Services:
- # In each of the service sections below, the keys under
- # InternalURLs are the endpoints where the service should be
- # listening, and reachable from other hosts in the
- # cluster. Example:
+ # Each of the service sections below specifies ListenAddress,
+ # InternalURLs, and ExternalURL.
+ #
+ # InternalURLs specify how other Arvados service processes will
+ # connect to the service. Typically these use internal hostnames
+ # and high port numbers. Example:
#
# InternalURLs:
- # "http://host1.example:12345": {}
- # "http://host2.example:12345": {}
+ # "http://host1.internal.example:12345": {}
+ # "http://host2.internal.example:12345": {}
+ #
+ # ListenAddress specifies the address and port the service
+ # process's HTTP server should listen on. Example:
+ #
+ # ListenAddress: "0.0.0.0:12345"
+ #
+ # If ListenAddress is blank, the service will try listening on
+ # the host:port part of each InternalURLs entry until one
+ # works. This approach only works if the host names resolve (via
+ # /etc/hosts, DNS, etc) to the IP addresses of the host's
+ # network interfaces.
+ #
+ # ExternalURL specifies how applications/clients will connect to
+ # the service, regardless of whether they are inside or outside
+ # the cluster. Example:
+ #
+ # ExternalURL: "https://keep.zzzzz.example.com/"
+ #
+ # To avoid routing internal traffic through external networks,
+ # use split-horizon DNS for ExternalURL host names: inside the
+ # cluster's private network "host.zzzzz.example.com" resolves to
+ # the host's private IP address, while outside the cluster
+ # "host.zzzzz.example.com" resolves to the host's public IP
+ # address (or its external gateway or load balancer).
RailsAPI:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
Controller:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
Websocket:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
Keepbalance:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
GitHTTP:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
GitSSH:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
DispatchCloud:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
DispatchLSF:
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
+ DispatchSLURM:
+ InternalURLs: {SAMPLE: {}}
+ ExternalURL: ""
Keepproxy:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
WebDAV:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
# Base URL for Workbench inline preview. If blank, use
# WebDAVDownload instead, and disable inline preview.
ExternalURL: ""
WebDAVDownload:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
# Base URL for download links. If blank, serve links to WebDAV
# with disposition=attachment query param. Unlike preview links,
ExternalURL: ""
Keepstore:
+ ListenAddress: ""
InternalURLs:
SAMPLE:
# Rendezvous is normally empty/omitted. When changing the
Rendezvous: ""
ExternalURL: ""
Composer:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
WebShell:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
# ShellInABox service endpoint URL for a given VM. If empty, do not
# offer web shell logins.
# https://*.webshell.uuid_prefix.arvadosapi.com
ExternalURL: ""
Workbench1:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
Workbench2:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
Health:
+ ListenAddress: ""
InternalURLs: {SAMPLE: {}}
ExternalURL: ""
# https://doc.arvados.org/admin/metadata-vocabulary.html
VocabularyPath: ""
+ # If true, a project must have a non-empty description field in
+ # order to be frozen.
+ FreezeProjectRequiresDescription: false
+
+ # Project properties that must have non-empty values in order to
+ # freeze a project. Example: "property_name": {}
+ FreezeProjectRequiresProperties:
+ SAMPLE: {}
+
+ # If true, only an admin user can un-freeze a project. If false,
+ # any user with "manage" permission can un-freeze.
+ UnfreezeProjectRequiresAdmin: false
+
Users:
# Config parameters to automatically setup new users. If enabled,
# this users will be able to self-activate. Enable this if you want
NewInactiveUserNotificationRecipients: {}
# Set AnonymousUserToken to enable anonymous user access. Populate this
- # field with a long random string. Then run "bundle exec
- # ./script/get_anonymous_user_token.rb" in the directory where your API
- # server is running to record the token in the database.
+ # field with a random string at least 50 characters long.
AnonymousUserToken: ""
# If a new user has an alternate email address (local@domain)
# go down.
MaxComputeVMs: 64
- # Preemptible instance support (e.g. AWS Spot Instances)
- # When true, child containers will get created with the preemptible
- # scheduling parameter parameter set.
- UsePreemptibleInstances: false
+ # Schedule all child containers on preemptible instances (e.g. AWS
+ # Spot Instances) even if not requested by the submitter.
+ #
+ # If false, containers are scheduled on preemptible instances
+ # only when requested by the submitter.
+ #
+ # This flag is ignored if no preemptible instance types are
+ # configured, and has no effect on top-level containers.
+ AlwaysUsePreemptibleInstances: false
+
+ # Automatically add a preemptible variant for every
+ # non-preemptible entry in InstanceTypes below. The maximum bid
+ # price for the preemptible variant will be the non-preemptible
+ # price multiplied by PreemptiblePriceFactor. If 0, preemptible
+ # variants are not added automatically.
+ #
+ # A price factor of 1.0 is a reasonable starting point.
+ PreemptiblePriceFactor: 0
# PEM encoded SSH key (RSA, DSA, or ECDSA) used by the
# cloud dispatcher for executing containers on worker VMs.
# A zero value disables this feature.
#
# In order for this feature to be activated, no volume may use
- # AccessViaHosts, and each volume must have Replication higher
- # than Collections.DefaultReplication. If these requirements are
- # not satisfied, the feature is disabled automatically
- # regardless of the value given here.
+ # AccessViaHosts, and no writable volume may have Replication
+ # lower than Collections.DefaultReplication. If these
+ # requirements are not satisfied, the feature is disabled
+ # automatically regardless of the value given here.
+ #
+ # When an HPC dispatcher is in use (see SLURM and LSF sections),
+ # this feature depends on the operator to ensure an up-to-date
+ # cluster configuration file (/etc/arvados/config.yml) is
+ # available on all compute nodes. If it is missing or not
+ # readable by the crunch-run user, the feature will be disabled
+ # automatically. To read it from a different location, add a
+ # "-config=/path/to/config.yml" argument to
+ # CrunchRunArgumentsList above.
#
- # Note that when this configuration is enabled, the entire
- # cluster configuration file, including the system root token,
- # is copied to the worker node and held in memory for the
- # duration of the container.
+ # When the cloud dispatcher is in use (see CloudVMs section) and
+ # this configuration is enabled, the entire cluster
+ # configuration file, including the system root token, is copied
+ # to the worker node and held in memory for the duration of the
+ # container.
LocalKeepBlobBuffersPerVCPU: 1
# When running a dedicated keepstore process for a container
# %C number of VCPUs
# %M memory in MB
# %T tmp in MB
+ # %G number of GPU devices (runtime_constraints.cuda.device_count)
#
# Use %% to express a literal %. The %%J in the default will be changed
# to %J, which is interpreted by bsub itself.
# from /tmp, or adjust the "-o" and "-e" arguments accordingly.
BsubArgumentsList: ["-o", "/tmp/crunch-run.%%J.out", "-e", "/tmp/crunch-run.%%J.err", "-J", "%U", "-n", "%C", "-D", "%MMB", "-R", "rusage[mem=%MMB:tmp=%TMB] span[hosts=1]", "-R", "select[mem>=%MMB]", "-R", "select[tmp>=%TMB]", "-R", "select[ncpus>=%C]"]
+ # Arguments that will be appended to the bsub command line
+ # when submitting Arvados containers as LSF jobs with
+ # runtime_constraints.cuda.device_count > 0
+ BsubCUDAArguments: ["-gpu", "num=%G"]
+
# Use sudo to switch to this user account when submitting LSF
# jobs.
#
# need to be detected and cleaned up manually.
TagKeyPrefix: Arvados
- # Cloud driver: "azure" (Microsoft Azure) or "ec2" (Amazon AWS).
+ # Cloud driver: "azure" (Microsoft Azure), "ec2" (Amazon AWS),
+ # or "loopback" (run containers on dispatch host for testing
+ # purposes).
Driver: ec2
# Cloud-specific driver parameters.
Region: ""
EBSVolumeType: gp2
AdminUsername: debian
+ # (ec2) name of the IAMInstanceProfile for instances started by
+ # the cloud dispatcher. Leave blank when not needed.
+ IAMInstanceProfile: ""
# (azure) Credentials.
SubscriptionID: ""
ShowUserAgreementInline: false
SecretKeyBase: ""
+ # Set this configuration to true to avoid providing an easy way for users
+ # to share data with unauthenticated users; this may be necessary on
+ # installations where strict data access controls are needed.
+ DisableSharingURLsUI: false
+
# Scratch directory used by the remote repository browsing
# feature. If it doesn't exist, it (and any missing parents) will be
# created using mkdir_p.