Services:
- # In each of the service sections below, the keys under
- # InternalURLs are the endpoints where the service should be
- # listening, and reachable from other hosts in the
- # cluster. Example:
+ # Each of the service sections below specifies ListenAddress,
+ # InternalURLs, and ExternalURL.
+ #
+ # InternalURLs specify how other Arvados service processes will
+ # connect to the service. Typically these use internal hostnames
+ # and high port numbers. Example:
#
# InternalURLs:
- # "http://host1.example:12345": {}
- # "http://host2.example:12345": {}
+ # "http://host1.internal.example:12345": {}
+ # "http://host2.internal.example:12345": {}
+ #
+ # ListenAddress specifies the address and port the service
+ # process's HTTP server should listen on. Example:
+ #
+ # ListenAddress: "0.0.0.0:12345"
+ #
+ # If ListenAddress is blank, the service will try listening on
+ # the host:port part of each InternalURLs entry until one
+ # works. This approach only works if the host names resolve (via
+ # /etc/hosts, DNS, etc) to the IP addresses of the host's
+ # network interfaces.
+ #
+ # ExternalURL specifies how applications/clients will connect to
+ # the service, regardless of whether they are inside or outside
+ # the cluster. Example:
+ #
+ # ExternalURL: "https://keep.zzzzz.example.com/"
+ #
+ # To avoid routing internal traffic through external networks,
+ # use split-horizon DNS for ExternalURL host names: inside the
+ # cluster's private network "host.zzzzz.example.com" resolves to
+ # the host's private IP address, while outside the cluster
+ # "host.zzzzz.example.com" resolves to the host's public IP
+ # address (or its external gateway or load balancer).
RailsAPI:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
Controller:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
Websocket:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
Keepbalance:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
GitHTTP:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
GitSSH:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
DispatchCloud:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
DispatchLSF:
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
+ DispatchSLURM:
+ InternalURLs: {SAMPLE: {}}
+ ExternalURL: ""
Keepproxy:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
WebDAV:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
# Base URL for Workbench inline preview. If blank, use
# WebDAVDownload instead, and disable inline preview.
ExternalURL: ""
WebDAVDownload:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
# Base URL for download links. If blank, serve links to WebDAV
# with disposition=attachment query param. Unlike preview links,
ExternalURL: ""
Keepstore:
+ ListenAddress: ""
InternalURLs:
SAMPLE:
# Rendezvous is normally empty/omitted. When changing the
Rendezvous: ""
ExternalURL: ""
Composer:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
WebShell:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
# ShellInABox service endpoint URL for a given VM. If empty, do not
# offer web shell logins.
# https://*.webshell.uuid_prefix.arvadosapi.com
ExternalURL: ""
Workbench1:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
Workbench2:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
Health:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
# https://doc.arvados.org/admin/metadata-vocabulary.html
VocabularyPath: ""
+ # If true, a project must have a non-empty description field in
+ # order to be frozen.
+ FreezeProjectRequiresDescription: false
+
+ # Project properties that must have non-empty values in order to
+ # freeze a project. Example: "property_name": {}
+ FreezeProjectRequiresProperties:
+ SAMPLE: {}
+
+ # If true, only an admin user can un-freeze a project. If false,
+ # any user with "manage" permission can un-freeze.
+ UnfreezeProjectRequiresAdmin: false
+
Users:
# Config parameters to automatically setup new users. If enabled,
# this users will be able to self-activate. Enable this if you want
# If false, containers are scheduled on preemptible instances
# only when requested by the submitter.
#
- # Note that arvados-cwl-runner does not currently offer a
- # feature to request preemptible instances, so this value
- # effectively acts as a cluster-wide decision about whether to
- # use preemptible instances.
- #
# This flag is ignored if no preemptible instance types are
# configured, and has no effect on top-level containers.
- AlwaysUsePreemptibleInstances: true
+ AlwaysUsePreemptibleInstances: false
+
+ # Automatically add a preemptible variant for every
+ # non-preemptible entry in InstanceTypes below. The maximum bid
+ # price for the preemptible variant will be the non-preemptible
+ # price multiplied by PreemptiblePriceFactor. If 0, preemptible
+ # variants are not added automatically.
+ #
+ # A price factor of 1.0 is a reasonable starting point.
+ PreemptiblePriceFactor: 0
# PEM encoded SSH key (RSA, DSA, or ECDSA) used by the
# cloud dispatcher for executing containers on worker VMs.
# A zero value disables this feature.
#
# In order for this feature to be activated, no volume may use
- # AccessViaHosts, and each volume must have Replication higher
- # than Collections.DefaultReplication. If these requirements are
- # not satisfied, the feature is disabled automatically
- # regardless of the value given here.
+ # AccessViaHosts, and no writable volume may have Replication
+ # lower than Collections.DefaultReplication. If these
+ # requirements are not satisfied, the feature is disabled
+ # automatically regardless of the value given here.
#
- # Note that when this configuration is enabled, the entire
- # cluster configuration file, including the system root token,
- # is copied to the worker node and held in memory for the
- # duration of the container.
+ # When an HPC dispatcher is in use (see SLURM and LSF sections),
+ # this feature depends on the operator to ensure an up-to-date
+ # cluster configuration file (/etc/arvados/config.yml) is
+ # available on all compute nodes. If it is missing or not
+ # readable by the crunch-run user, the feature will be disabled
+ # automatically. To read it from a different location, add a
+ # "-config=/path/to/config.yml" argument to
+ # CrunchRunArgumentsList above.
+ #
+ # When the cloud dispatcher is in use (see CloudVMs section) and
+ # this configuration is enabled, the entire cluster
+ # configuration file, including the system root token, is copied
+ # to the worker node and held in memory for the duration of the
+ # container.
LocalKeepBlobBuffersPerVCPU: 1
# When running a dedicated keepstore process for a container
# need to be detected and cleaned up manually.
TagKeyPrefix: Arvados
- # Cloud driver: "azure" (Microsoft Azure) or "ec2" (Amazon AWS).
+ # Cloud driver: "azure" (Microsoft Azure), "ec2" (Amazon AWS),
+ # or "loopback" (run containers on dispatch host for testing
+ # purposes).
Driver: ec2
# Cloud-specific driver parameters.
ShowUserAgreementInline: false
SecretKeyBase: ""
+ # Set this configuration to true to avoid providing an easy way for users
+ # to share data with unauthenticated users; this may be necessary on
+ # installations where strict data access controls are needed.
+ DisableSharingURLsUI: false
+
# Scratch directory used by the remote repository browsing
# feature. If it doesn't exist, it (and any missing parents) will be
# created using mkdir_p.
projects / arvados.git / blobdiff