[ARVADOS] updated: 1.3.0-1994-gdfff0d837
Git user
git at public.arvados.org
Sun Dec 15 05:03:00 UTC 2019
Summary of changes:
doc/install/config.html.textile.liquid | 20 ++++++-
...onfigure-azure-blob-storage.html.textile.liquid | 27 +++++----
doc/install/google-auth.html.textile.liquid | 19 +++---
doc/install/install-api-server.html.textile.liquid | 27 ++++++---
doc/install/install-keep-web.html.textile.liquid | 69 ++++++++++++----------
doc/install/install-keepproxy.html.textile.liquid | 27 +++++++--
doc/install/install-keepstore.html.textile.liquid | 36 ++++++-----
doc/install/install-postgresql.html.textile.liquid | 12 ++--
.../install-workbench-app.html.textile.liquid | 2 +-
doc/install/setup-login.html.textile.liquid | 2 +-
doc/sdk/cli/install.html.textile.liquid | 10 +---
11 files changed, 154 insertions(+), 97 deletions(-)
via dfff0d837f55f7880242c676dfe35369a057072c (commit)
from d93144987ffbbc37649400fca187312f3c39ddcb (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit dfff0d837f55f7880242c676dfe35369a057072c
Author: Peter Amstutz <peter.amstutz at curii.com>
Date: Sun Dec 15 00:02:02 2019 -0500
15572: Documentation tweaks from experience installing dev cluster
Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>
diff --git a/doc/install/config.html.textile.liquid b/doc/install/config.html.textile.liquid
index 4527470ac..6993bbad5 100644
--- a/doc/install/config.html.textile.liquid
+++ b/doc/install/config.html.textile.liquid
@@ -11,7 +11,7 @@ SPDX-License-Identifier: CC-BY-SA-3.0
h2. Arados /etc/arvados/config.yml
-The configuration file is normally found at @/etc/arvados/config.yml@ and will be referred to as just @config.yml@ in this guide. This configuration file should be kept in sync across every node in the cluster, except compute nodes (which usually do not require config.yml). We recommend using a devops configuration management tool such as "Puppet":https://puppet.com/open-source/ to synchronize the config file.
+The configuration file is normally found at @/etc/arvados/config.yml@ and will be referred to as just @config.yml@ in this guide. This configuration file must be kept in sync across every service node in the cluster, but not shell and compute nodes (which do not require config.yml).
h3. Syntax
@@ -38,15 +38,31 @@ Size suffixes are K=10 ^3^, Ki=2 ^10^ , M=10 ^6^, Mi=2 ^20^, G=10 ^9^, Gi=2 ^30^
h3(#empty). Create empty configuration file
+Change @webserver-user@ to the user that runs your web server process. This is @www-data@ on Debian-based systems, and @nginx@ on Red Hat-based systems.
+
<notextile>
<pre><code># <span class="userinput">export ClusterID=xxxxx</span>
+# <span class="userinput">umask 027</span>
# <span class="userinput">mkdir -p /etc/arvados</span>
# <span class="userinput">cat > /etc/arvados/config.yml <<EOF
Clusters:
${ClusterID}:
-EOF</span></code></pre>
+EOF</span>
+# <span class="userinput">chgrp webserver-user /etc/arvados /etc/arvados/config.yml</span>
+</span></code></pre>
</notextile>
h2. Nginx configuration
This guide will also cover setting up "Nginx":https://www.nginx.com/ as a reverse proxy for Arvados services. Nginx performs two main functions: TLS termination and virtual host routing. The virtual host configuration for each component will go in its own file in @/etc/nginx/conf.d/@.
+
+h2. Synchronizing config file
+
+The Arvados configuration file must be kept in sync across every service node in the cluster. We strongly recommend using a devops configuration management tool such as "Puppet":https://puppet.com/open-source/ to synchronize the config file. Alternately, something like the following script to securely copy the configuration file to each node may be helpful. Replace the @ssh@ targets with your nodes.
+
+<notextile>
+<pre><code>#!/bin/sh
+sudo cat /etc/arvados/config.yml | ssh <span class="userinput">10.0.0.2</span> sudo sh -c "'cat > /etc/arvados/config.yml'"
+sudo cat /etc/arvados/config.yml | ssh <span class="userinput">10.0.0.3</span> sudo sh -c "'cat > /etc/arvados/config.yml'"
+</code></pre>
+</notextile>
diff --git a/doc/install/configure-azure-blob-storage.html.textile.liquid b/doc/install/configure-azure-blob-storage.html.textile.liquid
index 4dc75c8be..26d5d9840 100644
--- a/doc/install/configure-azure-blob-storage.html.textile.liquid
+++ b/doc/install/configure-azure-blob-storage.html.textile.liquid
@@ -27,18 +27,25 @@ Using the Azure web portal or command line tool, create or choose a storage acco
<notextile>
<pre><code>~$ <span class="userinput">azure config mode arm</span>
-~$ <span class="userinput">azure login</span>
-~$ <span class="userinput">azure group create exampleGroupName eastus</span>
-~$ <span class="userinput">azure storage account create --type LRS --location eastus --resource-group exampleGroupName exampleStorageAccountName</span>
-~$ <span class="userinput">azure storage account keys list --resource-group exampleGroupName exampleStorageAccountName</span>
-info: Executing command storage account keys list
-+ Getting storage account keys
-data: Primary: zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz==
-data: Secondary: yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy==
-info: storage account keys list command OK
+~$ <span class="userinput">az login</span>
+~$ <span class="userinput">az group create exampleGroupName eastus2</span>
+~$ <span class="userinput">az storage account create --sku Standard_LRS --kind BlobStorage --encryption-services blob --access-tier Hot --https-only true --location eastus2 --resource-group exampleGroupName --name exampleStorageAccountName</span>
+~$ <span class="userinput">az storage account keys list --resource-group exampleGroupName --account-name exampleStorageAccountName
+[
+ {
+ "keyName": "key1",
+ "permissions": "Full",
+ "value": "zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz=="
+ },
+ {
+ "keyName": "key2",
+ "permissions": "Full",
+ "value": "yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy=="
+ }
+]</span>
~$ <span class="userinput">AZURE_STORAGE_ACCOUNT="exampleStorageAccountName" \
AZURE_STORAGE_ACCESS_KEY="zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz==" \
-azure storage container create exampleContainerName</span>
+azure storage container create --name exampleContainerName</span>
</code></pre>
</notextile>
diff --git a/doc/install/google-auth.html.textile.liquid b/doc/install/google-auth.html.textile.liquid
index ef45a841d..14e8cb1f5 100644
--- a/doc/install/google-auth.html.textile.liquid
+++ b/doc/install/google-auth.html.textile.liquid
@@ -12,15 +12,16 @@ SPDX-License-Identifier: CC-BY-SA-3.0
In order to use Google for authentication, you must use the <a href="https://console.developers.google.com" target="_blank">Google Developers Console</a> to create a set of client credentials.
# Go to the <a href="https://console.developers.google.com" target="_blank">Google Developers Console</a> and select or create a project; this will take you to the project page.
-# On the sidebar, click on *APIs & auth* then select *APIs*.
-## Search for *Contacts API* and click on *Enable API*.
-## Search for *Google+ API* and click on *Enable API*.
-# On the sidebar, click on *Credentials*; under *OAuth* click on *Create new Client ID* to bring up the *Create Client ID* dialog box.
+# Click on *+ Enable APIs and Services*
+## Search for *People API* and click on *Enable API*.
+# Navigate back to the main "APIs & Services" page
+# On the sidebar, click on *OAuth consent screen*
+## On consent screen settings, enter your identifying details
+## Under *Authorized domains* add @yourdomain.com@
+## Click on *Save*.
+# On the sidebar, click on *Credentials*; then click on *Create credentials*→*OAuth Client ID*
# Under *Application type* select *Web application*.
-# If the authorization origins are not displayed, clicking on *Create Client ID* will take you to *Consent screen* settings.
-## On consent screen settings, enter the appropriate details and click on *Save*.
-## This will return you to the *Create Client ID* dialog box.
# You must set the authorization origins. Edit @auth.your.domain@ to the appropriate hostname that you will use to access the SSO service:
-## JavaScript origin should be @https://auth.example.com/@
-## Redirect URI should be @https://auth.example.com/users/auth/google_oauth2/callback@
+## JavaScript origin should be @https://ClusterID.yourdomain.com/@ (using Arvados-controller based login) or @https://auth.yourdomain.com/@ (for the SSO server)
+## Redirect URI should be @https://ClusterID.yourdomain.com/login@ (using Arvados-controller based login) or @https://auth.yourdomain.com/users/auth/google_oauth2/callback@ (for the SSO server)
# Copy the values of *Client ID* and *Client secret* from the Google Developers Console and add them to the appropriate configuration.
diff --git a/doc/install/install-api-server.html.textile.liquid b/doc/install/install-api-server.html.textile.liquid
index cc3dc3b43..dc4023461 100644
--- a/doc/install/install-api-server.html.textile.liquid
+++ b/doc/install/install-api-server.html.textile.liquid
@@ -91,11 +91,11 @@ h3. Services
Controller:
ExternalURL: <span class="userinput">"https://xxxxx.example.com"</span>
InternalURLs:
- <span class="userinput">"http://xxxxx.example.com:8003": {}</span>
+ <span class="userinput">"http://localhost:8003": {}</span>
RailsAPI:
# Does not have an ExternalURL
InternalURLs:
- <span class="userinput">"http://xxxxx.example.com:8004": {}</span>
+ <span class="userinput">"http://localhost:8004": {}</span>
</code></pre>
</notextile>
@@ -120,24 +120,29 @@ Use a text editor to create a new file @/etc/nginx/conf.d/arvados-api-and-contro
# "available keep services" request with either a list of internal keep
# servers (0) or with the keepproxy (1).
#
-# TODO: Following the example here, update the netmask to the
-# your internal subnet.
+# TODO: Following the example here, update the 10.20.30.0/24 netmask
+# to match your private subnet.
+# TODO: Update 1.2.3.4 and add lines as necessary with the public IP
+# address of all servers that can also access the private network to
+# ensure they are not considered 'external'.
geo $external_client {
default 1;
+ 127.0.0.0/24 0;
<span class="userinput">10.20.30.0/24</span> 0;
+ <span class="userinput">1.2.3.4/32</span> 0;
}
# This is the port where nginx expects to contact arvados-controller.
upstream controller {
- server xxxxx.example.com:8003 fail_timeout=10s;
+ server localhost:8003 fail_timeout=10s;
}
server {
# This configures the public https port that clients will actually connect to,
# the request is reverse proxied to the upstream 'controller'
- listen <span class="userinput">xxxxx.example.com</span>:443 ssl;
+ listen *:443 ssl;
server_name <span class="userinput">xxxxx.example.com</span>;
ssl on;
@@ -166,7 +171,7 @@ server {
# This configures the Arvados API server. It is written using Ruby
# on Rails and uses the Passenger application server.
- listen <span class="userinput">xxxxx.example.com:8004</span>;
+ listen <span class="userinput">localhost:8004</span>;
server_name localhost-api;
root /var/www/arvados-api/current/public;
@@ -192,6 +197,8 @@ server {
{% include 'install_packages' %}
+{% assign arvados_component = 'arvados-controller' %}
+
{% include 'start_service' %}
h2(#confirm-working). Confirm working installation
@@ -216,4 +223,8 @@ $ curl -H "Authorization: Bearer $system_root_token" https://xxxxx.example.com/a
h3. Troubleshooting
-See the admin page on "Logging":{{site.baseurl}}/admin/logging.html .
+If you are getting TLS errors, make sure the @ssl_certificate@ directive in your nginx configuration has the "full certificate chain":http://nginx.org/en/docs/http/configuring_https_servers.html#chains
+
+Logs can be found in @/var/www/arvados-api/current/log/production.log@ and using @journalctl -u arvados-controller at .
+
+See also the admin page on "Logging":{{site.baseurl}}/admin/logging.html .
diff --git a/doc/install/install-keep-web.html.textile.liquid b/doc/install/install-keep-web.html.textile.liquid
index 9f1188831..63857138a 100644
--- a/doc/install/install-keep-web.html.textile.liquid
+++ b/doc/install/install-keep-web.html.textile.liquid
@@ -39,11 +39,12 @@ If blank, serve links to WebDAV with @disposition=attachment@ query param. Unli
If @WebDAVDownload@ is blank, and @WebDAV@ has a single origin (not wildcard, see below), then Workbench will show an error page
-<pre>
- Services:
+<notextile>
+<pre><code> Services:
WebDAVDownload:
- ExternalURL: https://download.ClusterID.example.com
-</pre>
+ ExternalURL: <span class="userinput">https://download.ClusterID.example.com</span>
+</code></pre>
+</notextile>
h3. Collections preview URL
@@ -53,31 +54,44 @@ h4. In their own subdomain
Collections can be served from their own subdomain:
-<pre>
- Services:
+<notextile>
+<pre><code> Services:
WebDAV:
- ExternalURL: https://*.collections.ClusterID.example.com
-</pre>
+ ExternalURL: <span class="userinput">https://*.collections.ClusterID.example.com</span>
+</code></pre>
+</notextile>
h4. Under the main domain
Alternately, they can go under the main domain by including @--@:
-<pre>
- Services:
+<notextile>
+<pre><code> Services:
WebDAV:
- ExternalURL: https://*--collections.ClusterID.example.com
-</pre>
+ ExternalURL: <span class="userinput">https://*--collections.ClusterID.example.com</span>
+</code></pre>
+</notextile>
h4. From a single domain
Serve preview links from a single domain, setting uuid or pdh in the path (similar to downloads). This configuration only allows previews of public data or collection-sharing links, because these use the anonymous user token or the token is already embedded in the URL. Authenticated requests will always result in file downloads from @Services.WebDAVDownload.ExternalURL at .
-<pre>
- Services:
+<notextile>
+<pre><code> Services:
WebDAV:
- ExternalURL: https://collections.ClusterID.example.com
-</pre>
+ ExternalURL: <span class="userinput">https://collections.ClusterID.example.com</span>
+</code></pre>
+</notextile>
+
+h2. Set InternalURLs
+
+<notextile>
+<pre><code> Services:
+ WebDAV:
+ InternalURLs:
+ <span class="userinput">"http://localhost:9002"</span>: {}
+</code></pre>
+</notextile>
h2(#update-config). Configure anonymous user token
@@ -87,21 +101,12 @@ If you intend to use Keep-web to serve public data to anonymous clients, configu
<notextile>
<pre><code> Users:
- AnonymousUserToken: "{{railsout}}"
+ AnonymousUserToken: <span class="userinput">"{{railsout}}"</span>
</code></pre>
</notextile>
Set @Users.AnonymousUserToken: ""@ (empty string) or leave it out if you do not want to serve public data.
-h2. Set InternalURL
-
-<pre>
- Services:
- WebDAV:
- InternalURL:
- "http://collections.ClusterID.example.com:9002": {}
-</pre>
-
h3. Update nginx configuration
Put a reverse proxy with SSL support in front of keep-web. Keep-web itself runs on the port 25107 (or whatever is specified in @Services.Keepproxy.InternalURL@) the reverse proxy runs on port 443 and forwards requests to Keepproxy.
@@ -114,7 +119,7 @@ upstream keep-web {
}
server {
- listen <span class="userinput">[TODO: your public IP address]</span>:443 ssl;
+ listen *:443 ssl;
server_name download.<span class="userinput">ClusterID</span>.example.com
collections.<span class="userinput">ClusterID</span>.example.com
*.collections.<span class="userinput">ClusterID</span>.example.com
@@ -157,16 +162,18 @@ In such cases -- for example, a site which is not reachable from the internet, w
h2(#confirm-working). Confirm working installation
-Adjust for your configuration.
-
<pre>
$ curl -H "Authorization: Bearer $system_root_token" https://download.ClusterID.example.com/c=59389a8f9ee9d399be35462a0f92541c-53/_/hello.txt
</pre>
+If wildcard collections domains are configured:
+
<pre>
-$ curl -H "Authorization: Bearer $system_root_token" https://collections.ClusterID.example.com/c=59389a8f9ee9d399be35462a0f92541c-53/_/hello.txt
+$ curl -H "Authorization: Bearer $system_root_token" https://59389a8f9ee9d399be35462a0f92541c-53.collections.ClusterID.example.com/hello.txt
</pre>
+If using a single collections preview domain:
+
<pre>
-$ curl -H "Authorization: Bearer $system_root_token" https://59389a8f9ee9d399be35462a0f92541c-53.collections.ClusterID.example.com/hello.txt
+$ curl https://collections.ClusterID.example.com/c=59389a8f9ee9d399be35462a0f92541c-53/t=$system_root_token/_/hello.txt
</pre>
diff --git a/doc/install/install-keepproxy.html.textile.liquid b/doc/install/install-keepproxy.html.textile.liquid
index c0d18d396..c0e9c48fd 100644
--- a/doc/install/install-keepproxy.html.textile.liquid
+++ b/doc/install/install-keepproxy.html.textile.liquid
@@ -43,7 +43,7 @@ Edit the cluster config at @/etc/arvados/config.yml@ and set @Services.Keepproxy
Keepproxy:
ExternalURL: <span class="userinput">https://keep.ClusterID.example.com</span>
InternalURLs:
- <span class="userinput">"http://keep.ClusterID.example.com:25107": {}</span>
+ <span class="userinput">"http://localhost:25107": {}</span>
</span></code></pre>
</notextile>
@@ -58,7 +58,7 @@ Use a text editor to create a new file @/etc/nginx/conf.d/keepproxy.conf@ with t
}
server {
- listen <span class="userinput">[TODO your public IP address]</span>:443 ssl;
+ listen *:443 ssl;
server_name keep.<span class="userinput">ClusterID</span>.example.com;
proxy_connect_timeout 90s;
@@ -94,8 +94,27 @@ h2(#confirm-working). Confirm working installation
Log into a host that is on a network external to your private Arvados network. The host should be able to contact your keepproxy server (eg @keep.ClusterID.example.com@), but not your keepstore servers (eg keep[0-9].ClusterID.example.com).
+ at ARVADOS_API_HOST@ and @ARVADOS_API_TOKEN@ must be set in the environment.
+
+ at ARVADOS_API_HOST@ should be the hostname of the API server.
+
+ at ARVADOS_API_TOKEN@ should be the system root token.
+
+Install the "Command line SDK":{{site.baseurl}}/sdk/cli/install.html
+
+Check that the keepproxy server is in the @keep_service@ "accessible" list:
+
+<notextile>
+<pre><code>
+$ <span class="userinput">arv keep_service accessible</span>
+[...]
+</code></pre>
+</notextile>
+
+If keepstore does not show up in the "accessible" list, and you are accessing it from within the private network, check that you have "properly configured the @geo@ block for the API server":install-api-server.html#update-nginx .
+
Install the "Python SDK":{{site.baseurl}}/sdk/python/sdk-python.html
- at ARVADOS_API_HOST@ and @ARVADOS_API_TOKEN@ must be set in the environment.
+You should now be able to use @arv-put@ to upload collections and @arv-get@ to fetch collections. Be sure to execute this from _outside_ the cluster's private network.
-You should now be able to use @arv-put@ to upload collections and @arv-get@ to fetch collections, for an example see "Testing keep.":install-keepstore.html#testing on the keepstore install page.
+{% include 'arv_put_example' %}
diff --git a/doc/install/install-keepstore.html.textile.liquid b/doc/install/install-keepstore.html.textile.liquid
index d6a529d38..e51818a0d 100644
--- a/doc/install/install-keepstore.html.textile.liquid
+++ b/doc/install/install-keepstore.html.textile.liquid
@@ -14,6 +14,7 @@ SPDX-License-Identifier: CC-BY-SA-3.0
# "Install keepstore package":#install-packages
# "Restart the API server and controller":#restart-api
# "Confirm working installation":#confirm-working
+# "Note on storage management":#note
h2. Introduction
@@ -62,7 +63,7 @@ Add each keepstore server to the @Services.Keepstore@ section of @/etc/arvados/c
InternalURLs:
"http://<span class="userinput">keep0.ClusterID.example.com</span>:25107/": {}
"http://<span class="userinput">keep1.ClusterID.example.com</span>:25107/": {}
- # and so forth
+ # and so forth
</code></pre>
</notextile>
@@ -76,26 +77,33 @@ Add each keepstore server to the @Services.Keepstore@ section of @/etc/arvados/c
h2(#confirm-working). Confirm working installation
-Install the "Python SDK":{{site.baseurl}}/sdk/python/sdk-python.html
+Log into a host that is on your private Arvados network. The host should be able to contact your your keepstore servers (eg keep[0-9].ClusterID.example.com).
@ARVADOS_API_HOST@ and @ARVADOS_API_TOKEN@ must be set in the environment.
-You should now be able to use @arv-put@ to upload collections and @arv-get@ to fetch collections:
+ at ARVADOS_API_HOST@ should be the hostname of the API server.
-<pre>
-$ echo "hello world!" > hello.txt
+ at ARVADOS_API_TOKEN@ should be the system root token.
-$ arv-put --portable-data-hash hello.txt
-2018-07-12 13:35:25 arvados.arv_put[28702] INFO: Creating new cache file at /home/example/.cache/arvados/arv-put/1571ec0adb397c6a18d5c74cc95b3a2a
-0M / 0M 100.0% 2018-07-12 13:35:27 arvados.arv_put[28702] INFO:
+Install the "Command line SDK":{{site.baseurl}}/sdk/cli/install.html
-2018-07-12 13:35:27 arvados.arv_put[28702] INFO: Collection saved as 'Saved at 2018-07-12 17:35:25 UTC by example at example'
-59389a8f9ee9d399be35462a0f92541c+53
+Check that the keepstore server is in the @keep_service@ "accessible" list:
-$ arv-get 59389a8f9ee9d399be35462a0f92541c+53/hello.txt
-hello world!
-</pre>
+<notextile>
+<pre><code>
+$ <span class="userinput">arv keep_service accessible</span>
+[...]
+</code></pre>
+</notextile>
+
+If keepstore does not show up in the "accessible" list, and you are accessing it from within the private network, check that you have "properly configured the @geo@ block for the API server":install-api-server.html#update-nginx .
+
+Next, install the "Python SDK":{{site.baseurl}}/sdk/python/sdk-python.html
+
+You should now be able to use @arv-put@ to upload collections and @arv-get@ to fetch collections. Be sure to execute this from _inside_ the cluster's private network. You will be able to access keep from _outside_ the private network after setting up "keepproxy":install-keepproxy.html .
+
+{% include 'arv_put_example' %}
-h3. Note on storage management
+h2(#note). Note on storage management
On its own, a keepstore server never deletes data. Instead, the keep-balance service determines which blocks are candidates for deletion and instructs the keepstore to move those blocks to the trash. Please see the "Balancing Keep servers":{{site.baseurl}}/admin/keep-balance.html for more details.
diff --git a/doc/install/install-postgresql.html.textile.liquid b/doc/install/install-postgresql.html.textile.liquid
index d7bf4c2d2..b25194a9e 100644
--- a/doc/install/install-postgresql.html.textile.liquid
+++ b/doc/install/install-postgresql.html.textile.liquid
@@ -25,10 +25,8 @@ h3(#centos7). CentOS 7
<notextile><pre># <span class="userinput">postgresql-setup initdb</span></pre></notextile>
# Configure the database to accept password connections
<notextile><pre><code># <span class="userinput">sed -ri -e 's/^(host +all +all +(127\.0\.0\.1\/32|::1\/128) +)ident$/\1md5/' /var/lib/pgsql/data/pg_hba.conf</span></code></pre></notextile>
-# Configure the database to launch at boot
- <notextile><pre># <span class="userinput">systemctl enable rh-postgresql95-postgresql</span></pre></notextile>
-# Start the database
- <notextile><pre># <span class="userinput">systemctl start rh-postgresql95-postgresql</span></pre></notextile>
+# Configure the database to launch at boot and start now
+ <notextile><pre># <span class="userinput">systemctl enable --now rh-postgresql95-postgresql</span></pre></notextile>
h3(#debian). Debian or Ubuntu
@@ -38,7 +36,5 @@ Ubuntu 14.04 (Trusty) requires an updated PostgreSQL version, see "the PostgreSQ
# Install PostgreSQL
<notextile><pre># <span class="userinput">apt-get --no-install-recommends install postgresql postgresql-contrib</span></pre></notextile>
-# Configure the database to launch at boot
- <notextile><pre># <span class="userinput">systemctl enable postgresql</span></pre></notextile>
-# Start PostgreSQL
- <notextile><pre># <span class="userinput">systemctl start postgresql</span></pre></notextile>
+# Configure the database to launch at boot and start now
+ <notextile><pre># <span class="userinput">systemctl enable --now postgresql</span></pre></notextile>
diff --git a/doc/install/install-workbench-app.html.textile.liquid b/doc/install/install-workbench-app.html.textile.liquid
index 8650ecc14..a6466dc61 100644
--- a/doc/install/install-workbench-app.html.textile.liquid
+++ b/doc/install/install-workbench-app.html.textile.liquid
@@ -56,7 +56,7 @@ Use a text editor to create a new file @/etc/nginx/conf.d/arvados-workbench.conf
<notextile>
<pre><code>server {
- listen <span class="userinput">[your public IP address]</span>:443 ssl;
+ listen *:443 ssl;
server_name workbench.<span class="userinput">ClusterID.example.com</span>;
ssl on;
diff --git a/doc/install/setup-login.html.textile.liquid b/doc/install/setup-login.html.textile.liquid
index 46f168774..b88ba4998 100644
--- a/doc/install/setup-login.html.textile.liquid
+++ b/doc/install/setup-login.html.textile.liquid
@@ -26,4 +26,4 @@ Next, copy the values of *Client ID* and *Client secret* from the Google Develop
h2(#sso). Option 2: Separate single-sign-on (SSO) server (supports Google, LDAP, local database)
-See "Install the Single Sign On (SSO) server":#install-sso.html
+See "Install the Single Sign On (SSO) server":install-sso.html
diff --git a/doc/sdk/cli/install.html.textile.liquid b/doc/sdk/cli/install.html.textile.liquid
index 207809780..c43c095aa 100644
--- a/doc/sdk/cli/install.html.textile.liquid
+++ b/doc/sdk/cli/install.html.textile.liquid
@@ -17,15 +17,7 @@ h2. Prerequisites
# "Install Ruby and Bundler":../../install/ruby.html
# "Install the Python SDK":../python/sdk-python.html
-h2. Option 1: Install distribution package
-
-First, configure the "Arvados package repositories":../../install/packages.html
-
-{% assign arvados_component = 'arvados-cli' %}
-
-{% include 'install_packages' %}
-
-h2. Option 2: Install from RubyGems
+h2. Install from RubyGems
<notextile>
<pre>
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list