SPDX-License-Identifier: CC-BY-SA-3.0
{% endcomment %}
+{% include 'notebox_begin_warning' %}
+arvados-dispatch-cloud is only relevant for cloud installations. Skip this section if you are installing a on premise cluster that will spool jobs to Slurm.
+{% include 'notebox_end' %}
+
# "Introduction":#introduction
# "Create compute node VM image":#create-image
# "Update config.yml":#update-config
The cloud dispatch service can run on any node that can connect to the Arvados API service, the cloud provider's API, and the SSH service on cloud VMs. It is not resource-intensive, so you can run it on the API server node.
-*Only one dispatch process should be running at a time.* If you are migrating a system that currently runs @crunch-dispatch-slurm@, it is safest to remove the @crunch-dispatch-slurm@ service entirely before installing @arvados-dispatch-cloud@.
-
-<notextile>
-<pre><code>~$ <span class="userinput">sudo systemctl --now disable crunch-dispatch-slurm</span>
-~$ <span class="userinput">sudo apt-get remove crunch-dispatch-slurm</span>
-</code></pre>
-</notextile>
-
h2(#create-image). Create compute node VM image
Create a VM image following the steps "to set up a compute node":crunch2-slurm/install-compute-node.html
+On the compute VM image, add the API server's internal IP address to @/etc/hosts@, this will ensure that it contacts the API server on the private network and not through the public interface. For example:
+
+<notextile><pre><code>10.20.30.40 <span class="userinput">ClusterID.example.com</span>
+</code></pre></notextile>
+
h2(#update-config). Update config.yml
h3. Create a private key
h3. Configure CloudVMs
-Add or update the following portions of your cluster configuration file, @/etc/arvados/config.yml@. Refer to "config.defaults.yml":{{site.baseurl}}/admin/config.html for information about additional configuration options.
+Add or update the following portions of your cluster configuration file, @config.yml@. Refer to "config.defaults.yml":{{site.baseurl}}/admin/config.html for information about additional configuration options.
<notextile>
<pre><code> Services:
</code></pre>
</notextile>
-Minimal configuration example for Amazon EC2:
+h4. Minimal configuration example for Amazon EC2
<notextile>
<pre><code> Containers:
ImageID: ami-01234567890abcdef
Driver: ec2
DriverParameters:
- AccessKeyID: EALMF21BJC7MKNF9FVVR
- SecretAccessKey: yKJAPmoCQOMtYWzEUQ1tKTyrocTcbH60CRvGP3pM
+ AccessKeyID: XXXXXXXXXXXXXXXXXXXX
+ SecretAccessKey: YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY
SecurityGroupIDs:
- sg-0123abcd
SubnetID: subnet-0123abcd
Region: us-east-1
EBSVolumeType: gp2
- AdminUsername: debian
+ AdminUsername: arvados
</code></pre>
</notextile>
-Minimal configuration example for Azure:
+h4. Minimal configuration example for Azure
<notextile>
<pre><code> Containers:
DriverParameters:
SubscriptionID: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
ClientID: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
- ClientSecret: 2WyXt0XFbEtutnf2hp528t6Wk9S5bOHWkRaaWwavKQo=
+ ClientSecret: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
TenantID: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
CloudEnvironment: AzurePublicCloud
ResourceGroup: zzzzz
</code></pre>
</notextile>
+Get the @SubscriptionID@ and @TenantID@:
+
+<pre>
+$ az account list
+[
+ {
+ "cloudName": "AzureCloud",
+ "id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXX",
+ "isDefault": true,
+ "name": "Your Subscription",
+ "state": "Enabled",
+ "tenantId": "YYYYYYYY-YYYY-YYYY-YYYYYYYY",
+ "user": {
+ "name": "you@example.com",
+ "type": "user"
+ }
+ }
+]
+</pre>
+
+You will need to create a "service principal" to use as a delegated authority for API access.
+
+<notextile><pre><code>$ az ad app create --display-name "Arvados Dispatch Cloud (<span class="userinput">ClusterID</span>)" --homepage "https://arvados.org" --identifier-uris "https://<span class="userinput">ClusterID.example.com</span>" --end-date 2299-12-31 --password <span class="userinput">Your_Password</span>
+$ az ad sp create "<span class="userinput">appId</span>"
+(appId is part of the response of the previous command)
+$ az role assignment create --assignee "<span class="userinput">objectId</span>" --role Owner --scope /subscriptions/{subscriptionId}/
+(objectId is part of the response of the previous command)
+</code></pre></notextile>
+
+Now update your @config.yml@ file:
+
+@ClientID@ is the 'appId' value.
+
+@ClientSecret@ is what was provided as <span class="userinput">Your_Password</span>.
+
h3. Test your configuration
Run the @cloudtest@ tool to verify that your configuration works. This creates a new cloud VM, confirms that it boots correctly and accepts your configured SSH private key, and shuts it down.
},
"runtime_constraints": {
"vcpus": 1,
- "ram": 8388608
+ "ram": 1048576
}
}'</span>
</code></pre>
projects / arvados.git / blobdiff