3 navsection: installguide
4 title: Planning and prerequisites
7 Copyright (C) The Arvados Authors. All rights reserved.
9 SPDX-License-Identifier: CC-BY-SA-3.0
12 Before attempting installation, you should begin by reviewing supported platforms, choosing backends for identity, storage, and scheduling, and decide how you will distribute Arvados services onto machines. You should also choose an Arvados Cluster ID, choose your hostnames, and aquire TLS certificates. It may be helpful to make notes as you go along using one of these worksheets: "New cluster checklist for AWS":new_cluster_checklist_AWS.xlsx - "New cluster checklist for Azure":new_cluster_checklist_Azure.xlsx - "New cluster checklist for on premises Slurm":new_cluster_checklist_slurm.xlsx
14 The installation guide describes how to set up a basic standalone Arvados instance. Additional configuration for features including "federation,":{{site.baseurl}}/admin/federation.html "collection versioning,":{{site.baseurl}}/admin/collection-versioning.html "managed properties,":{{site.baseurl}}/admin/collection-managed-properties.html and "storage classes":{{site.baseurl}}/admin/collection-managed-properties.html are described in the "Admin guide.":{{site.baseurl}}/admin
16 The Arvados storage subsystem is called "keep". The compute subsystem is called "crunch".
18 # "Supported GNU/Linux distributions":#supportedlinux
19 # "Choosing which components to install":#components
20 # "Identity provider":#identity
21 # "Storage backend (Keep)":#storage
22 # "Container compute scheduler (Crunch)":#scheduler
23 # "Hardware or virtual machines":#machines
24 # "Arvados Cluster ID":#clusterid
25 # "DNS and TLS":#dnstls
27 h2(#supportedlinux). Supported GNU/Linux distributions
29 table(table table-bordered table-condensed).
30 |_. Distribution|_. State|_. Last supported version|
31 |CentOS 7|Supported|Latest|
32 |Debian 10 ("buster")|Supported|Latest|
33 |Ubuntu 20.04 ("focal")|Supported|Latest|
34 |Ubuntu 18.04 ("bionic")|Supported|Latest|
35 |Ubuntu 16.04 ("xenial")|EOL|2.1.2|
36 |Debian 9 ("stretch")|EOL|2.1.2|
37 |Debian 8 ("jessie")|EOL|1.4.3|
38 |Ubuntu 14.04 ("trusty")|EOL|1.4.3|
39 |Ubuntu 12.04 ("precise")|EOL|8ed7b6dd5d4df93a3f37096afe6d6f81c2a7ef6e (2017-05-03)|
40 |Debian 7 ("wheezy")|EOL|997479d1408139e96ecdb42a60b4f727f814f6c9 (2016-12-28)|
41 |CentOS 6 |EOL|997479d1408139e96ecdb42a60b4f727f814f6c9 (2016-12-28)|
43 Arvados packages are published for current Debian releases (until the EOL date), current Ubuntu LTS releases (until the end of standard support), and the latest version of CentOS.
45 h2(#components). Choosing which components to install
47 Arvados consists of many components, some of which may be omitted (at the cost of reduced functionality.) It may also be helpful to review the "Arvados Architecture":{{site.baseurl}}/architecture to understand how these components interact.
49 table(table table-bordered table-condensed).
51 |"PostgreSQL database":install-postgresql.html |Stores data for the API server.|Required.|
52 |"API server":install-api-server.html |Core Arvados logic for managing users, groups, collections, containers, and enforcing permissions.|Required.|
53 |\3=. *Keep (storage)*|
54 |"Keepstore":install-keepstore.html |Stores content-addressed blocks in a variety of backends (local filesystem, cloud object storage).|Required.|
55 |"Keepproxy":install-keepproxy.html |Gateway service to access keep servers from external networks.|Required to be able to use arv-put, arv-get, or arv-mount outside the private Arvados network.|
56 |"Keep-web":install-keep-web.html |Gateway service providing read/write HTTP and WebDAV support on top of Keep.|Required to access files from Workbench.|
57 |"Keep-balance":install-keep-balance.html |Storage cluster maintenance daemon responsible for moving blocks to their optimal server location, adjusting block replication levels, and trashing unreferenced blocks.|Required to free deleted data from underlying storage, and to ensure proper replication and block distribution (including support for storage classes).|
58 |\3=. *User interface*|
59 |"Workbench":install-workbench-app.html, "Workbench2":install-workbench2-app.html |Primary graphical user interface for working with file collections and running containers.|Optional. Depends on API server, keep-web, websockets server.|
60 |"Workflow Composer":install-composer.html |Graphical user interface for editing Common Workflow Language workflows.|Optional. Depends on git server (arv-git-httpd).|
61 |\3=. *Additional services*|
62 |"Websockets server":install-ws.html |Event distribution server.|Required to view streaming container logs in Workbench.|
63 |"Shell server":install-shell-server.html |Synchronize (create/delete/configure) Unix shell accounts with Arvados users.|Optional.|
64 |"Git server":install-arv-git-httpd.html |Arvados-hosted git repositories, with Arvados-token based authentication.|Optional, but required by Workflow Composer.|
65 |\3=. *Crunch (running containers)*|
66 |"arvados-dispatch-cloud":crunch2-cloud/install-dispatch-cloud.html |Allocate and free cloud VM instances on demand based on workload.|Optional, not needed for a static Slurm cluster such as on-premises HPC.|
67 |"crunch-dispatch-slurm":crunch2-slurm/install-dispatch.html |Run analysis workflows using Docker containers distributed across a Slurm cluster.|Optional, not needed for a Cloud installation, or if you wish to use Arvados for data management only.|
69 h2(#identity). Identity provider
71 Choose which backend you will use to authenticate users.
73 * Google login to authenticate users with a Google account.
74 * OpenID Connect (OIDC) if you have Single-Sign-On (SSO) service that supports the OpenID Connect standard.
75 * LDAP login to authenticate users by username/password using the LDAP protocol, supported by many services such as OpenLDAP and Active Directory.
76 * PAM login to authenticate users by username/password according to the PAM configuration on the controller node.
78 h2(#postgresql). PostgreSQL
80 Arvados works well with a standalone PostgreSQL installation. When deploying on AWS, Aurora RDS also works but Aurora Serverless is not recommended.
82 h2(#storage). Storage backend
84 Choose which backend you will use for storing and retrieving content-addressed Keep blocks.
86 * File systems storage, such as ext4 or xfs, or network file systems such as GPFS or Lustre
87 * Amazon S3, or other object storage that supports the S3 API including Google Cloud Storage and Ceph.
90 You should also determine the desired replication factor for your data. A replication factor of 1 means only a single copy of a given data block is kept. With a conventional file system backend and a replication factor of 1, a hard drive failure is likely to lose data. For this reason the default replication factor is 2 (two copies are kept).
92 A backend may have its own replication factor (such as durability guarantees of cloud buckets) and Arvados will take this into account when writing a new data block.
94 h2(#scheduler). Container compute scheduler
96 Choose which backend you will use to schedule computation.
98 * On AWS EC2 and Azure, you probably want to use @arvados-dispatch-cloud@ to manage the full lifecycle of cloud compute nodes: starting up nodes sized to the container request, executing containers on those nodes, and shutting nodes down when no longer needed.
99 * For on-premise HPC clusters using "slurm":https://slurm.schedmd.com/ use @crunch-dispatch-slurm@ to execute containers with slurm job submissions.
100 * For single node demos, use @crunch-dispatch-local@ to execute containers directly.
102 h2(#machines). Hardware (or virtual machines)
104 Choose how to allocate Arvados services to machines. We recommend that each machine start with a clean installation of a supported GNU/Linux distribution.
106 For a production installation, this is a reasonable starting point:
108 <div class="offset1">
109 table(table table-bordered table-condensed).
110 |_. Function|_. Number of nodes|_. Recommended specs|
111 |PostgreSQL database, Arvados API server, Arvados controller, Git, Websockets, Container dispatcher|1|16+ GiB RAM, 4+ cores, fast disk for database|
112 |Workbench, Keepproxy, Keep-web, Keep-balance|1|8 GiB RAM, 2+ cores|
113 |Keepstore servers ^1^|2+|4 GiB RAM|
114 |Compute worker nodes ^1^|0+ |Depends on workload; scaled dynamically in the cloud|
115 |User shell nodes ^2^|0+|Depends on workload|
118 ^1^ Should be scaled up as needed
119 ^2^ Refers to shell nodes managed by Arvados, that provide ssh access for users to interact with Arvados at the command line. Optional.
121 {% include 'notebox_begin' %}
122 For a small demo installation, it is possible to run all the Arvados services on a single node. Special considerations for single-node installs will be noted in boxes like this.
123 {% include 'notebox_end' %}
125 h2(#clusterid). Arvados Cluster ID
127 Each Arvados installation is identified by a cluster identifier, which is a unique 5-character lowercase alphanumeric string. There are 36 5 = 60466176 possible cluster identifiers.
129 * For automated test purposes, use “z****”
130 * For experimental/local-only/private clusters that won’t ever be visible on the public Internet, use “x****”
131 * For long-lived clusters, we recommend reserving a cluster id. Contact "info@curii.com":mailto:info@curii.com for more information.
133 Here is one way to make a random 5-character string:
136 <pre><code>~$ <span class="userinput">tr -dc 0-9a-z </dev/urandom | head -c5; echo</span>
140 You may also use a different method to pick the cluster identifier. The cluster identifier will be part of the hostname of the services in your Arvados cluster. The rest of this documentation will refer to it as your @ClusterID@. Whenever @ClusterID@ appears in a configuration example, replace it with your five-character cluster identifier.
142 h2(#dnstls). DNS entries and TLS certificates
144 The following services are normally public-facing and require DNS entries and corresponding TLS certificates. Get certificates from your preferred TLS certificate provider. We recommend using "Let's Encrypt":https://letsencrypt.org/. You can run several services on same node, but each distinct hostname requires its own TLS certificate.
146 This guide uses the following hostname conventions. A later part of this guide will describe how to set up Nginx virtual hosts.
148 <div class="offset1">
149 table(table table-bordered table-condensed).
150 |_. Function|_. Hostname|
151 |Arvados API|@ClusterID.example.com@|
152 |Arvados Git server|git.@ClusterID.example.com@|
153 |Arvados Websockets endpoint|ws.@ClusterID.example.com@|
154 |Arvados Workbench|workbench.@ClusterID.example.com@|
155 |Arvados Workbench 2|workbench2.@ClusterID.example.com@|
156 |Arvados Keepproxy server|keep.@ClusterID.example.com@|
157 |Arvados Keep-web server|download.@ClusterID.example.com@
159 *.collections.@ClusterID.example.com@ or
160 *<notextile>--</notextile>collections.@ClusterID.example.com@ or
161 collections.@ClusterID.example.com@ (see the "keep-web install docs":install-keep-web.html)|
164 {% include 'notebox_begin' %}
165 It is also possible to create your own certificate authority, issue server certificates, and install a custom root certificate in the browser. This is out of scope for this guide.
166 {% include 'notebox_end' %}
projects / arvados.git / blob