projects / arvados.git / blobdiff
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
15572: Add notes about keep-web and compute node image configuration
[arvados.git] / doc / install / install-dispatch-cloud.html.textile.liquid
diff --git a/doc/install/install-dispatch-cloud.html.textile.liquid b/doc/install/install-dispatch-cloud.html.textile.liquid
index f6d0a6c6116c26f9cee96f76ea2309df7be35535..5709e5aaa5ad5578583ffdf9ab98c02092019d84 100644 (file)
--- a/doc/install/install-dispatch-cloud.html.textile.liquid
+++ b/doc/install/install-dispatch-cloud.html.textile.liquid
@@ -27,6 +27,12 @@ h2(#create-image). Create compute node VM image
 
 Create a VM image following the steps "to set up a compute node":crunch2-slurm/install-compute-node.html
 
+On the compute VM image, add the API server's internal IP address to @/etc/hosts@, this will ensure that it contacts the API server on the private network and not through the public interface.  For example:
+
+<pre>
+10.20.30.40     ClusterID.example.com
+</pre>
+
 h2(#update-config). Update config.yml
 
 h3. Create a private key
@@ -101,7 +107,7 @@ Add or update the following portions of your cluster configuration file, @/etc/a
 </code></pre>
 </notextile>
 
-Minimal configuration example for Amazon EC2:
+h4. Minimal configuration example for Amazon EC2
 
 <notextile>
 <pre><code>    Containers:
@@ -109,18 +115,18 @@ Minimal configuration example for Amazon EC2:
         ImageID: ami-01234567890abcdef
         Driver: ec2
         DriverParameters:
-          AccessKeyID: EALMF21BJC7MKNF9FVVR
-          SecretAccessKey: yKJAPmoCQOMtYWzEUQ1tKTyrocTcbH60CRvGP3pM
+          AccessKeyID: XXXXXXXXXXXXXXXXXXXX
+          SecretAccessKey: YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY
           SecurityGroupIDs:
           - sg-0123abcd
           SubnetID: subnet-0123abcd
           Region: us-east-1
           EBSVolumeType: gp2
-          AdminUsername: debian
+          AdminUsername: arvados
 </code></pre>
 </notextile>
 
-Minimal configuration example for Azure:
+h4. Minimal configuration example for Azure
 
 <notextile>
 <pre><code>    Containers:
@@ -130,7 +136,7 @@ Minimal configuration example for Azure:
         DriverParameters:
           SubscriptionID: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
           ClientID: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
-          ClientSecret: 2WyXt0XFbEtutnf2hp528t6Wk9S5bOHWkRaaWwavKQo=
+          ClientSecret: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
           TenantID: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
           CloudEnvironment: AzurePublicCloud
           ResourceGroup: zzzzz
@@ -144,6 +150,40 @@ Minimal configuration example for Azure:
 </code></pre>
 </notextile>
 
+Get the @SubscriptionID@ and @TenantID@:
+
+<pre>
+$ az account list
+[
+  {
+    "cloudName": "AzureCloud",
+    "id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXX",
+    "isDefault": true,
+    "name": "Your Subscription",
+    "state": "Enabled",
+    "tenantId": "YYYYYYYY-YYYY-YYYY-YYYYYYYY",
+    "user": {
+      "name": "you@example.com",
+      "type": "user"
+    }
+  }
+]
+</pre>
+
+You will need to create a "service principal" to use as a delegated authority for API access.
+
+<pre>
+$ az ad app create --display-name "Arvados Dispatch Cloud (ClusterID)" --homepage "https://arvados.org" --identifier-uris "https://ClusterID.example.com" --end-date 2299-12-31 --password <Your_Password>
+$ az ad sp create "<appId>"
+(appId is part of the response of the previous command)
+$ az role assignment create --assignee "<objectId>" --role Owner --scope /subscriptions/{subscriptionId}/
+(objectId is part of the response of the previous command)
+</pre>
+
+@ClientID@ is the 'appId' value.
+
+@ClientSecret@ is what was provided as <Your_Password>.
+
 h3. Test your configuration
 
 Run the @cloudtest@ tool to verify that your configuration works. This creates a new cloud VM, confirms that it boots correctly and accepts your configured SSH private key, and shuts it down.