-# -*- coding: utf-8 -*-
-# vim: ft=yaml
---
# Copyright (C) The Arvados Authors. All rights reserved.
#
host: __DATABASE_INT_IP__
password: "__DATABASE_PASSWORD__"
user: __CLUSTER___arvados
- extra_conn_params:
- client_encoding: UTF8
- # Centos7 does not enable SSL by default, so we disable
- # it here just for testing of the formula purposes only.
- # You should not do this in production, and should
- # configure Postgres certificates correctly
- {%- if grains.os_family in ('RedHat',) %}
- sslmode: disable
- {%- endif %}
+ encoding: en_US.utf8
+ client_encoding: UTF8
tls:
# certificate: ''
# key: ''
- # When using arvados-snakeoil certs set insecure: true
- insecure: true
+ # required to test with arvados-snakeoil certs
+ insecure: false
resources:
virtual_machines:
shell:
- name: shell
+ name: shell.__DOMAIN__
backend: __SHELL_INT_IP__
port: 4200
Email: __INITIAL_USER_EMAIL__
Password: __INITIAL_USER_PASSWORD__
+ ### API
+ {%- set max_reqs = "__CONTROLLER_MAX_CONCURRENT_REQUESTS__" %}
+ {%- if max_reqs != "" and max_reqs is number %}
+ API:
+ MaxConcurrentRequests: max_reqs
+ {%- endif %}
+
### CONTAINERS
+ {%- set dispatcher_ssh_privkey = "__DISPATCHER_SSH_PRIVKEY__" %}
Containers:
MaxRetryAttempts: 10
CloudVMs:
Driver: ec2
DriverParameters:
Region: FIXME
- EBSVolumeType: gp2
+ EBSVolumeType: gp3
AdminUsername: FIXME
### This SG should allow SSH from the dispatcher to the compute nodes
SecurityGroupIDs: ['sg-FIXMEFIXMEFIXMEFI']
SubnetID: subnet-FIXMEFIXMEFIXMEFI
- DispatchPrivateKey: |
- -----BEGIN OPENSSH PRIVATE KEY-----
- Read https://doc.arvados.org/install/crunch2-cloud/install-compute-node.html#sshkeypair
- for details on how to create this key.
- FIXMEFIXMEFIXMEFI
- -----END OPENSSH PRIVATE KEY-----
+ IAMInstanceProfile: __CLUSTER__-compute-node-00-iam-role
+ DispatchPrivateKey: {{ dispatcher_ssh_privkey|yaml_dquote }}
### VOLUMES
## This should usually match all your `keepstore` instances
Bucket: __CLUSTER__-nyw5e-000000000000000-volume
IAMRole: __CLUSTER__-keepstore-00-iam-role
Region: FIXME
- __CLUSTER__-nyw5e-0000000000000001:
- Replication: 2
- Driver: S3
- DriverParameters:
- Bucket: __CLUSTER__-nyw5e-000000000000001-volume
- IAMRole: __CLUSTER__-keepstore-01-iam-role
- Region: FIXME
Users:
NewUsersAreActive: true
Services:
Controller:
- ExternalURL: 'https://__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
+ ExternalURL: 'https://__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
InternalURLs:
'http://localhost:8003': {}
DispatchCloud:
'http://__CONTROLLER_INT_IP__:9006': {}
Keepbalance:
InternalURLs:
- 'http://localhost:9005': {}
+ 'http://__CONTROLLER_INT_IP__:9005': {}
Keepproxy:
- ExternalURL: 'https://keep.__CLUSTER__.__DOMAIN__:__KEEP_EXT_SSL_PORT__'
+ ExternalURL: 'https://keep.__DOMAIN__:__KEEP_EXT_SSL_PORT__'
InternalURLs:
'http://localhost:25107': {}
Keepstore:
InternalURLs:
'http://__KEEPSTORE0_INT_IP__:25107': {}
- 'http://__KEEPSTORE1_INT_IP__:25107': {}
RailsAPI:
InternalURLs:
'http://localhost:8004': {}
WebDAV:
- ExternalURL: 'https://*.collections.__CLUSTER__.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__/'
+ ExternalURL: 'https://*.collections.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__/'
InternalURLs:
- 'http://localhost:9002': {}
+ 'http://__KEEPWEB_INT_IP__:9002': {}
WebDAVDownload:
- ExternalURL: 'https://download.__CLUSTER__.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__'
+ ExternalURL: 'https://download.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__'
WebShell:
- ExternalURL: 'https://webshell.__CLUSTER__.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__'
+ ExternalURL: 'https://webshell.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__'
Websocket:
- ExternalURL: 'wss://ws.__CLUSTER__.__DOMAIN__/websocket'
+ ExternalURL: 'wss://ws.__DOMAIN__/websocket'
InternalURLs:
'http://localhost:8005': {}
Workbench1:
- ExternalURL: 'https://workbench.__CLUSTER__.__DOMAIN__:__WORKBENCH1_EXT_SSL_PORT__'
+ ExternalURL: 'https://workbench.__DOMAIN__:__WORKBENCH1_EXT_SSL_PORT__'
Workbench2:
- ExternalURL: 'https://workbench2.__CLUSTER__.__DOMAIN__:__WORKBENCH2_EXT_SSL_PORT__'
+ ExternalURL: 'https://workbench2.__DOMAIN__:__WORKBENCH2_EXT_SSL_PORT__'
InstanceTypes:
t3small: