X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/8f01e971dd6868ed734736dba75c4e5dad5910a5..ea6f25f0dde5c750eacea29662c19149c7800134:/lib/config/generated_config.go

diff --git a/lib/config/generated_config.go b/lib/config/generated_config.go
index 79c3847173..42707396dd 100644
--- a/lib/config/generated_config.go
+++ b/lib/config/generated_config.go
@@ -190,12 +190,21 @@ Clusters:
       MaxItemsPerResponse: 1000
 
       # Maximum number of concurrent requests to accept in a single
-      # service process, or 0 for no limit. Currently supported only
-      # by keepstore.
+      # service process, or 0 for no limit.
       MaxConcurrentRequests: 0
 
-      # Maximum number of 64MiB memory buffers per keepstore server
-      # process, or 0 for no limit.
+      # Maximum number of 64MiB memory buffers per Keepstore server process, or
+      # 0 for no limit. When this limit is reached, up to
+      # (MaxConcurrentRequests - MaxKeepBlobBuffers) HTTP requests requiring
+      # buffers (like GET and PUT) will wait for buffer space to be released.
+      # Any HTTP requests beyond MaxConcurrentRequests will receive an
+      # immediate 503 response.
+      #
+      # MaxKeepBlobBuffers should be set such that (MaxKeepBlobBuffers * 64MiB
+      # * 1.1) fits comfortably in memory. On a host dedicated to running
+      # Keepstore, divide total memory by 88MiB to suggest a suitable value.
+      # For example, if grep MemTotal /proc/meminfo reports MemTotal: 7125440
+      # kB, compute 7125440 / (88 * 1024)=79 and configure MaxBuffers: 79
       MaxKeepBlobBuffers: 128
 
       # API methods to disable. Disabled methods are not listed in the
@@ -461,13 +470,13 @@ Clusters:
       # If non-empty, allow project and collection names to contain
       # the "/" character (slash/stroke/solidus), and replace "/" with
       # the given string in the filesystem hierarchy presented by
-      # WebDAV. Possible values include "%2f" and "{slash}". Names
-      # that contain the substitution string itself may result in
-      # confusing behavior.
+      # WebDAV. Example values are "%2f" and "{slash}". Names that
+      # contain the substitution string itself may result in confusing
+      # behavior, so a value like "_" is not recommended.
       #
-      # If the default empty value is used, names containing "/"
-      # cannot be used when creating or renaming a collection or
-      # project.
+      # If the default empty value is used, the server will reject
+      # requests to create or rename a collection when the new name
+      # contains "/".
       #
       # If the value "/" is used, project and collection names
       # containing "/" will be allowed, but they will not be
@@ -547,6 +556,29 @@ Clusters:
       # work. If false, only the primary email address will be used.
       GoogleAlternateEmailAddresses: true
 
+      # (Experimental) Use PAM to authenticate logins, using the
+      # specified PAM service name.
+      #
+      # Cannot be used in combination with OAuth2 (ProviderAppID) or
+      # Google (GoogleClientID). Cannot be used on a cluster acting as
+      # a LoginCluster.
+      PAM: false
+      PAMService: arvados
+
+      # Domain name (e.g., "example.com") to use to construct the
+      # user's email address if PAM authentication returns a username
+      # with no "@". If empty, use the PAM username as the user's
+      # email address, whether or not it contains "@".
+      #
+      # Note that the email address is used as the primary key for
+      # user records when logging in. Therefore, if you change
+      # PAMDefaultEmailDomain after the initial installation, you
+      # should also update existing user records to reflect the new
+      # domain. Otherwise, next time those users log in, they will be
+      # given new accounts instead of accessing their existing
+      # accounts.
+      PAMDefaultEmailDomain: ""
+
       # The cluster ID to delegate the user database.  When set,
       # logins on this cluster will be redirected to the login cluster
       # (login cluster must appear in RemoteClusters with Proxy: true)
@@ -629,7 +661,7 @@ Clusters:
       # (experimental) cloud dispatcher for executing containers on
       # worker VMs. Begins with "-----BEGIN RSA PRIVATE KEY-----\n"
       # and ends with "\n-----END RSA PRIVATE KEY-----\n".
-      DispatchPrivateKey: none
+      DispatchPrivateKey: ""
 
       # Maximum time to wait for workers to come up before abandoning
       # stale locks from a previous dispatch process.
@@ -661,7 +693,7 @@ Clusters:
         # has been reached or crunch_log_seconds_between_events has elapsed since
         # the last flush.
         LogBytesPerEvent: 4096
-        LogSecondsBetweenEvents: 1
+        LogSecondsBetweenEvents: 5s
 
         # The sample period for throttling logs.
         LogThrottlePeriod: 60s
@@ -1159,6 +1191,8 @@ Clusters:
         identification, and does not retrieve any other personal
         information.</i>
 
+      # Workbench screen displayed to inactive users.  This is HTML
+      # text that will be incorporated directly onto the page.
       InactivePageHTML: |
         <img src="/arvados-logo-big.png" style="width: 20%; float: right; padding: 1em;" />
         <h3>Hi! You're logged in, but...</h3>
@@ -1166,10 +1200,43 @@ Clusters:
         <p>An administrator must activate your account before you can get
         any further.</p>
 
+      # Connecting to Arvados shell VMs tends to be site-specific.
+      # Put any special instructions here. This is HTML text that will
+      # be incorporated directly onto the Workbench page.
+      SSHHelpPageHTML: |
+        <a href="https://doc.arvados.org/user/getting_started/ssh-access-unix.html">Accessing an Arvados VM with SSH</a> (generic instructions).
+        Site configurations vary.  Contact your local cluster administrator if you have difficulty accessing an Arvados shell node.
+
+      # Sample text if you are using a "switchyard" ssh proxy.
+      # Replace "zzzzz" with your Cluster ID.
+      #SSHHelpPageHTML: |
+      # <p>Add a section like this to your SSH configuration file ( <i>~/.ssh/config</i>):</p>
+      # <pre>Host *.zzzzz
+      #  TCPKeepAlive yes
+      #  ServerAliveInterval 60
+      #  ProxyCommand ssh -p2222 turnout@switchyard.zzzzz.arvadosapi.com -x -a $SSH_PROXY_FLAGS %h
+      # </pre>
+
+      # If you are using a switchyard ssh proxy, shell node hostnames
+      # may require a special hostname suffix.  In the sample ssh
+      # configuration above, this would be ".zzzzz"
+      # This is added to the hostname in the "command line" column
+      # the Workbench "shell VMs" page.
+      #
+      # If your shell nodes are directly accessible by users without a
+      # proxy and have fully qualified host names, you should leave
+      # this blank.
+      SSHHelpHostSuffix: ""
+
     # Bypass new (Arvados 1.5) API implementations, and hand off
     # requests directly to Rails instead. This can provide a temporary
     # workaround for clients that are incompatible with the new API
     # implementation. Note that it also disables some new federation
     # features and will be removed in a future release.
     ForceLegacyAPI14: false
+
+# (Experimental) Restart services automatically when config file
+# changes are detected. Only supported by ` + "`" + `arvados-server boot` + "`" + ` in
+# dev/test mode.
+AutoReloadConfig: false
 `)