tools/salt-install/config_examples/multi_host/aws/pillars/arvados.sls

   1 # -*- coding: utf-8 -*-
   2 # vim: ft=yaml
   3 ---
   4 # Copyright (C) The Arvados Authors. All rights reserved.
   5 #
   6 # SPDX-License-Identifier: AGPL-3.0
   7
   8 # The variables commented out are the default values that the formula uses.
   9 # The uncommented values are REQUIRED values. If you don't set them, running
  10 # this formula will fail.
  11 arvados:
  12   ### GENERAL CONFIG
  13   version: '__VERSION__'
  14   ## It makes little sense to disable this flag, but you can, if you want :)
  15   # use_upstream_repo: true
  16
  17   ## Repo URL is built with grains values. If desired, it can be completely
  18   ## overwritten with the pillar parameter 'repo_url'
  19   # repo:
  20   #   humanname: Arvados Official Repository
  21
  22   release: __RELEASE__
  23
  24   ## IMPORTANT!!!!!
  25   ## api, workbench and shell require some gems, so you need to make sure ruby
  26   ## and deps are installed in order to install and compile the gems.
  27   ## We default to `false` in these two variables as it's expected you already
  28   ## manage OS packages with some other tool and you don't want us messing up
  29   ## with your setup.
  30   ruby:
  31     ## We set these to `true` here for testing purposes.
  32     ## They both default to `false`.
  33     manage_ruby: true
  34     manage_gems_deps: true
  35     # pkg: ruby
  36     # gems_deps:
  37     #     - curl
  38     #     - g++
  39     #     - gcc
  40     #     - git
  41     #     - libcurl4
  42     #     - libcurl4-gnutls-dev
  43     #     - libpq-dev
  44     #     - libxml2
  45     #     - libxml2-dev
  46     #     - make
  47     #     - python3-dev
  48     #     - ruby-dev
  49     #     - zlib1g-dev
  50
  51   # config:
  52   #   file: /etc/arvados/config.yml
  53   #   user: root
  54   ## IMPORTANT!!!!!
  55   ## If you're intalling any of the rails apps (api, workbench), the group
  56   ## should be set to that of the web server, usually `www-data`
  57   #   group: root
  58   #   mode: 640
  59   dispatcher:
  60     pkg:
  61       name: arvados-dispatch-cloud
  62     service:
  63       name: arvados-dispatch-cloud
  64
  65   ### ARVADOS CLUSTER CONFIG
  66   cluster:
  67     name: __CLUSTER__
  68     domain: __DOMAIN__
  69
  70     database:
  71       # max concurrent connections per arvados server daemon
  72       # connection_pool_max: 32
  73       name: __CLUSTER___arvados
  74       host: __DATABASE_INT_IP__
  75       password: "__DATABASE_PASSWORD__"
  76       user: __CLUSTER___arvados
  77       extra_conn_params:
  78         client_encoding: UTF8
  79       # Centos7 does not enable SSL by default, so we disable
  80       # it here just for testing of the formula purposes only.
  81       # You should not do this in production, and should
  82       # configure Postgres certificates correctly
  83       {%- if grains.os_family in ('RedHat',) %}
  84         sslmode: disable
  85       {%- endif %}
  86
  87     tls:
  88       # certificate: ''
  89       # key: ''
  90       # When using arvados-snakeoil certs set insecure: true
  91       insecure: false
  92
  93     resources:
  94       virtual_machines:
  95         shell:
  96           name: shell.__CLUSTER__.__DOMAIN__
  97           backend: __SHELL_INT_IP__
  98           port: 4200
  99
 100     ### TOKENS
 101     tokens:
 102       system_root: __SYSTEM_ROOT_TOKEN__
 103       management: __MANAGEMENT_TOKEN__
 104       anonymous_user: __ANONYMOUS_USER_TOKEN__
 105
 106     ### KEYS
 107     secrets:
 108       blob_signing_key: __BLOB_SIGNING_KEY__
 109       workbench_secret_key: __WORKBENCH_SECRET_KEY__
 110
 111     Login:
 112       Test:
 113         Enable: true
 114         Users:
 115           __INITIAL_USER__:
 116             Email: __INITIAL_USER_EMAIL__
 117             Password: __INITIAL_USER_PASSWORD__
 118
 119     ### CONTAINERS
 120     Containers:
 121       MaxRetryAttempts: 10
 122       CloudVMs:
 123         ResourceTags:
 124           Name: __CLUSTER__-compute-node
 125         BootProbeCommand: 'systemctl is-system-running'
 126         ImageID: ami-FIXMEFIXMEFIXMEFI
 127         Driver: ec2
 128         DriverParameters:
 129           Region: FIXME
 130           EBSVolumeType: gp3
 131           AdminUsername: FIXME
 132           ### This SG should allow SSH from the dispatcher to the compute nodes
 133           SecurityGroupIDs: ['sg-FIXMEFIXMEFIXMEFI']
 134           SubnetID: subnet-FIXMEFIXMEFIXMEFI
 135           IAMInstanceProfile: __CLUSTER__-keepstore-00-iam-role
 136       DispatchPrivateKey: |
 137         -----BEGIN OPENSSH PRIVATE KEY-----
 138         Read https://doc.arvados.org/install/crunch2-cloud/install-compute-node.html#sshkeypair
 139         for details on how to create this key.
 140         FIXMEFIXMEFIXMEFI
 141         -----END OPENSSH PRIVATE KEY-----
 142
 143     ### VOLUMES
 144     ## This should usually match all your `keepstore` instances
 145     Volumes:
 146       # the volume name will be composed with
 147       # <cluster>-nyw5e-<volume>
 148       __CLUSTER__-nyw5e-000000000000000:
 149         Replication: 2
 150         Driver: S3
 151         DriverParameters:
 152           UseAWSS3v2Driver: true
 153           Bucket: __CLUSTER__-nyw5e-000000000000000-volume
 154           IAMRole: __CLUSTER__-keepstore-00-iam-role
 155           Region: FIXME
 156
 157     Users:
 158       NewUsersAreActive: true
 159       AutoAdminFirstUser: true
 160       AutoSetupNewUsers: true
 161       AutoSetupNewUsersWithRepository: true
 162
 163     Services:
 164       Controller:
 165         ExternalURL: 'https://__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
 166         InternalURLs:
 167           'http://localhost:8003': {}
 168       DispatchCloud:
 169         InternalURLs:
 170           'http://__CONTROLLER_INT_IP__:9006': {}
 171       Keepbalance:
 172         InternalURLs:
 173           'http://localhost:9005': {}
 174       Keepproxy:
 175         ExternalURL: 'https://keep.__CLUSTER__.__DOMAIN__:__KEEP_EXT_SSL_PORT__'
 176         InternalURLs:
 177           'http://localhost:25107': {}
 178       Keepstore:
 179         InternalURLs:
 180           'http://__KEEPSTORE0_INT_IP__:25107': {}
 181           'http://__KEEPSTORE1_INT_IP__:25107': {}
 182       RailsAPI:
 183         InternalURLs:
 184           'http://localhost:8004': {}
 185       WebDAV:
 186         ExternalURL: 'https://*.collections.__CLUSTER__.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__/'
 187         InternalURLs:
 188           'http://localhost:9002': {}
 189       WebDAVDownload:
 190         ExternalURL: 'https://download.__CLUSTER__.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__'
 191       WebShell:
 192         ExternalURL: 'https://webshell.__CLUSTER__.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__'
 193       Websocket:
 194         ExternalURL: 'wss://ws.__CLUSTER__.__DOMAIN__/websocket'
 195         InternalURLs:
 196           'http://localhost:8005': {}
 197       Workbench1:
 198         ExternalURL: 'https://workbench.__CLUSTER__.__DOMAIN__:__WORKBENCH1_EXT_SSL_PORT__'
 199       Workbench2:
 200         ExternalURL: 'https://workbench2.__CLUSTER__.__DOMAIN__:__WORKBENCH2_EXT_SSL_PORT__'
 201
 202     InstanceTypes:
 203       t3small:
 204         ProviderType: t3.small
 205         VCPUs: 2
 206         RAM: 2GiB
 207         AddedScratch: 50GB
 208         Price: 0.0208
 209       c5large:
 210         ProviderType: c5.large
 211         VCPUs: 2
 212         RAM: 4GiB
 213         AddedScratch: 50GB
 214         Price: 0.085
 215       m5large:
 216         ProviderType: m5.large
 217         VCPUs: 2
 218         RAM: 8GiB
 219         AddedScratch: 50GB
 220         Price: 0.096
 221       c5xlarge:
 222         ProviderType: c5.xlarge
 223         VCPUs: 4
 224         RAM: 8GiB
 225         AddedScratch: 100GB
 226         Price: 0.17
 227       m5xlarge:
 228         ProviderType: m5.xlarge
 229         VCPUs: 4
 230         RAM: 16GiB
 231         AddedScratch: 100GB
 232         Price: 0.192
 233       m5xlarge_extradisk:
 234         ProviderType: m5.xlarge
 235         VCPUs: 4
 236         RAM: 16GiB
 237         AddedScratch: 400GB
 238         Price: 0.193
 239       c52xlarge:
 240         ProviderType: c5.2xlarge
 241         VCPUs: 8
 242         RAM: 16GiB
 243         AddedScratch: 200GB
 244         Price: 0.34
 245       m52xlarge:
 246         ProviderType: m5.2xlarge
 247         VCPUs: 8
 248         RAM: 32GiB
 249         AddedScratch: 200GB
 250         Price: 0.384
 251       c54xlarge:
 252         ProviderType: c5.4xlarge
 253         VCPUs: 16
 254         RAM: 32GiB
 255         AddedScratch: 400GB
 256         Price: 0.68
 257       m54xlarge:
 258         ProviderType: m5.4xlarge
 259         VCPUs: 16
 260         RAM: 64GiB
 261         AddedScratch: 400GB
 262         Price: 0.768