X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/b5097189362f4cb1fb96d6993d570500a7e227ae..9fa635c9dc288317f19471291accecf8690f5718:/services/api/config/application.default.yml

diff --git a/services/api/config/application.default.yml b/services/api/config/application.default.yml
index 47b4bf1281..f51679135d 100644
--- a/services/api/config/application.default.yml
+++ b/services/api/config/application.default.yml
@@ -289,6 +289,11 @@ common:
   ### Crunch, DNS & compute node management
   ###
 
+  # Preemptible instance support (e.g. AWS Spot Instances)
+  # When true, child containers will get created with the preemptible
+  # scheduling parameter parameter set.
+  preemptible_instances: false
+
   # Docker image to be used when none found in runtime_constraints of a job
   default_docker_image_for_jobs: false
 
@@ -386,14 +391,23 @@ common:
   ### Federation support.
   ###
 
-  # Map known prefixes to hosts. Example:
+  # You can enable use of this cluster by users who are authenticated
+  # by a remote Arvados site. Control which remote hosts are trusted
+  # to authenticate which user IDs by configuring remote_hosts,
+  # remote_hosts_via_dns, or both. The default configuration disables
+  # remote authentication.
+
+  # Map known prefixes to hosts. For example, if user IDs beginning
+  # with "zzzzz-" should be authenticated by the Arvados server at
+  # "zzzzz.example.com", use:
+  #
   # remote_hosts:
   #   zzzzz: zzzzz.example.com
   remote_hosts: {}
 
   # Use {prefix}.arvadosapi.com for any prefix not given in
   # remote_hosts above.
-  remote_hosts_via_dns: true
+  remote_hosts_via_dns: false
 
   ###
   ### Remaining assorted configuration options.
@@ -401,9 +415,10 @@ common:
 
   arvados_theme: default
 
-  # Permit insecure (OpenSSL::SSL::VERIFY_NONE) connections to the Single Sign
-  # On (sso) server.  Should only be enabled during development when the SSO
-  # server is using a self-signed cert.
+  # Permit insecure (OpenSSL::SSL::VERIFY_NONE) connections to the
+  # Single Sign On (sso) server and remote Arvados sites.  Should only
+  # be enabled during development when the SSO server is using a
+  # self-signed cert.
   sso_insecure: false
 
   ## Set Time.zone default to the specified zone and make Active
@@ -459,6 +474,13 @@ common:
   # Server expects request header of the format "Authorization: Bearer xxx"
   ManagementToken: false
 
+  # URL of keep-web service.  Provides read/write access to collections via
+  # HTTP and WebDAV protocols.
+  #
+  # Example:
+  # keep_web_service_url: https://download.uuid_prefix.arvadosapi.com/
+  keep_web_service_url: false
+
 development:
   force_ssl: false
   cache_classes: false