X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/9d33848deed3a044f5e6d086a19215b29e3c2847..92d6698f3c2d1c8109a9cf08f25da408c3a7b442:/lib/config/config.default.yml diff --git a/lib/config/config.default.yml b/lib/config/config.default.yml index 05bc1309cd..b3e0d0657c 100644 --- a/lib/config/config.default.yml +++ b/lib/config/config.default.yml @@ -74,12 +74,6 @@ Clusters: Keepbalance: InternalURLs: {SAMPLE: {ListenURL: ""}} ExternalURL: "" - GitHTTP: - InternalURLs: {SAMPLE: {ListenURL: ""}} - ExternalURL: "" - GitSSH: - InternalURLs: {SAMPLE: {ListenURL: ""}} - ExternalURL: "" DispatchCloud: InternalURLs: {SAMPLE: {ListenURL: ""}} ExternalURL: "" @@ -231,6 +225,10 @@ Clusters: # also effectively limited by MaxConcurrentRailsRequests (see # below) because most controller requests proxy through to the # RailsAPI service. + # + # HTTP proxies and load balancers downstream of arvados services + # should be configured to allow at least {MaxConcurrentRequest + + # MaxQueuedRequests + MaxGatewayTunnels} concurrent requests. MaxConcurrentRequests: 64 # Maximum number of concurrent requests to process concurrently @@ -250,6 +248,13 @@ Clusters: # the incoming request queue before returning 503. MaxQueueTimeForLockRequests: 2s + # Maximum number of active gateway tunnel connections. One slot + # is consumed by each "container shell" connection. If using an + # HPC dispatcher (LSF or Slurm), one slot is consumed by each + # running container. These do not count toward + # MaxConcurrentRequests. + MaxGatewayTunnels: 1000 + # Fraction of MaxConcurrentRequests that can be "log create" # messages at any given time. This is to prevent logging # updates from crowding out more important requests. @@ -329,7 +334,6 @@ Clusters: # AutoSetupUsernameBlacklist is a list of usernames to be blacklisted for auto setup. AutoSetupNewUsers: false AutoSetupNewUsersWithVmUUID: "" - AutoSetupNewUsersWithRepository: false AutoSetupUsernameBlacklist: arvados: {} git: {} @@ -354,34 +358,59 @@ Clusters: # false. ActivatedUsersAreVisibleToOthers: true - # The e-mail address of the user you would like to become marked as an admin - # user on their first login. + # If a user creates an account with this email address, they + # will be automatically set to admin. AutoAdminUserWithEmail: "" # If AutoAdminFirstUser is set to true, the first user to log in when no # other admin users exist will automatically become an admin user. AutoAdminFirstUser: false - # Email address to notify whenever a user creates a profile for the - # first time + # Recipient for notification email sent out when a user sets a + # profile on their account. UserProfileNotificationAddress: "" + + # When sending a NewUser, NewInactiveUser, or UserProfile + # notification, this is the 'From' address to use AdminNotifierEmailFrom: arvados@example.com + + # Prefix for email subjects for NewUser and NewInactiveUser emails EmailSubjectPrefix: "[ARVADOS] " + + # When sending a welcome email to the user, the 'From' address to use UserNotifierEmailFrom: arvados@example.com - UserNotifierEmailBcc: {} - NewUserNotificationRecipients: {} - NewInactiveUserNotificationRecipients: {} + + # The welcome email sent to new users will be blind copied to + # these addresses. + UserNotifierEmailBcc: + SAMPLE: {} + + # Recipients for notification email sent out when a user account + # is created and already set up to be able to log in + NewUserNotificationRecipients: + SAMPLE: {} + + # Recipients for notification email sent out when a user account + # has been created but the user cannot log in until they are + # set up by an admin. + NewInactiveUserNotificationRecipients: + SAMPLE: {} # Set AnonymousUserToken to enable anonymous user access. Populate this # field with a random string at least 50 characters long. AnonymousUserToken: "" - # If a new user has an alternate email address (local@domain) - # with the domain given here, its local part becomes the new - # user's default username. Otherwise, the user's primary email - # address is used. + # The login provider for a user may supply a primary email + # address and one or more alternate email addresses. If a new + # user has an alternate email address with the domain given + # here, use the username from the alternate email to generate + # the user's Arvados username. Otherwise, the username from + # user's primary email address is used for the Arvados username. + # Currently implemented for OpenID Connect only. PreferDomainForUsername: "" + # Ruby ERB template used for the email sent out to users when + # they have been set up. UserSetupMailText: | <% if not @user.full_name.empty? -%> <%= @user.full_name %>, @@ -721,16 +750,18 @@ Clusters: # Time to cache manifests, permission checks, and sessions. TTL: 300s - # Block cache entries. Each block consumes up to 64 MiB RAM. - MaxBlockEntries: 20 + # Maximum amount of data cached in /var/cache/arvados/keep. + # Can be given as a percentage ("10%") or a number of bytes + # ("10 GiB") + DiskCacheSize: 10% # Approximate memory limit (in bytes) for session cache. # # Note this applies to the in-memory representation of # projects and collections -- metadata, block locators, - # filenames, etc. -- excluding cached file content, which is - # limited by MaxBlockEntries. - MaxCollectionBytes: 100000000 + # filenames, etc. -- not the file data itself (see + # DiskCacheSize). + MaxCollectionBytes: 100 MB # Persistent sessions. MaxSessions: 100 @@ -763,6 +794,14 @@ Clusters: # load on the API server and you don't need it. WebDAVLogEvents: true + # Per-connection output buffer for WebDAV downloads. May improve + # throughput for large files, particularly when storage volumes + # have high latency. + # + # Size be specified as a number of bytes ("0") or with units + # ("128KiB", "1 MB"). + WebDAVOutputBuffer: 0 + Login: # One of the following mechanisms (Google, PAM, LDAP, or # LoginCluster) should be enabled; see @@ -825,7 +864,7 @@ Clusters: # OpenID claim field containing the email verification # flag. Normally "email_verified". To accept every returned # email address without checking a "verified" field at all, - # use the empty string "". + # use an empty string "". EmailVerifiedClaim: "email_verified" # OpenID claim field containing the user's preferred @@ -1012,24 +1051,6 @@ Clusters: # production use. TrustPrivateNetworks: false - Git: - # Path to git or gitolite-shell executable. Each authenticated - # request will execute this program with the single argument "http-backend" - GitCommand: /usr/bin/git - - # Path to Gitolite's home directory. If a non-empty path is given, - # the CGI environment will be set up to support the use of - # gitolite-shell as a GitCommand: for example, if GitoliteHome is - # "/gh", then the CGI environment will have GITOLITE_HTTP_HOME=/gh, - # PATH=$PATH:/gh/bin, and GL_BYPASS_ACCESS_CHECKS=1. - GitoliteHome: "" - - # Git repositories must be readable by api server, or you won't be - # able to submit crunch jobs. To pass the test suites, put a clone - # of the arvados tree in {git_repositories_dir}/arvados.git or - # {git_repositories_dir}/arvados/.git - Repositories: /var/lib/arvados/git/repositories - TLS: # Use "file:///var/lib/acme/live/example.com/cert" and # ".../privkey" to load externally managed certificates. @@ -1224,35 +1245,6 @@ Clusters: # containers (see MaxAge). SweepInterval: 12h - # These two settings control how frequently log events are flushed to the - # database. Log lines are buffered until either crunch_log_bytes_per_event - # has been reached or crunch_log_seconds_between_events has elapsed since - # the last flush. - LogBytesPerEvent: 4096 - LogSecondsBetweenEvents: 5s - - # The sample period for throttling logs. - LogThrottlePeriod: 60s - - # Maximum number of bytes that job can log over crunch_log_throttle_period - # before being silenced until the end of the period. - LogThrottleBytes: 65536 - - # Maximum number of lines that job can log over crunch_log_throttle_period - # before being silenced until the end of the period. - LogThrottleLines: 1024 - - # Maximum bytes that may be logged as legacy log events - # (records posted to the "logs" table). Starting with Arvados - # 2.7, container live logging has migrated to a new system - # (polling the container request live log endpoint) and this - # value should be 0. As of this writing, the container will - # still create a single log on the API server, noting for that - # log events are throttled. - LimitLogBytesPerJob: 0 - - LogPartialLineThrottlePeriod: 5s - # Container logs are written to Keep and saved in a # collection, which is updated periodically while the # container runs. This value sets the interval between @@ -1289,47 +1281,6 @@ Clusters: SbatchArgumentsList: [] SbatchEnvironmentVariables: SAMPLE: "" - Managed: - # Path to dns server configuration directory - # (e.g. /etc/unbound.d/conf.d). If false, do not write any config - # files or touch restart.txt (see below). - DNSServerConfDir: "" - - # Template file for the dns server host snippets. See - # unbound.template in this directory for an example. If false, do - # not write any config files. - DNSServerConfTemplate: "" - - # String to write to {dns_server_conf_dir}/restart.txt (with a - # trailing newline) after updating local data. If false, do not - # open or write the restart.txt file. - DNSServerReloadCommand: "" - - # Command to run after each DNS update. Template variables will be - # substituted; see the "unbound" example below. If false, do not run - # a command. - DNSServerUpdateCommand: "" - - ComputeNodeDomain: "" - ComputeNodeNameservers: - "192.168.1.1": {} - SAMPLE: {} - - # Hostname to assign to a compute node when it sends a "ping" and the - # hostname in its Node record is nil. - # During bootstrapping, the "ping" script is expected to notice the - # hostname given in the ping response, and update its unix hostname - # accordingly. - # If false, leave the hostname alone (this is appropriate if your compute - # nodes' hostnames are already assigned by some other mechanism). - # - # One way or another, the hostnames of your node records should agree - # with your DNS records and your /etc/slurm-llnl/slurm.conf files. - # - # Example for compute0000, compute0001, ....: - # assign_node_hostname: compute%04d - # (See http://ruby-doc.org/core-2.2.2/Kernel.html#method-i-format for more.) - AssignNodeHostname: "compute%d" LSF: # Arguments to bsub when submitting Arvados containers as LSF jobs. @@ -1341,15 +1292,23 @@ Clusters: # %M memory in MB # %T tmp in MB # %G number of GPU devices (runtime_constraints.cuda.device_count) + # %W maximum run time in minutes (see MaxRunTimeOverhead and + # MaxRunTimeDefault below) # - # Use %% to express a literal %. The %%J in the default will be changed - # to %J, which is interpreted by bsub itself. + # Use %% to express a literal %. For example, the %%J in the + # default argument list will be changed to %J, which is + # interpreted by bsub itself. # # Note that the default arguments cause LSF to write two files # in /tmp on the compute node each time an Arvados container # runs. Ensure you have something in place to delete old files # from /tmp, or adjust the "-o" and "-e" arguments accordingly. - BsubArgumentsList: ["-o", "/tmp/crunch-run.%%J.out", "-e", "/tmp/crunch-run.%%J.err", "-J", "%U", "-n", "%C", "-D", "%MMB", "-R", "rusage[mem=%MMB:tmp=%TMB] span[hosts=1]", "-R", "select[mem>=%MMB]", "-R", "select[tmp>=%TMB]", "-R", "select[ncpus>=%C]"] + # + # If ["-We", "%W"] or ["-W", "%W"] appear in this argument + # list, and MaxRunTimeDefault is not set (see below), both of + # those arguments will be dropped from the argument list when + # running a container that has no max_run_time value. + BsubArgumentsList: ["-o", "/tmp/crunch-run.%%J.out", "-e", "/tmp/crunch-run.%%J.err", "-J", "%U", "-n", "%C", "-D", "%MMB", "-R", "rusage[mem=%MMB:tmp=%TMB] span[hosts=1]", "-R", "select[mem>=%MMB]", "-R", "select[tmp>=%TMB]", "-R", "select[ncpus>=%C]", "-We", "%W"] # Arguments that will be appended to the bsub command line # when submitting Arvados containers as LSF jobs with @@ -1364,6 +1323,19 @@ Clusters: # Arvados LSF dispatcher runs ("submission host"). BsubSudoUser: "crunch" + # When passing the scheduling_constraints.max_run_time value + # to LSF via "%W", add this much time to account for + # crunch-run startup/shutdown overhead. + MaxRunTimeOverhead: 5m + + # If non-zero, MaxRunTimeDefault is used as the default value + # for max_run_time for containers that do not specify a time + # limit. MaxRunTimeOverhead will be added to this. + # + # Example: + # MaxRunTimeDefault: 2h + MaxRunTimeDefault: 0 + JobsAPI: # Enable the legacy 'jobs' API (crunch v1). This value must be a string. # @@ -1376,12 +1348,6 @@ Clusters: # 'false' -- disable the Jobs API despite presence of existing records. Enable: 'auto' - # Git repositories must be readable by api server, or you won't be - # able to submit crunch jobs. To pass the test suites, put a clone - # of the arvados tree in {git_repositories_dir}/arvados.git or - # {git_repositories_dir}/arvados/.git - GitInternalDir: /var/lib/arvados/internal.git - CloudVMs: # Enable the cloud scheduler. Enable: false @@ -1523,7 +1489,7 @@ Clusters: # container runner/supervisor. The default value is the # dispatcher program itself. # - # Use the empty string to disable this step: nothing will be + # Use an empty string to disable this step: nothing will be # copied, and cloud instances are assumed to have a suitable # version of crunch-run installed; see CrunchRunCommand above. DeployRunnerBinary: "/proc/self/exe" @@ -1787,8 +1753,18 @@ Clusters: Serialize: false Mail: - MailchimpAPIKey: "" - MailchimpListID: "" + # In order to send mail, Arvados expects a default SMTP server + # on localhost:25. It cannot require authentication on + # connections from localhost. That server should be configured + # to relay mail to a "real" SMTP server that is able to send + # email on behalf of your domain. + + # See also the "Users" configuration section for additional + # email-related options. + + # When a user has been set up (meaning they are able to log in) + # they will receive an email using the template specified + # earlier in Users.UserSetupMailText SendUserSetupNotificationEmail: true # Bug/issue report notification to and from addresses @@ -1798,6 +1774,10 @@ Clusters: # Generic issue email from EmailFrom: "arvados@example.com" + + # No longer supported, to be removed. + MailchimpAPIKey: "" + MailchimpListID: "" RemoteClusters: "*": Host: ""