# required to test with arvados-snakeoil certs
insecure: false
+ resources:
+ virtual_machines:
+ shell:
+ name: shell.__DOMAIN__
+ backend: __SHELL_INT_IP__
+ port: 4200
+
### TOKENS
tokens:
system_root: __SYSTEM_ROOT_TOKEN__
Email: __INITIAL_USER_EMAIL__
Password: __INITIAL_USER_PASSWORD__
+ ### API
+ {%- set max_reqs = "__CONTROLLER_MAX_CONCURRENT_REQUESTS__" %}
+ {%- if max_reqs != "" and max_reqs is number %}
+ API:
+ MaxConcurrentRequests: max_reqs
+ {%- endif %}
+
### CONTAINERS
+ {%- set dispatcher_ssh_privkey = "__DISPATCHER_SSH_PRIVKEY__" %}
Containers:
MaxRetryAttempts: 10
CloudVMs:
ResourceTags:
Name: __CLUSTER__-compute-node
- BootProbeCommand: 'sudo docker ps -q'
+ BootProbeCommand: 'systemctl is-system-running'
ImageID: ami-FIXMEFIXMEFIXMEFI
Driver: ec2
DriverParameters:
Region: FIXME
- EBSVolumeType: gp2
+ EBSVolumeType: gp3
AdminUsername: FIXME
### This SG should allow SSH from the dispatcher to the compute nodes
SecurityGroupIDs: ['sg-FIXMEFIXMEFIXMEFI']
SubnetID: subnet-FIXMEFIXMEFIXMEFI
- DispatchPrivateKey: |
- -----BEGIN OPENSSH PRIVATE KEY-----
- Read https://doc.arvados.org/v2.0/install/install-dispatch-cloud.html
- for details on how to create it and where to place the key
- FIXMEFIXMEFIXMEFI
- -----END OPENSSH PRIVATE KEY-----
+ IAMInstanceProfile: __CLUSTER__-compute-node-00-iam-role
+ DispatchPrivateKey: {{ dispatcher_ssh_privkey|yaml_dquote }}
### VOLUMES
## This should usually match all your `keepstore` instances
Volumes:
# the volume name will be composed with
# <cluster>-nyw5e-<volume>
- __CLUSTER__-nyw5e-0000000000000000:
- AccessViaHosts:
- 'http://__KEEPSTORE0_INT_IP__:25107':
- ReadOnly: false
+ __CLUSTER__-nyw5e-000000000000000:
Replication: 2
Driver: S3
DriverParameters:
- Bucket: __CLUSTER__-nyw5e-0000000000000000-volume
+ Bucket: __CLUSTER__-nyw5e-000000000000000-volume
IAMRole: __CLUSTER__-keepstore-00-iam-role
Region: FIXME
- __CLUSTER__-nyw5e-0000000000000001:
- AccessViaHosts:
- 'http://__KEEPSTORE1_INT_IP__:25107':
- ReadOnly: false
- Replication: 2
- Driver: S3
- DriverParameters:
- Bucket: __CLUSTER__-nyw5e-0000000000000001-volume
- IAMRole: __CLUSTER__-keepstore-01-iam-role
- Region: FIXME
Users:
NewUsersAreActive: true
Services:
Controller:
- ExternalURL: 'https://__CLUSTER__.__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
+ ExternalURL: 'https://__DOMAIN__:__CONTROLLER_EXT_SSL_PORT__'
InternalURLs:
'http://localhost:8003': {}
DispatchCloud:
InternalURLs:
'http://__CONTROLLER_INT_IP__:9006': {}
+ Keepbalance:
+ InternalURLs:
+ 'http://__CONTROLLER_INT_IP__:9005': {}
Keepproxy:
- ExternalURL: 'https://keep.__CLUSTER__.__DOMAIN__:__KEEP_EXT_SSL_PORT__'
+ ExternalURL: 'https://keep.__DOMAIN__:__KEEP_EXT_SSL_PORT__'
InternalURLs:
'http://localhost:25107': {}
Keepstore:
InternalURLs:
'http://__KEEPSTORE0_INT_IP__:25107': {}
- 'http://__KEEPSTORE1_INT_IP__:25107': {}
RailsAPI:
InternalURLs:
'http://localhost:8004': {}
WebDAV:
- ExternalURL: 'https://*.collections.__CLUSTER__.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__/'
+ ExternalURL: 'https://*.collections.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__/'
InternalURLs:
- 'http://localhost:9002': {}
+ 'http://__KEEPWEB_INT_IP__:9002': {}
WebDAVDownload:
- ExternalURL: 'https://download.__CLUSTER__.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__'
+ ExternalURL: 'https://download.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__'
WebShell:
- ExternalURL: 'https://webshell.__CLUSTER__.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__'
+ ExternalURL: 'https://webshell.__DOMAIN__:__KEEPWEB_EXT_SSL_PORT__'
Websocket:
- ExternalURL: 'wss://ws.__CLUSTER__.__DOMAIN__/websocket'
+ ExternalURL: 'wss://ws.__DOMAIN__/websocket'
InternalURLs:
'http://localhost:8005': {}
Workbench1:
- ExternalURL: 'https://workbench.__CLUSTER__.__DOMAIN__:__WORKBENCH1_EXT_SSL_PORT__'
+ ExternalURL: 'https://workbench.__DOMAIN__:__WORKBENCH1_EXT_SSL_PORT__'
Workbench2:
- ExternalURL: 'https://workbench2.__CLUSTER__.__DOMAIN__:__WORKBENCH2_EXT_SSL_PORT__'
+ ExternalURL: 'https://workbench2.__DOMAIN__:__WORKBENCH2_EXT_SSL_PORT__'
InstanceTypes:
t3small:
projects / arvados.git / blobdiff