X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/102df19458ef2c97d1ef4ba0e571e3204d7073e6..531fd553a1b83c546066c1d2a2619f86e17b6d20:/doc/install/install-keepproxy.html.textile.liquid

diff --git a/doc/install/install-keepproxy.html.textile.liquid b/doc/install/install-keepproxy.html.textile.liquid
index c0d18d3963..2d32a2455c 100644
--- a/doc/install/install-keepproxy.html.textile.liquid
+++ b/doc/install/install-keepproxy.html.textile.liquid
@@ -29,47 +29,47 @@ By convention, we use the following hostname for the Keepproxy server:
 <div class="offset1">
 table(table table-bordered table-condensed).
 |_. Hostname|
-|keep.@ClusterID@.your.domain|
+|@keep.ClusterID.example.com@|
 </div>
 
 This hostname should resolve from anywhere on the internet.
 
 h2(#update-config). Update config.yml
 
-Edit the cluster config at @/etc/arvados/config.yml@ and set @Services.Keepproxy.ExternalURL@ and @Services.Keepproxy.InternalURLs@.
+Edit the cluster config at @config.yml@ and set @Services.Keepproxy.ExternalURL@ and @Services.Keepproxy.InternalURLs@.
 
 <notextile>
 <pre><code>    Services:
       Keepproxy:
         ExternalURL: <span class="userinput">https://keep.ClusterID.example.com</span>
         InternalURLs:
-	  <span class="userinput">"http://keep.ClusterID.example.com:25107": {}</span>
+          <span class="userinput">"http://localhost:25107": {}</span>
 </span></code></pre>
 </notextile>
 
 h2(#update-nginx). Update Nginx configuration
 
-Put a reverse proxy with SSL support in front of Keepproxy. Keepproxy itself runs on the port 25107 (or whatever is specified in @Services.Keepproxy.InternalURL@) the reverse proxy runs on port 443 and forwards requests to Keepproxy.
+Put a reverse proxy with SSL support in front of Keepproxy. Keepproxy itself runs on the port 25107 (or whatever is specified in @Services.Keepproxy.InternalURL@) while the reverse proxy runs on port 443 and forwards requests to Keepproxy.
 
-Use a text editor to create a new file @/etc/nginx/conf.d/keepproxy.conf@ with the following configuration. Options that need attention are marked with “TODO”.
+Use a text editor to create a new file @/etc/nginx/conf.d/keepproxy.conf@ with the following configuration. Options that need attention are marked in <span class="userinput">red</span>.
 
 <notextile><pre><code>upstream keepproxy {
   server                127.0.0.1:<span class="userinput">25107</span>;
 }
 
 server {
-  listen                  <span class="userinput">[TODO your public IP address]</span>:443 ssl;
-  server_name             keep.<span class="userinput">ClusterID</span>.example.com;
+  listen                  443 ssl;
+  server_name             <span class="userinput">keep.ClusterID.example.com</span>;
 
   proxy_connect_timeout   90s;
   proxy_read_timeout      300s;
   proxy_set_header        X-Real-IP $remote_addr;
   proxy_http_version      1.1;
   proxy_request_buffering off;
+  proxy_max_temp_file_size 0;
 
-  ssl on;
-  ssl_certificate     <span class="userinput">/TODO/YOUR/PATH/TO/cert.pem</span>;
-  ssl_certificate_key <span class="userinput">/TODO/YOUR/PATH/TO/cert.key</span>;
+  ssl_certificate     <span class="userinput">/YOUR/PATH/TO/cert.pem</span>;
+  ssl_certificate_key <span class="userinput">/YOUR/PATH/TO/cert.key</span>;
 
   # Clients need to be able to upload blocks of data up to 64MiB in size.
   client_max_body_size    64m;
@@ -94,8 +94,27 @@ h2(#confirm-working). Confirm working installation
 
 Log into a host that is on a network external to your private Arvados network.  The host should be able to contact your keepproxy server (eg @keep.ClusterID.example.com@), but not your keepstore servers (eg keep[0-9].ClusterID.example.com).
 
+@ARVADOS_API_HOST@ and @ARVADOS_API_TOKEN@ must be set in the environment.
+
+@ARVADOS_API_HOST@ should be the hostname of the API server.
+
+@ARVADOS_API_TOKEN@ should be the system root token.
+
+Install the "Command line SDK":{{site.baseurl}}/sdk/cli/install.html
+
+Check that the keepproxy server is in the @keep_service@ "accessible" list:
+
+<notextile>
+<pre><code>
+$ <span class="userinput">arv keep_service accessible</span>
+[...]
+</code></pre>
+</notextile>
+
+If keepstore does not show up in the "accessible" list, and you are accessing it from within the private network, check that you have "properly configured the @geo@ block for the API server":install-api-server.html#update-nginx .
+
 Install the "Python SDK":{{site.baseurl}}/sdk/python/sdk-python.html
 
-@ARVADOS_API_HOST@ and @ARVADOS_API_TOKEN@ must be set in the environment.
+You should now be able to use @arv-put@ to upload collections and @arv-get@ to fetch collections.  Be sure to execute this from _outside_ the cluster's private network.
 
-You should now be able to use @arv-put@ to upload collections and @arv-get@ to fetch collections, for an example see "Testing keep.":install-keepstore.html#testing on the keepstore install page.
+{% include 'arv_put_example' %}