (ldr.CrunchDispatchSlurmPath == defaultCrunchDispatchSlurmConfigPath) {
264 } else if err != nil {
268 cluster, err := cfg.GetCluster("")
273 loadOldClientConfig(cluster, oc.Client)
275 if oc.SbatchArguments != nil {
276 cluster.Containers.SLURM.SbatchArgumentsList = *oc.SbatchArguments
278 if oc.PollPeriod != nil {
279 cluster.Containers.CloudVMs.PollInterval = *oc.PollPeriod
281 if oc.PrioritySpread != nil {
282 cluster.Containers.SLURM.PrioritySpread = *oc.PrioritySpread
284 if oc.CrunchRunCommand != nil {
285 if len(*oc.CrunchRunCommand) >= 1 {
286 cluster.Containers.CrunchRunCommand = (*oc.CrunchRunCommand)[0]
288 if len(*oc.CrunchRunCommand) >= 2 {
289 cluster.Containers.CrunchRunArgumentsList = (*oc.CrunchRunCommand)[1:]
292 if oc.ReserveExtraRAM != nil {
293 cluster.Containers.ReserveExtraRAM = arvados.ByteSize(*oc.ReserveExtraRAM)
295 if oc.MinRetryPeriod != nil {
296 cluster.Containers.MinRetryPeriod = *oc.MinRetryPeriod
298 if oc.BatchSize != nil {
299 cluster.API.MaxItemsPerResponse = int(*oc.BatchSize)
302 cfg.Clusters[cluster.ClusterID] = *cluster
306 type oldWsConfig struct {
307 Client *arvados.Client
308 Postgres *arvados.PostgreSQLConnection
314 PingTimeout *arvados.Duration
315 ClientEventQueue *int
316 ServerEventQueue *int
318 ManagementToken *string
321 const defaultWebsocketConfigPath = "/etc/arvados/ws/ws.yml"
323 // update config using values from an crunch-dispatch-slurm config file.
324 func (ldr *Loader) loadOldWebsocketConfig(cfg *arvados.Config) error {
325 if ldr.WebsocketPath == "" {
329 err := ldr.loadOldConfigHelper("arvados-ws", ldr.WebsocketPath, &oc)
330 if os.IsNotExist(err) && ldr.WebsocketPath == defaultWebsocketConfigPath {
332 } else if err != nil {
336 cluster, err := cfg.GetCluster("")
341 loadOldClientConfig(cluster, oc.Client)
343 if oc.Postgres != nil {
344 cluster.PostgreSQL.Connection = *oc.Postgres
346 if oc.PostgresPool != nil {
347 cluster.PostgreSQL.ConnectionPool = *oc.PostgresPool
349 if oc.Listen != nil {
350 cluster.Services.Websocket.InternalURLs[arvados.URL{Host: *oc.Listen, Path: "/"}] = arvados.ServiceInstance{}
352 if oc.LogLevel != nil {
353 cluster.SystemLogs.LogLevel = *oc.LogLevel
355 if oc.LogFormat != nil {
356 cluster.SystemLogs.Format = *oc.LogFormat
358 if oc.PingTimeout != nil {
359 cluster.API.SendTimeout = *oc.PingTimeout
361 if oc.ClientEventQueue != nil {
362 cluster.API.WebsocketClientEventQueue = *oc.ClientEventQueue
364 if oc.ServerEventQueue != nil {
365 cluster.API.WebsocketServerEventQueue = *oc.ServerEventQueue
367 if oc.ManagementToken != nil {
368 cluster.ManagementToken = *oc.ManagementToken
371 cfg.Clusters[cluster.ClusterID] = *cluster
375 type oldKeepProxyConfig struct {
376 Client *arvados.Client
381 Timeout *arvados.Duration
384 ManagementToken *string
387 const defaultKeepproxyConfigPath = "/etc/arvados/keepproxy/keepproxy.yml"
389 func (ldr *Loader) loadOldKeepproxyConfig(cfg *arvados.Config) error {
390 if ldr.KeepproxyPath == "" {
393 var oc oldKeepProxyConfig
394 err := ldr.loadOldConfigHelper("keepproxy", ldr.KeepproxyPath, &oc)
395 if os.IsNotExist(err) && ldr.KeepproxyPath == defaultKeepproxyConfigPath {
397 } else if err != nil {
401 cluster, err := cfg.GetCluster("")
406 loadOldClientConfig(cluster, oc.Client)
408 if oc.Listen != nil {
409 cluster.Services.Keepproxy.InternalURLs[arvados.URL{Host: *oc.Listen, Path: "/"}] = arvados.ServiceInstance{}
411 if oc.DefaultReplicas != nil {
412 cluster.Collections.DefaultReplication = *oc.DefaultReplicas
414 if oc.Timeout != nil {
415 cluster.API.KeepServiceRequestTimeout = *oc.Timeout
418 if *oc.Debug && cluster.SystemLogs.LogLevel != "debug" {
419 cluster.SystemLogs.LogLevel = "debug"
420 } else if !*oc.Debug && cluster.SystemLogs.LogLevel != "info" {
421 cluster.SystemLogs.LogLevel = "info"
424 if oc.ManagementToken != nil {
425 cluster.ManagementToken = *oc.ManagementToken
428 // The following legacy options are no longer supported. If they are set to
429 // true or PIDFile has a value, error out and notify the user
430 unsupportedEntry := func(cfgEntry string) error {
431 return fmt.Errorf("the keepproxy %s configuration option is no longer supported, please remove it from your configuration file", cfgEntry)
433 if oc.DisableGet != nil && *oc.DisableGet {
434 return unsupportedEntry("DisableGet")
436 if oc.DisablePut != nil && *oc.DisablePut {
437 return unsupportedEntry("DisablePut")
439 if oc.PIDFile != nil && *oc.PIDFile != "" {
440 return unsupportedEntry("PIDFile")
443 cfg.Clusters[cluster.ClusterID] = *cluster
447 const defaultKeepWebConfigPath = "/etc/arvados/keep-web/keep-web.yml"
449 type oldKeepWebConfig struct {
450 Client *arvados.Client
454 AnonymousTokens *[]string
455 AttachmentOnlyHost *string
456 TrustAllContent *bool
459 TTL *arvados.Duration
460 UUIDTTL *arvados.Duration
461 MaxCollectionEntries *int
462 MaxCollectionBytes *int64
466 // Hack to support old command line flag, which is a bool
467 // meaning "get actual token from environment".
468 deprecatedAllowAnonymous *bool
470 // Authorization token to be included in all health check requests.
471 ManagementToken *string
474 func (ldr *Loader) loadOldKeepWebConfig(cfg *arvados.Config) error {
475 if ldr.KeepWebPath == "" {
478 var oc oldKeepWebConfig
479 err := ldr.loadOldConfigHelper("keep-web", ldr.KeepWebPath, &oc)
480 if os.IsNotExist(err) && ldr.KeepWebPath == defaultKeepWebConfigPath {
482 } else if err != nil {
486 cluster, err := cfg.GetCluster("")
491 loadOldClientConfig(cluster, oc.Client)
493 if oc.Listen != nil {
494 cluster.Services.WebDAV.InternalURLs[arvados.URL{Host: *oc.Listen, Path: "/"}] = arvados.ServiceInstance{}
495 cluster.Services.WebDAVDownload.InternalURLs[arvados.URL{Host: *oc.Listen, Path: "/"}] = arvados.ServiceInstance{}
497 if oc.AttachmentOnlyHost != nil {
498 cluster.Services.WebDAVDownload.ExternalURL = arvados.URL{Host: *oc.AttachmentOnlyHost, Path: "/"}
500 if oc.ManagementToken != nil {
501 cluster.ManagementToken = *oc.ManagementToken
503 if oc.TrustAllContent != nil {
504 cluster.Collections.TrustAllContent = *oc.TrustAllContent
506 if oc.Cache.TTL != nil {
507 cluster.Collections.WebDAVCache.TTL = *oc.Cache.TTL
509 if oc.Cache.MaxCollectionBytes != nil {
510 cluster.Collections.WebDAVCache.MaxCollectionBytes = arvados.ByteSize(*oc.Cache.MaxCollectionBytes)
512 if oc.AnonymousTokens != nil {
513 if len(*oc.AnonymousTokens) > 0 {
514 cluster.Users.AnonymousUserToken = (*oc.AnonymousTokens)[0]
515 if len(*oc.AnonymousTokens) > 1 {
516 ldr.Logger.Warn("More than 1 anonymous tokens configured, using only the first and discarding the rest.")
521 cfg.Clusters[cluster.ClusterID] = *cluster
525 const defaultKeepBalanceConfigPath = "/etc/arvados/keep-balance/keep-balance.yml"
527 type oldKeepBalanceConfig struct {
528 Client *arvados.Client
530 KeepServiceTypes *[]string
531 KeepServiceList *arvados.KeepServiceList
532 RunPeriod *arvados.Duration
533 CollectionBatchSize *int
534 CollectionBuffers *int
535 RequestTimeout *arvados.Duration
536 LostBlocksFile *string
537 ManagementToken *string
540 func (ldr *Loader) loadOldKeepBalanceConfig(cfg *arvados.Config) error {
541 if ldr.KeepBalancePath == "" {
544 var oc oldKeepBalanceConfig
545 err := ldr.loadOldConfigHelper("keep-balance", ldr.KeepBalancePath, &oc)
546 if os.IsNotExist(err) && ldr.KeepBalancePath == defaultKeepBalanceConfigPath {
548 } else if err != nil {
552 cluster, err := cfg.GetCluster("")
557 loadOldClientConfig(cluster, oc.Client)
559 if oc.Listen != nil {
560 cluster.Services.Keepbalance.InternalURLs[arvados.URL{Host: *oc.Listen}] = arvados.ServiceInstance{}
562 if oc.ManagementToken != nil {
563 cluster.ManagementToken = *oc.ManagementToken
565 if oc.RunPeriod != nil {
566 cluster.Collections.BalancePeriod = *oc.RunPeriod
568 if oc.LostBlocksFile != nil {
569 cluster.Collections.BlobMissingReport = *oc.LostBlocksFile
571 if oc.CollectionBatchSize != nil {
572 cluster.Collections.BalanceCollectionBatch = *oc.CollectionBatchSize
574 if oc.CollectionBuffers != nil {
575 cluster.Collections.BalanceCollectionBuffers = *oc.CollectionBuffers
577 if oc.RequestTimeout != nil {
578 cluster.API.KeepServiceRequestTimeout = *oc.RequestTimeout
581 msg := "The %s configuration option is no longer supported. Please remove it from your configuration file. See the keep-balance upgrade notes at https://doc.arvados.org/admin/upgrading.html for more details."
583 // If the keep service type provided is "disk" silently ignore it, since
584 // this is what ends up being done anyway.
585 if oc.KeepServiceTypes != nil {
586 numTypes := len(*oc.KeepServiceTypes)
587 if numTypes != 0 && !(numTypes == 1 && (*oc.KeepServiceTypes)[0] == "disk") {
588 return fmt.Errorf(msg, "KeepServiceTypes")
592 if oc.KeepServiceList != nil {
593 return fmt.Errorf(msg, "KeepServiceList")
596 cfg.Clusters[cluster.ClusterID] = *cluster
600 func (ldr *Loader) loadOldEnvironmentVariables(cfg *arvados.Config) error {
601 if os.Getenv("ARVADOS_API_TOKEN") == "" && os.Getenv("ARVADOS_API_HOST") == "" {
604 cluster, err := cfg.GetCluster("")
608 if tok := os.Getenv("ARVADOS_API_TOKEN"); tok != "" && cluster.SystemRootToken == "" {
609 ldr.Logger.Warn("SystemRootToken missing from cluster config, falling back to ARVADOS_API_TOKEN environment variable")
610 cluster.SystemRootToken = tok
612 if apihost := os.Getenv("ARVADOS_API_HOST"); apihost != "" && cluster.Services.Controller.ExternalURL.Host == "" {
613 ldr.Logger.Warn("Services.Controller.ExternalURL missing from cluster config, falling back to ARVADOS_API_HOST(_INSECURE) environment variables")
614 u, err := url.Parse("https://" + apihost)
616 return fmt.Errorf("cannot parse ARVADOS_API_HOST: %s", err)
618 cluster.Services.Controller.ExternalURL = arvados.URL(*u)
619 if i := os.Getenv("ARVADOS_API_HOST_INSECURE"); i != "" && i != "0" {
620 cluster.TLS.Insecure = true
623 cfg.Clusters[cluster.ClusterID] = *cluster
projects / arvados.git / blob