SPDX-License-Identifier: CC-BY-SA-3.0
{% endcomment %}
+{% include 'notebox_begin_warning' %}
+arvados-dispatch-cloud is only relevant for cloud installations. Skip this section if you are installing a on premise cluster that will spool jobs to Slurm.
+{% include 'notebox_end' %}
+
# "Introduction":#introduction
# "Create compute node VM image":#create-image
# "Update config.yml":#update-config
Create a VM image following the steps "to set up a compute node":crunch2-slurm/install-compute-node.html
+On the compute VM image, add the API server's internal IP address to @/etc/hosts@, this will ensure that it contacts the API server on the private network and not through the public interface. For example:
+
+<notextile><pre><code>10.20.30.40 <span class="userinput">ClusterID.example.com</span>
+</code></pre></notextile>
+
h2(#update-config). Update config.yml
h3. Create a private key
h3. Configure CloudVMs
-Add or update the following portions of your cluster configuration file, @/etc/arvados/config.yml@. Refer to "config.defaults.yml":{{site.baseurl}}/admin/config.html for information about additional configuration options.
+Add or update the following portions of your cluster configuration file, @config.yml@. Refer to "config.defaults.yml":{{site.baseurl}}/admin/config.html for information about additional configuration options.
<notextile>
<pre><code> Services:
</code></pre>
</notextile>
-Minimal configuration example for Amazon EC2:
+h4. Minimal configuration example for Amazon EC2
<notextile>
<pre><code> Containers:
ImageID: ami-01234567890abcdef
Driver: ec2
DriverParameters:
- AccessKeyID: EALMF21BJC7MKNF9FVVR
- SecretAccessKey: yKJAPmoCQOMtYWzEUQ1tKTyrocTcbH60CRvGP3pM
+ AccessKeyID: XXXXXXXXXXXXXXXXXXXX
+ SecretAccessKey: YYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYYY
SecurityGroupIDs:
- sg-0123abcd
SubnetID: subnet-0123abcd
Region: us-east-1
EBSVolumeType: gp2
- AdminUsername: debian
+ AdminUsername: arvados
</code></pre>
</notextile>
-Minimal configuration example for Azure:
+h4. Minimal configuration example for Azure
<notextile>
<pre><code> Containers:
DriverParameters:
SubscriptionID: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
ClientID: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
- ClientSecret: 2WyXt0XFbEtutnf2hp528t6Wk9S5bOHWkRaaWwavKQo=
+ ClientSecret: XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
TenantID: XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXXXXXX
CloudEnvironment: AzurePublicCloud
ResourceGroup: zzzzz
</code></pre>
</notextile>
+Get the @SubscriptionID@ and @TenantID@:
+
+<pre>
+$ az account list
+[
+ {
+ "cloudName": "AzureCloud",
+ "id": "XXXXXXXX-XXXX-XXXX-XXXX-XXXXXXXX",
+ "isDefault": true,
+ "name": "Your Subscription",
+ "state": "Enabled",
+ "tenantId": "YYYYYYYY-YYYY-YYYY-YYYYYYYY",
+ "user": {
+ "name": "you@example.com",
+ "type": "user"
+ }
+ }
+]
+</pre>
+
+You will need to create a "service principal" to use as a delegated authority for API access.
+
+<notextile><pre><code>$ az ad app create --display-name "Arvados Dispatch Cloud (<span class="userinput">ClusterID</span>)" --homepage "https://arvados.org" --identifier-uris "https://<span class="userinput">ClusterID.example.com</span>" --end-date 2299-12-31 --password <span class="userinput">Your_Password</span>
+$ az ad sp create "<span class="userinput">appId</span>"
+(appId is part of the response of the previous command)
+$ az role assignment create --assignee "<span class="userinput">objectId</span>" --role Owner --scope /subscriptions/{subscriptionId}/
+(objectId is part of the response of the previous command)
+</code></pre></notextile>
+
+Now update your @config.yml@ file:
+
+@ClientID@ is the 'appId' value.
+
+@ClientSecret@ is what was provided as <span class="userinput">Your_Password</span>.
+
h3. Test your configuration
Run the @cloudtest@ tool to verify that your configuration works. This creates a new cloud VM, confirms that it boots correctly and accepts your configured SSH private key, and shuts it down.
projects / arvados.git / blobdiff