X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/f2788dd5fc3ef725969d6c0fcc4ddee3754829fc..f84e4b2ab7cd923aff2f99c04cb1313b36866393:/lib/config/config.default.yml diff --git a/lib/config/config.default.yml b/lib/config/config.default.yml index 97ded6bf68..a9bbf4eee9 100644 --- a/lib/config/config.default.yml +++ b/lib/config/config.default.yml @@ -55,6 +55,9 @@ Clusters: DispatchLSF: InternalURLs: {SAMPLE: {}} ExternalURL: "" + DispatchSLURM: + InternalURLs: {SAMPLE: {}} + ExternalURL: "" Keepproxy: InternalURLs: {SAMPLE: {}} ExternalURL: "" @@ -234,6 +237,25 @@ Clusters: # Timeout on requests to internal Keep services. KeepServiceRequestTimeout: 15s + # Vocabulary file path, local to the node running the controller. + # This JSON file should contain the description of what's allowed + # as object's metadata. Its format is described at: + # https://doc.arvados.org/admin/metadata-vocabulary.html + VocabularyPath: "" + + # If true, a project must have a non-empty description field in + # order to be frozen. + FreezeProjectRequiresDescription: false + + # Project properties that must have non-empty values in order to + # freeze a project. Example: "property_name": {} + FreezeProjectRequiresProperties: + SAMPLE: {} + + # If true, only an admin user can un-freeze a project. If false, + # any user with "manage" permission can un-freeze. + UnfreezeProjectRequiresAdmin: false + Users: # Config parameters to automatically setup new users. If enabled, # this users will be able to self-activate. Enable this if you want @@ -259,6 +281,16 @@ Clusters: # user agreements. Should only be enabled for development. NewUsersAreActive: false + # Newly activated users (whether set up by an admin or via + # AutoSetupNewUsers) immediately become visible to other active + # users. + # + # On a multi-tenant cluster, where the intent is for users to be + # invisible to one another unless they have been added to the + # same group(s) via Workbench admin interface, change this to + # false. + ActivatedUsersAreVisibleToOthers: true + # The e-mail address of the user you would like to become marked as an admin # user on their first login. AutoAdminUserWithEmail: "" @@ -278,9 +310,7 @@ Clusters: NewInactiveUserNotificationRecipients: {} # Set AnonymousUserToken to enable anonymous user access. Populate this - # field with a long random string. Then run "bundle exec - # ./script/get_anonymous_user_token.rb" in the directory where your API - # server is running to record the token in the database. + # field with a random string at least 50 characters long. AnonymousUserToken: "" # If a new user has an alternate email address (local@domain) @@ -303,6 +333,14 @@ Clusters: Thanks, Your Arvados administrator. + # If RoleGroupsVisibleToAll is true, all role groups are visible + # to all active users. + # + # If false, users must be granted permission to role groups in + # order to see them. This is more appropriate for a multi-tenant + # cluster. + RoleGroupsVisibleToAll: true + AuditLogs: # Time to keep audit logs, in seconds. (An audit log is a row added # to the "logs" table in the PostgreSQL database each time an @@ -481,12 +519,12 @@ Clusters: # is older than the amount of seconds defined on PreserveVersionIfIdle, # a snapshot of the collection's previous state is created and linked to # the current collection. - CollectionVersioning: false + CollectionVersioning: true # 0s = auto-create a new version on every update. # -1s = never auto-create new versions. # > 0s = auto-create a new version when older than the specified number of seconds. - PreserveVersionIfIdle: -1s + PreserveVersionIfIdle: 10s # If non-empty, allow project and collection names to contain # the "/" character (slash/stroke/solidus), and replace "/" with @@ -875,10 +913,24 @@ Clusters: # go down. MaxComputeVMs: 64 - # Preemptible instance support (e.g. AWS Spot Instances) - # When true, child containers will get created with the preemptible - # scheduling parameter parameter set. - UsePreemptibleInstances: false + # Schedule all child containers on preemptible instances (e.g. AWS + # Spot Instances) even if not requested by the submitter. + # + # If false, containers are scheduled on preemptible instances + # only when requested by the submitter. + # + # This flag is ignored if no preemptible instance types are + # configured, and has no effect on top-level containers. + AlwaysUsePreemptibleInstances: false + + # Automatically add a preemptible variant for every + # non-preemptible entry in InstanceTypes below. The maximum bid + # price for the preemptible variant will be the non-preemptible + # price multiplied by PreemptiblePriceFactor. If 0, preemptible + # variants are not added automatically. + # + # A price factor of 1.0 is a reasonable starting point. + PreemptiblePriceFactor: 0 # PEM encoded SSH key (RSA, DSA, or ECDSA) used by the # cloud dispatcher for executing containers on worker VMs. @@ -921,15 +973,25 @@ Clusters: # A zero value disables this feature. # # In order for this feature to be activated, no volume may use - # AccessViaHosts, and each volume must have Replication higher - # than Collections.DefaultReplication. If these requirements are - # not satisfied, the feature is disabled automatically - # regardless of the value given here. + # AccessViaHosts, and no writable volume may have Replication + # lower than Collections.DefaultReplication. If these + # requirements are not satisfied, the feature is disabled + # automatically regardless of the value given here. + # + # When an HPC dispatcher is in use (see SLURM and LSF sections), + # this feature depends on the operator to ensure an up-to-date + # cluster configuration file (/etc/arvados/config.yml) is + # available on all compute nodes. If it is missing or not + # readable by the crunch-run user, the feature will be disabled + # automatically. To read it from a different location, add a + # "-config=/path/to/config.yml" argument to + # CrunchRunArgumentsList above. # - # Note that when this configuration is enabled, the entire - # cluster configuration file, including the system root token, - # is copied to the worker node and held in memory for the - # duration of the container. + # When the cloud dispatcher is in use (see CloudVMs section) and + # this configuration is enabled, the entire cluster + # configuration file, including the system root token, is copied + # to the worker node and held in memory for the duration of the + # container. LocalKeepBlobBuffersPerVCPU: 1 # When running a dedicated keepstore process for a container @@ -1065,6 +1127,7 @@ Clusters: # %C number of VCPUs # %M memory in MB # %T tmp in MB + # %G number of GPU devices (runtime_constraints.cuda.device_count) # # Use %% to express a literal %. The %%J in the default will be changed # to %J, which is interpreted by bsub itself. @@ -1073,7 +1136,12 @@ Clusters: # in /tmp on the compute node each time an Arvados container # runs. Ensure you have something in place to delete old files # from /tmp, or adjust the "-o" and "-e" arguments accordingly. - BsubArgumentsList: ["-o", "/tmp/crunch-run.%%J.out", "-e", "/tmp/crunch-run.%%J.err", "-J", "%U", "-n", "%C", "-D", "%MMB", "-R", "rusage[mem=%MMB:tmp=%TMB] span[hosts=1]"] + BsubArgumentsList: ["-o", "/tmp/crunch-run.%%J.out", "-e", "/tmp/crunch-run.%%J.err", "-J", "%U", "-n", "%C", "-D", "%MMB", "-R", "rusage[mem=%MMB:tmp=%TMB] span[hosts=1]", "-R", "select[mem>=%MMB]", "-R", "select[tmp>=%TMB]", "-R", "select[ncpus>=%C]"] + + # Arguments that will be appended to the bsub command line + # when submitting Arvados containers as LSF jobs with + # runtime_constraints.cuda.device_count > 0 + BsubCUDAArguments: ["-gpu", "num=%G"] # Use sudo to switch to this user account when submitting LSF # jobs. @@ -1214,7 +1282,9 @@ Clusters: # need to be detected and cleaned up manually. TagKeyPrefix: Arvados - # Cloud driver: "azure" (Microsoft Azure) or "ec2" (Amazon AWS). + # Cloud driver: "azure" (Microsoft Azure), "ec2" (Amazon AWS), + # or "loopback" (run containers on dispatch host for testing + # purposes). Driver: ec2 # Cloud-specific driver parameters. @@ -1231,6 +1301,9 @@ Clusters: Region: "" EBSVolumeType: gp2 AdminUsername: debian + # (ec2) name of the IAMInstanceProfile for instances started by + # the cloud dispatcher. Leave blank when not needed. + IAMInstanceProfile: "" # (azure) Credentials. SubscriptionID: "" @@ -1287,6 +1360,11 @@ Clusters: AddedScratch: 0 Price: 0.1 Preemptible: false + # Include this section if the node type includes GPU (CUDA) support + CUDA: + DriverVersion: "11.0" + HardwareCapability: "9.0" + DeviceCount: 1 StorageClasses: @@ -1346,7 +1424,7 @@ Clusters: AccessKeyID: aaaaa SecretAccessKey: aaaaa Endpoint: "" - Region: us-east-1a + Region: us-east-1 Bucket: aaaaa LocationConstraint: false V2Signature: false @@ -1448,6 +1526,11 @@ Clusters: ShowUserAgreementInline: false SecretKeyBase: "" + # Set this configuration to true to avoid providing an easy way for users + # to share data with unauthenticated users; this may be necessary on + # installations where strict data access controls are needed. + DisableSharingURLsUI: false + # Scratch directory used by the remote repository browsing # feature. If it doesn't exist, it (and any missing parents) will be # created using mkdir_p. @@ -1566,7 +1649,6 @@ Clusters: DefaultOpenIdPrefix: "https://www.google.com/accounts/o8/id" # Workbench2 configs - VocabularyURL: "" FileViewersConfigURL: "" # Idle time after which the user's session will be auto closed.