X-Git-Url: https://git.arvados.org/arvados.git/blobdiff_plain/f5ef76001884b7b464574c51783efc352f5e7532..f04693da1811e670d4cbb981debeecf14d79137c:/lib/config/generated_config.go diff --git a/lib/config/generated_config.go b/lib/config/generated_config.go index 58a7690f48..c6be59ecf7 100644 --- a/lib/config/generated_config.go +++ b/lib/config/generated_config.go @@ -182,10 +182,19 @@ Clusters: # parameter higher than this value, this value is used instead. MaxItemsPerResponse: 1000 + # Maximum number of concurrent requests to accept in a single + # service process, or 0 for no limit. Currently supported only + # by keepstore. + MaxConcurrentRequests: 0 + + # Maximum number of 64MiB memory buffers per keepstore server + # process, or 0 for no limit. + MaxKeepBlockBuffers: 128 + # API methods to disable. Disabled methods are not listed in the # discovery document, and respond 404 to all requests. - # Example: ["jobs.create", "pipeline_instances.create"] - DisabledAPIs: [] + # Example: {"jobs.create":{}, "pipeline_instances.create": {}} + DisabledAPIs: {} # Interval (seconds) between asynchronous permission view updates. Any # permission-updating API called with the 'async' parameter schedules a an @@ -204,20 +213,38 @@ Clusters: # Maximum wall clock time to spend handling an incoming request. RequestTimeout: 5m + # Websocket will send a periodic empty event after 'SendTimeout' + # if there is no other activity to maintain the connection / + # detect dropped connections. + SendTimeout: 60s + + WebsocketClientEventQueue: 64 + WebsocketServerEventQueue: 4 + + # Timeout on requests to internal Keep services. + KeepServiceRequestTimeout: 15s + Users: # Config parameters to automatically setup new users. If enabled, # this users will be able to self-activate. Enable this if you want # to run an open instance where anyone can create an account and use # the system without requiring manual approval. # - # The params auto_setup_new_users_with_* are meaningful only when auto_setup_new_users is turned on. - # auto_setup_name_blacklist is a list of usernames to be blacklisted for auto setup. + # The params AutoSetupNewUsersWith* are meaningful only when AutoSetupNewUsers is turned on. + # AutoSetupUsernameBlacklist is a list of usernames to be blacklisted for auto setup. AutoSetupNewUsers: false AutoSetupNewUsersWithVmUUID: "" AutoSetupNewUsersWithRepository: false - AutoSetupUsernameBlacklist: [arvados, git, gitolite, gitolite-admin, root, syslog] + AutoSetupUsernameBlacklist: + arvados: {} + git: {} + gitolite: {} + gitolite-admin: {} + root: {} + syslog: {} + SAMPLE: {} - # When new_users_are_active is set to true, new users will be active + # When NewUsersAreActive is set to true, new users will be active # immediately. This skips the "self-activate" step which enforces # user agreements. Should only be enabled for development. NewUsersAreActive: false @@ -229,7 +256,7 @@ Clusters: # should be an address associated with a Google account. AutoAdminUserWithEmail: "" - # If auto_admin_first_user is set to true, the first user to log in when no + # If AutoAdminFirstUser is set to true, the first user to log in when no # other admin users exist will automatically become an admin user. AutoAdminFirstUser: false @@ -239,10 +266,10 @@ Clusters: AdminNotifierEmailFrom: arvados@example.com EmailSubjectPrefix: "[ARVADOS] " UserNotifierEmailFrom: arvados@example.com - NewUserNotificationRecipients: [] - NewInactiveUserNotificationRecipients: [] + NewUserNotificationRecipients: {} + NewInactiveUserNotificationRecipients: {} - # Set anonymous_user_token to enable anonymous user access. You can get + # Set AnonymousUserToken to enable anonymous user access. You can get # the token by running "bundle exec ./script/get_anonymous_user_token.rb" # in the directory where your API server is running. AnonymousUserToken: "" @@ -258,7 +285,7 @@ Clusters: # Maximum number of log rows to delete in a single SQL transaction. # - # If max_audit_log_delete_batch is 0, log entries will never be + # If MaxDeleteBatch is 0, log entries will never be # deleted by Arvados. Cleanup can be done by an external process # without affecting any Arvados system processes, as long as very # recent (<5 minutes old) logs are not deleted. @@ -267,13 +294,13 @@ Clusters: MaxDeleteBatch: 0 # Attributes to suppress in events and audit logs. Notably, - # specifying ["manifest_text"] here typically makes the database + # specifying {"manifest_text": {}} here typically makes the database # smaller and faster. # # Warning: Using any non-empty value here can have undesirable side # effects for any client or component that relies on event logs. # Use at your own risk. - UnloggedAttributes: [] + UnloggedAttributes: {} SystemLogs: @@ -304,15 +331,44 @@ Clusters: # BlobSigningKey is a string of alphanumeric characters used to # generate permission signatures for Keep locators. It must be - # identical to the permission key given to Keep. IMPORTANT: This is - # a site secret. It should be at least 50 characters. + # identical to the permission key given to Keep. IMPORTANT: This + # is a site secret. It should be at least 50 characters. # - # Modifying blob_signing_key will invalidate all existing + # Modifying BlobSigningKey will invalidate all existing # signatures, which can cause programs to fail (e.g., arv-put, - # arv-get, and Crunch jobs). To avoid errors, rotate keys only when - # no such processes are running. + # arv-get, and Crunch jobs). To avoid errors, rotate keys only + # when no such processes are running. BlobSigningKey: "" + # Enable garbage collection of unreferenced blobs in Keep. + BlobTrash: true + + # Time to leave unreferenced blobs in "trashed" state before + # deleting them, or 0 to skip the "trashed" state entirely and + # delete unreferenced blobs. + # + # If you use any Amazon S3 buckets as storage volumes, this + # must be at least 24h to avoid occasional data loss. + BlobTrashLifetime: 336h + + # How often to check for (and delete) trashed blocks whose + # BlobTrashLifetime has expired. + BlobTrashCheckInterval: 24h + + # Maximum number of concurrent "trash blob" and "delete trashed + # blob" operations conducted by a single keepstore process. Each + # of these can be set to 0 to disable the respective operation. + # + # If BlobTrashLifetime is zero, "trash" and "delete trash" + # happen at once, so only the lower of these two values is used. + BlobTrashConcurrency: 4 + BlobDeleteConcurrency: 4 + + # Maximum number of concurrent "create additional replica of + # existing blob" operations conducted by a single keepstore + # process. + BlobReplicateConcurrency: 4 + # Default replication level for collections. This is used when a # collection's replication_desired attribute is nil. DefaultReplication: 2 @@ -329,14 +385,14 @@ Clusters: # keepstore servers. Otherwise, reading data blocks and saving # collections will fail with HTTP 403 permission errors. # - # Modifying blob_signature_ttl invalidates existing signatures; see - # blob_signing_key note above. + # Modifying BlobSigningTTL invalidates existing signatures; see + # BlobSigningKey note above. # # The default is 2 weeks. BlobSigningTTL: 336h # Default lifetime for ephemeral collections: 2 weeks. This must not - # be less than blob_signature_ttl. + # be less than BlobSigningTTL. DefaultTrashLifetime: 336h # Interval (seconds) between trash sweeps. During a trash sweep, @@ -346,7 +402,7 @@ Clusters: # If true, enable collection versioning. # When a collection's preserve_version field is true or the current version - # is older than the amount of seconds defined on preserve_version_if_idle, + # is older than the amount of seconds defined on PreserveVersionIfIdle, # a snapshot of the collection's previous state is created and linked to # the current collection. CollectionVersioning: false @@ -383,6 +439,23 @@ Clusters: # The default setting (false) is appropriate for a multi-user site. TrustAllContent: false + # Cache parameters for WebDAV content serving: + # * TTL: Maximum time to cache manifests and permission checks. + # * UUIDTTL: Maximum time to cache collection state. + # * MaxBlockEntries: Maximum number of block cache entries. + # * MaxCollectionEntries: Maximum number of collection cache entries. + # * MaxCollectionBytes: Approximate memory limit for collection cache. + # * MaxPermissionEntries: Maximum number of permission cache entries. + # * MaxUUIDEntries: Maximum number of UUID cache entries. + WebDAVCache: + TTL: 300s + UUIDTTL: 5s + MaxBlockEntries: 4 + MaxCollectionEntries: 1000 + MaxCollectionBytes: 100000000 + MaxPermissionEntries: 1000 + MaxUUIDEntries: 1000 + Login: # These settings are provided by your OAuth2 provider (e.g., # sso-provider). @@ -390,6 +463,17 @@ Clusters: ProviderAppID: "" Git: + # Path to git or gitolite-shell executable. Each authenticated + # request will execute this program with the single argument "http-backend" + GitCommand: /usr/bin/git + + # Path to Gitolite's home directory. If a non-empty path is given, + # the CGI environment will be set up to support the use of + # gitolite-shell as a GitCommand: for example, if GitoliteHome is + # "/gh", then the CGI environment will have GITOLITE_HTTP_HOME=/gh, + # PATH=$PATH:/gh/bin, and GL_BYPASS_ACCESS_CHECKS=1. + GitoliteHome: "" + # Git repositories must be readable by api server, or you won't be # able to submit crunch jobs. To pass the test suites, put a clone # of the arvados tree in {git_repositories_dir}/arvados.git or @@ -408,10 +492,12 @@ Clusters: # to skip the compatibility check (and display a warning message to # that effect). # - # Example for sites running docker < 1.10: ["v1"] - # Example for sites running docker >= 1.10: ["v2"] - # Example for disabling check: [] - SupportedDockerImageFormats: ["v2"] + # Example for sites running docker < 1.10: {"v1": {}} + # Example for sites running docker >= 1.10: {"v2": {}} + # Example for disabling check: {} + SupportedDockerImageFormats: + "v2": {} + SAMPLE: {} # Include details about job reuse decisions in the server log. This # causes additional database queries to run, so it should not be @@ -514,6 +600,8 @@ Clusters: SLURM: PrioritySpread: 0 SbatchArgumentsList: [] + SbatchEnvironmentVariables: + SAMPLE: "" Managed: # Path to dns server configuration directory # (e.g. /etc/unbound.d/conf.d). If false, do not write any config @@ -537,7 +625,8 @@ Clusters: ComputeNodeDomain: "" ComputeNodeNameservers: - - 192.168.1.1 + "192.168.1.1": {} + SAMPLE: {} # Hostname to assign to a compute node when it sends a "ping" and the # hostname in its Node record is nil. @@ -556,7 +645,11 @@ Clusters: AssignNodeHostname: "compute%d" JobsAPI: - # Enable the legacy Jobs API. This value must be a string. + # Enable the legacy 'jobs' API (crunch v1). This value must be a string. + # + # Note: this only enables read-only access, creating new + # legacy jobs and pipelines is not supported. + # # 'auto' -- (default) enable the Jobs API only if it has been used before # (i.e., there are job records in the database) # 'true' -- enable the Jobs API despite lack of existing records. @@ -569,30 +662,6 @@ Clusters: # {git_repositories_dir}/arvados/.git GitInternalDir: /var/lib/arvados/internal.git - # Docker image to be used when none found in runtime_constraints of a job - DefaultDockerImage: "" - - # none or slurm_immediate - CrunchJobWrapper: none - - # username, or false = do not set uid when running jobs. - CrunchJobUser: crunch - - # The web service must be able to create/write this file, and - # crunch-job must be able to stat() it. - CrunchRefreshTrigger: /tmp/crunch_refresh_trigger - - # Control job reuse behavior when two completed jobs match the - # search criteria and have different outputs. - # - # If true, in case of a conflict, reuse the earliest job (this is - # similar to container reuse behavior). - # - # If false, in case of a conflict, do not reuse any completed job, - # but do reuse an already-running job if available (this is the - # original job reuse behavior, and is still the default). - ReuseJobIfOutputsDiffer: false - CloudVMs: # Enable the cloud scheduler (experimental). Enable: false @@ -679,7 +748,7 @@ Clusters: # (ec2) Instance configuration. SecurityGroupIDs: - - "" + "SAMPLE": {} SubnetID: "" Region: "" EBSVolumeType: gp2 @@ -716,6 +785,48 @@ Clusters: Price: 0.1 Preemptible: false + Volumes: + SAMPLE: + AccessViaHosts: + SAMPLE: + ReadOnly: false + ReadOnly: false + Replication: 1 + StorageClasses: + default: true + SAMPLE: true + Driver: s3 + DriverParameters: + + # for s3 driver + AccessKey: aaaaa + SecretKey: aaaaa + Endpoint: "" + Region: us-east-1a + Bucket: aaaaa + LocationConstraint: false + IndexPageSize: 1000 + ConnectTimeout: 1m + ReadTimeout: 10m + RaceWindow: 24h + UnsafeDelete: false + + # for azure driver + StorageAccountName: aaaaa + StorageAccountKey: aaaaa + StorageBaseURL: core.windows.net + ContainerName: aaaaa + RequestTimeout: 30s + ListBlobsRetryDelay: 10s + ListBlobsMaxAttempts: 10 + MaxGetBytes: 0 + WriteRaceInterval: 15s + WriteRacePollTime: 1s + + # for local directory driver + Root: /var/lib/arvados/keep-data + Serialize: false + Mail: MailchimpAPIKey: "" MailchimpListID: ""