[arvados] updated: 2.1.0-2770-gc966970d6
git repository hosting
git at public.arvados.org
Wed Jul 20 20:00:03 UTC 2022
Summary of changes:
apps/workbench/Gemfile.lock | 80 ++++++++++----------
cmd/arvados-package/install.go | 2 +-
doc/install/automatic.html.textile.liquid | 2 +-
lib/boot/cert.go | 11 ++-
lib/config/config.default.yml | 30 ++++----
lib/install/init.go | 99 ++++++++++++++++--------
lib/service/tls.go | 2 +-
sdk/go/arvados/config.go | 5 +-
services/api/Gemfile.lock | 80 ++++++++++----------
services/api/app/models/user.rb | 17 +++++
services/api/test/integration/users_test.rb | 56 ++++++++++++++
services/keep-web/handler.go | 38 ++++++++--
services/keep-web/handler_test.go | 113 ++++++++++++++++++++++------
13 files changed, 374 insertions(+), 161 deletions(-)
via c966970d64c21d7adaf1c3c8b737aa9e7c166f0e (commit)
via 8b2af30849edeab5ad8ebc6b51eaec39e5fdd81a (commit)
via 3c87fb14f48b78d30142f12c8cb855dba92c926d (commit)
via 8bba581238a7a9a1e4e1965320999de448cc3b7a (commit)
via 08b07a1a27a19eecd70a09cf4b47727224a9d36d (commit)
via 61289799493bef68bf502ae07bd2cba6e161e7f3 (commit)
via 89a3d1b2fedbc6cea8dfc09c81dcea05ff22bcb5 (commit)
via 2f0c775a9e1ab8c3abdd94c854326fab771c4b5e (commit)
via 53effa806b73a1c728fba9160b23000c8f7cc5e0 (commit)
via 52fd35cf046bbb1b20a7b884f485fc65de71a86a (commit)
via e16ee88755436818cbed44dabb784d1d3254d469 (commit)
via e07a9786ff1fa6e53f4429e301ea866e886eb649 (commit)
via 70d97b98ddf977505069795ef08236fb439b18e1 (commit)
via 0873efcdab481d9f77f477f4adbf56ee3380f2f9 (commit)
via e9b55fb61c952360b25e008a39630c7ae1f687b6 (commit)
via 4e8873ba05e44e49284e05e6fdc0913c525269b3 (commit)
via 41a378b99c8c4411a66c19e878b7535c67de2ba3 (commit)
from d15f485909cf84aeda62c0a843f384cb218e0125 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
commit c966970d64c21d7adaf1c3c8b737aa9e7c166f0e
Author: Tom Clegg <tom at curii.com>
Date: Wed Jul 20 15:55:57 2022 -0400
17344: -create-db=false to use $POSTGRES_HOST/USER/etc instead.
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at curii.com>
diff --git a/lib/install/init.go b/lib/install/init.go
index 79c9fbdac..36501adf8 100644
--- a/lib/install/init.go
+++ b/lib/install/init.go
@@ -38,14 +38,20 @@ import (
var InitCommand cmd.Handler = &initCommand{}
type initCommand struct {
- ClusterID string
- Domain string
- PostgreSQLPassword string
- Login string
- TLS string
- AdminEmail string
- Start bool
-
+ ClusterID string
+ Domain string
+ CreateDB bool
+ Login string
+ TLS string
+ AdminEmail string
+ Start bool
+
+ PostgreSQL struct {
+ Host string
+ User string
+ Password string
+ DB string
+ }
LoginPAM bool
LoginTest bool
LoginGoogle bool
@@ -77,6 +83,7 @@ func (initcmd *initCommand) RunCommand(prog string, args []string, stdin io.Read
flags.SetOutput(stderr)
versionFlag := flags.Bool("version", false, "Write version information to stdout and exit 0")
flags.StringVar(&initcmd.ClusterID, "cluster-id", "", "cluster `id`, like x1234 for a dev cluster")
+ flags.BoolVar(&initcmd.CreateDB, "create-db", true, "create an 'arvados' postgresql role and database using 'sudo -u postgres psql ...' (if false, use existing database specified by POSTGRES_HOST, POSTGRES_USER, POSTGRES_PASSWORD, and POSTGRES_DB env vars, and assume 'CREATE EXTENSION IF NOT EXISTS pg_trgm' has already been done)")
flags.StringVar(&initcmd.Domain, "domain", hostname, "cluster public DNS `name`, like x1234.arvadosapi.com")
flags.StringVar(&initcmd.Login, "login", "", "login `backend`: test, pam, 'google {client-id} {client-secret}', or ''")
flags.StringVar(&initcmd.AdminEmail, "admin-email", "", "give admin privileges to user with given `email`")
@@ -140,22 +147,37 @@ func (initcmd *initCommand) RunCommand(prog string, args []string, stdin io.Read
}
}
- // Do the "create extension" thing early. This way, if there's
- // no local postgresql server (a likely failure mode), we can
- // bail out without any side effects, and the user can start
- // over easily.
- fmt.Fprintln(stderr, "installing pg_trgm postgresql extension...")
- cmd := exec.CommandContext(ctx, "sudo", "-u", "postgres", "psql", "--quiet",
- "-c", `CREATE EXTENSION IF NOT EXISTS pg_trgm`)
- cmd.Dir = "/"
- cmd.Stdout = stdout
- cmd.Stderr = stderr
- err = cmd.Run()
- if err != nil {
- err = fmt.Errorf("error preparing postgresql server: %w", err)
- return 1
+ if initcmd.CreateDB {
+ // Do the "create extension" thing early. This way, if
+ // there's no local postgresql server (a likely
+ // failure mode), we can bail out without any side
+ // effects, and the user can start over easily.
+ fmt.Fprintln(stderr, "installing pg_trgm postgresql extension...")
+ cmd := exec.CommandContext(ctx, "sudo", "-u", "postgres", "psql", "--quiet",
+ "-c", `CREATE EXTENSION IF NOT EXISTS pg_trgm`)
+ cmd.Dir = "/"
+ cmd.Stdout = stdout
+ cmd.Stderr = stderr
+ err = cmd.Run()
+ if err != nil {
+ err = fmt.Errorf("error preparing postgresql server: %w", err)
+ return 1
+ }
+ fmt.Fprintln(stderr, "...done")
+ initcmd.PostgreSQL.Host = "localhost"
+ initcmd.PostgreSQL.User = "arvados"
+ initcmd.PostgreSQL.Password = initcmd.RandomHex(32)
+ initcmd.PostgreSQL.DB = "arvados"
+ } else {
+ initcmd.PostgreSQL.Host = os.Getenv("POSTGRES_HOST")
+ initcmd.PostgreSQL.User = os.Getenv("POSTGRES_USER")
+ initcmd.PostgreSQL.Password = os.Getenv("POSTGRES_PASSWORD")
+ initcmd.PostgreSQL.DB = os.Getenv("POSTGRES_DB")
+ if initcmd.PostgreSQL.Host == "" || initcmd.PostgreSQL.User == "" || initcmd.PostgreSQL.Password == "" || initcmd.PostgreSQL.DB == "" {
+ err = fmt.Errorf("missing $POSTGRES_* env var(s) for -create-db=false; see %s -help", prog)
+ return 1
+ }
}
- fmt.Fprintln(stderr, "...done")
wwwuser, err := user.Lookup("www-data")
if err != nil {
@@ -166,7 +188,6 @@ func (initcmd *initCommand) RunCommand(prog string, args []string, stdin io.Read
if err != nil {
return 1
}
- initcmd.PostgreSQLPassword = initcmd.RandomHex(32)
fmt.Fprintln(stderr, "creating data storage directory /var/lib/arvados/keep ...")
err = os.Mkdir("/var/lib/arvados/keep", 0600)
@@ -257,10 +278,10 @@ func (initcmd *initCommand) RunCommand(prog string, args []string, stdin io.Read
ManagementToken: {{printf "%q" ( .RandomHex 50 )}}
PostgreSQL:
Connection:
- dbname: arvados
- host: localhost
- user: arvados
- password: {{printf "%q" .PostgreSQLPassword}}
+ dbname: {{printf "%q" .PostgreSQL.DB}}
+ host: {{printf "%q" .PostgreSQL.Host}}
+ user: {{printf "%q" .PostgreSQL.User}}
+ password: {{printf "%q" .PostgreSQL.Password}}
SystemRootToken: {{printf "%q" ( .RandomHex 50 )}}
TLS:
{{if eq .TLS "insecure"}}
@@ -345,7 +366,7 @@ func (initcmd *initCommand) RunCommand(prog string, args []string, stdin io.Read
fmt.Fprintln(stderr, "...done")
fmt.Fprintln(stderr, "initializing database...")
- cmd = exec.CommandContext(ctx, "sudo", "-u", "www-data", "-E", "HOME=/var/www", "PATH=/var/lib/arvados/bin:"+os.Getenv("PATH"), "/var/lib/arvados/bin/bundle", "exec", "rake", "db:setup")
+ cmd := exec.CommandContext(ctx, "sudo", "-u", "www-data", "-E", "HOME=/var/www", "PATH=/var/lib/arvados/bin:"+os.Getenv("PATH"), "/var/lib/arvados/bin/bundle", "exec", "rake", "db:setup")
cmd.Dir = "/var/lib/arvados/railsapi"
cmd.Stdout = stderr
cmd.Stderr = stderr
commit 8b2af30849edeab5ad8ebc6b51eaec39e5fdd81a
Merge: d15f48590 3c87fb14f
Author: Tom Clegg <tom at curii.com>
Date: Wed Jul 20 15:02:00 2022 -0400
17344: Merge branch 'main'
Arvados-DCO-1.1-Signed-off-by: Tom Clegg <tom at curii.com>
diff --cc doc/install/automatic.html.textile.liquid
index 33c6fd3d3,d72f8f69e..398ebc20e
--- a/doc/install/automatic.html.textile.liquid
+++ b/doc/install/automatic.html.textile.liquid
@@@ -50,46 -28,20 +50,46 @@@ Arvados needs a login backend. To get s
h2. Initialize the cluster
<pre>
-# echo > /etc/apt/sources.list.d/arvados.list "deb http://apt.arvados.org/buster buster main"
-# apt-get update
-# apt-get install arvados-server-easy
-# arvados-server init -cluster-id x9999 -domain x9999.example.com -tls acme -admin-email example at gmail.com.example
+# echo > /etc/apt/sources.list.d/arvados.list "deb http://apt.arvados.org/$(lsb_release -sc) $(lsb_release -sc) main"
+# apt update
+# apt install arvados-server-easy
- # arvados-server init -cluster-id x9999 -domain x9999.example.com -tls auto -login pam
++# arvados-server init -cluster-id x9999 -domain x9999.example.com -tls acme -login pam
</pre>
-When the "init" command is finished, navigate to the link shown in the terminal (e.g., @https://x9999.example.com/token?api_token=zzzzzzzzzzzzzzzzzzzzzz@). This will log you in to your admin account.
+When the "init" command is finished, navigate to the link shown in the terminal (e.g., @https://x9999.example.com/@) and log in with the account you created above.
-h2. Enable login
+Activate your new Arvados user account. Copy the UUID (looks like @x9999-tpzed-xxxxxxxxxxxxxxx@) from your browser's location bar and run:
-Follow the instructions to "set up Google login":{{site.baseurl}}/install/setup-login.html or another authentication option.
+<pre>
+# arv sudo user setup --uuid x9999-tpzed-xxxxxxxxxxxxxxx
+</pre>
+
+Run the diagnostics tool to ensure everything is working.
+
+<pre>
+# arv sudo diagnostics
+</pre>
+
+h2. Customize the cluster
+
+Things you should plan to update before using your cluster in production:
+* "Set up Google login":{{site.baseurl}}/install/setup-login.html or another authentication option.
+* "Set up a wildcard TLS certificate and DNS name,":{{site.baseurl}}/install/install-manual-prerequisites.html#dnstls or enable @TrustAllContent@ mode.
+* Update storage configuration to use a cloud storage bucket ("S3":{{site.baseurl}}/install/configure-s3-object-storage.html or "Azure":{{site.baseurl}}/install/configure-azure-blob-storage.html) instead of the local filesystem.
+* Update "CloudVMs configuration":{{site.baseurl}}/install/crunch2-cloud/install-dispatch-cloud.html to use a cloud provider to bring up VMs on demand instead of running containers on the server host.
+
+h2. Updating configuration
+
+After updating your configuration file (@/etc/arvados/config.yml@), notify the server:
+
+<pre>
+# systemctl reload arvados-server
+</pre>
-After updating your configuration file (@/etc/arvados/config.yml@), restart the server to make your changes take effect:
+Optionally, add "AutoReloadConfig: true" at the top of @/etc/arvados/config.yml at . Arvados will automatically reload the config file when it changes.
<pre>
-# systemctl restart arvados-server
+AutoReloadConfig: true
+Clusters:
+ [...]
</pre>
-----------------------------------------------------------------------
hooks/post-receive
--
More information about the arvados-commits
mailing list