[arvados] created: 2.1.0-2647-gf3b0dd8d7

git repository hosting git at public.arvados.org
Tue Jun 28 18:21:25 UTC 2022


        at  f3b0dd8d793994d2661cc416cb4136e85883874e (commit)


commit f3b0dd8d793994d2661cc416cb4136e85883874e
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Tue Jun 28 12:30:04 2022 -0400

    18870: Change the non-user oriented "FIXME" to "NOTE"
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/config_examples/single_host/multiple_hostnames/pillars/nginx_passenger.sls b/tools/salt-install/config_examples/single_host/multiple_hostnames/pillars/nginx_passenger.sls
index dfddf3b62..cf0877971 100644
--- a/tools/salt-install/config_examples/single_host/multiple_hostnames/pillars/nginx_passenger.sls
+++ b/tools/salt-install/config_examples/single_host/multiple_hostnames/pillars/nginx_passenger.sls
@@ -55,7 +55,7 @@ nginx:
       - add_header: 'Strict-Transport-Security "max-age=63072000" always'
 
       # OCSP stapling
-      # FIXME! Stapling does not work with self-signed certificates, so disabling for tests
+      # NOTE! Stapling does not work with self-signed certificates, so disabling for tests
       # - ssl_stapling: 'on'
       # - ssl_stapling_verify: 'on'
 
diff --git a/tools/salt-install/config_examples/single_host/multiple_hostnames/states/host_entries.sls b/tools/salt-install/config_examples/single_host/multiple_hostnames/states/host_entries.sls
index 379f4765c..c2d34ea28 100644
--- a/tools/salt-install/config_examples/single_host/multiple_hostnames/states/host_entries.sls
+++ b/tools/salt-install/config_examples/single_host/multiple_hostnames/states/host_entries.sls
@@ -12,7 +12,7 @@ arvados_test_salt_states_examples_single_host_etc_hosts_host_present:
     - ip: 127.0.1.1
     - names:
       - {{ arvados.cluster.name }}.{{ arvados.cluster.domain }}
-      # FIXME! This just works for our testings.
+      # NOTE! This just works for our testings.
       # Won't work if the cluster name != host name
       {%- for entry in [
           'api',
diff --git a/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_passenger.sls b/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_passenger.sls
index 21c1510de..26e2baf04 100644
--- a/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_passenger.sls
+++ b/tools/salt-install/config_examples/single_host/single_hostname/pillars/nginx_passenger.sls
@@ -55,7 +55,7 @@ nginx:
       - add_header: 'Strict-Transport-Security "max-age=63072000" always'
 
       # OCSP stapling
-      # FIXME! Stapling does not work with self-signed certificates, so disabling for tests
+      # NOTE! Stapling does not work with self-signed certificates, so disabling for tests
       # - ssl_stapling: 'on'
       # - ssl_stapling_verify: 'on'
 
diff --git a/tools/salt-install/config_examples/single_host/single_hostname/states/host_entries.sls b/tools/salt-install/config_examples/single_host/single_hostname/states/host_entries.sls
index a688f4f8c..51308fffa 100644
--- a/tools/salt-install/config_examples/single_host/single_hostname/states/host_entries.sls
+++ b/tools/salt-install/config_examples/single_host/single_hostname/states/host_entries.sls
@@ -21,7 +21,7 @@ arvados_test_salt_states_examples_single_host_etc_hosts_host_present:
     - ip: 127.0.1.1
     - names:
       - {{ arvados.cluster.name }}.{{ arvados.cluster.domain }}
-      # FIXME! This just works for our testing.
+      # NOTE! This just works for our testing.
       # Won't work if the cluster name != host name
       {%- for entry in [
           'api',

commit 2efd88cf64130bb0ebb0549d30053b85baaae2f9
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Tue Jun 28 12:28:02 2022 -0400

    18870: Check for 'fixme's
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 17890d646..79c85c89c 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -40,6 +40,7 @@ deploynode() {
 
 loadconfig() {
     CONFIG_FILE=local.params
+    CONFIG_DIR=local_config_dir
     if [[ ! -s $CONFIG_FILE ]] ; then
 	echo "Must be run from initialized setup dir, maybe you need to 'initialize' first?"
     fi
@@ -102,10 +103,16 @@ case "$subcmd" in
 
 	loadconfig
 
-	set -x
+	if grep -rni 'fixme' ${CONFIG_FILE} ${CONFIG_DIR} ; then
+	    echo
+	    echo "Some parameters still need to be updated.  Please fix them and then re-run deploy."
+	    exit 1
+	fi
 
 	BRANCH=$(git branch --show-current)
 
+	set -x
+
 	git add -A
 	if ! git diff --cached --exit-code ; then
 	    git commit -m"prepare for deploy"
diff --git a/tools/salt-install/provision.sh b/tools/salt-install/provision.sh
index da3ef88a8..f4660be37 100755
--- a/tools/salt-install/provision.sh
+++ b/tools/salt-install/provision.sh
@@ -257,7 +257,7 @@ if [ ! -d ${CONFIG_DIR} ]; then
   exit 1
 fi
 
-if grep -q 'fixme_or_this_wont_work' ${CONFIG_FILE} ; then
+if grep -rni 'fixme' ${CONFIG_FILE} ${CONFIG_DIR} ; then
   echo >&2 "The config file ${CONFIG_FILE} has some parameters that need to be modified."
   echo >&2 "Please, fix them and re-run the provision script."
   exit 1

commit 0fccbb05425c59e5b2c13954dcb73ec79043f879
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Mon Jun 27 19:11:32 2022 -0400

    18870: Ensure sbin is in cron job PATH
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/config_examples/multi_host/aws/states/shell_cron_add_login_sync.sls b/tools/salt-install/config_examples/multi_host/aws/states/shell_cron_add_login_sync.sls
index 86c591e97..9028b9b10 100644
--- a/tools/salt-install/config_examples/multi_host/aws/states/shell_cron_add_login_sync.sls
+++ b/tools/salt-install/config_examples/multi_host/aws/states/shell_cron_add_login_sync.sls
@@ -75,6 +75,13 @@ extra_shell_cron_add_login_sync_add_{{ vm }}_arvados_virtual_machine_uuid_cron_e
     - onlyif:
       - /bin/grep -qE "[a-z0-9]{5}-2x53u-[a-z0-9]{15}" /tmp/vm_uuid_{{ vm }}
 
+extra_shell_cron_add_login_sync_add_{{ vm }}_sbin_to_path_cron_env_present:
+  cron.env_present:
+    - name: PATH
+    - value: "/bin:/usr/bin:/usr/sbin"
+    - onlyif:
+      - /bin/grep -qE "[a-z0-9]{5}-2x53u-[a-z0-9]{15}" /tmp/vm_uuid_{{ vm }}
+
 extra_shell_cron_add_login_sync_add_{{ vm }}_arvados_login_sync_cron_present:
   cron.present:
     - name: /usr/local/bin/arvados-login-sync

commit 9ce1f09357f146cefe582690b1468d032866b3ca
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Mon Jun 27 19:06:59 2022 -0400

    18870: Improve logging of errors from login-sync
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/services/login-sync/bin/arvados-login-sync b/services/login-sync/bin/arvados-login-sync
index da8a21efa..5c6691ab9 100755
--- a/services/login-sync/bin/arvados-login-sync
+++ b/services/login-sync/bin/arvados-login-sync
@@ -10,6 +10,7 @@ require 'etc'
 require 'fileutils'
 require 'yaml'
 require 'optparse'
+require 'open3'
 
 req_envs = %w(ARVADOS_API_HOST ARVADOS_API_TOKEN ARVADOS_VIRTUAL_MACHINE_UUID)
 req_envs.each do |k|
@@ -124,11 +125,12 @@ begin
     unless pwnam[l[:username]]
       STDERR.puts "Creating account #{l[:username]}"
       # Create new user
-      unless system("useradd", "-m",
+      out, st = Open3.capture2e("useradd", "-m",
                 "-c", username,
                 "-s", "/bin/bash",
                 username)
-        STDERR.puts "Account creation failed for #{l[:username]}: #{$?}"
+      if st.exitstatus != 0
+        STDERR.puts "Account creation failed for #{l[:username]}:\n#{out}"
         next
       end
       begin
@@ -150,7 +152,10 @@ begin
       if existing_groups.index(addgroup).nil?
         # User should be in group, but isn't, so add them.
         STDERR.puts "Add user #{username} to #{addgroup} group"
-        system("usermod", "-aG", addgroup, username)
+        out, st = Open3.capture2e("usermod", "-aG", addgroup, username)
+        if st.exitstatus != 0
+          STDERR.puts "Failed to add #{username} to #{addgroup} group:\n#{out}"
+        end
       end
     end
 
@@ -158,7 +163,10 @@ begin
       if groups.index(removegroup).nil?
         # User is in a group, but shouldn't be, so remove them.
         STDERR.puts "Remove user #{username} from #{removegroup} group"
-        system("gpasswd", "-d", username, removegroup)
+        out, st = Open3.capture2e("gpasswd", "-d", username, removegroup)
+        if st.exitstatus != 0
+          STDERR.puts "Failed to remove user #{username} from #{removegroup} group:\n#{out}"
+        end
       end
     end
 

commit 3b470b3778a99c6148f407f25a6ef22bd4bc9a24
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Mon Jun 27 16:37:39 2022 -0400

    18870: Fix typo
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 1bcfa1450..17890d646 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -10,7 +10,7 @@ declare -A NODES
 
 sync() {
     if [[ "$NODE" != localhost ]] ; then
-	if ! ssh $NODE test -d ${TARGET}.git ; then
+	if ! ssh $NODE test -d ${GITTARGET}.git ; then
 	    ssh $NODE git init --bare ${GITTARGET}.git
 	    if ! git remote add $NODE $DEPLOY_USER@$NODE:${GITTARGET}.git ; then
 		git remote set-url $NODE $DEPLOY_USER@$NODE:${GITTARGET}.git

commit 5fe15b9011228668b4b95f2416a87c376479822a
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Mon Jun 27 16:29:23 2022 -0400

    18870: Use bash [[ ]] conditional syntax and order deploy
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 1db9ce7bd..1bcfa1450 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -9,7 +9,7 @@ set -e
 declare -A NODES
 
 sync() {
-    if test "$NODE" != localhost ; then
+    if [[ "$NODE" != localhost ]] ; then
 	if ! ssh $NODE test -d ${TARGET}.git ; then
 	    ssh $NODE git init --bare ${GITTARGET}.git
 	    if ! git remote add $NODE $DEPLOY_USER@$NODE:${GITTARGET}.git ; then
@@ -26,12 +26,12 @@ sync() {
 }
 
 deploynode() {
-    if test -z "${NODES[$NODE]}" ; then
+    if [[ -z "${NODES[$NODE]}" ]] ; then
 	echo "No roles declared for '$NODE' in local.params"
 	exit 1
     fi
 
-    if test $NODE = localhost ; then
+    if [[ "$NODE" = localhost ]] ; then
 	sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}
     else
 	ssh $DEPLOY_USER@$NODE "cd ${GITTARGET} && sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}"
@@ -40,7 +40,7 @@ deploynode() {
 
 loadconfig() {
     CONFIG_FILE=local.params
-    if ! test -s $CONFIG_FILE ; then
+    if [[ ! -s $CONFIG_FILE ]] ; then
 	echo "Must be run from initialized setup dir, maybe you need to 'initialize' first?"
     fi
     source ${CONFIG_FILE}
@@ -48,12 +48,12 @@ loadconfig() {
 }
 
 subcmd="$1"
-if test -n "$subcmd" ; then
+if [[ -n "$subcmd" ]] ; then
     shift
 fi
 case "$subcmd" in
     initialize)
-	if ! test -f provision.sh ; then
+	if [[ ! -f provision.sh ]] ; then
 	    echo "Must be run from arvados/tools/salt-install"
 	    exit
 	fi
@@ -63,24 +63,24 @@ case "$subcmd" in
 	SLS=$3
 
 	err=
-	if test -z "$PARAMS" -o ! -f local.params.example.$PARAMS ; then
+	if [[ -z "$PARAMS" || ! -f local.params.example.$PARAMS ]] ; then
 	    echo "Not found: local.params.example.$PARAMS"
 	    echo "Expected one of multiple_hosts, single_host_multiple_hostnames, single_host_single_hostname"
 	    err=1
 	fi
 
-	if test -z "$SLS" -o ! -d config_examples/$SLS ; then
+	if [[ -z "$SLS" || ! -d config_examples/$SLS ]] ; then
 	    echo "Not found: config_examples/$SLS"
 	    echo "Expected one of multi_host/aws, single_host/multiple_hostnames, single_host/single_hostname"
 	    err=1
 	fi
 
-	if test -z "$SETUPDIR" -o -z "$PARAMS" -o -z "$SLS" ; then
+	if [[ -z "$SETUPDIR" || -z "$PARAMS" || -z "$SLS" ]]; then
 	    echo "installer.sh <setup dir to initialize> <params template> <config template>"
 	    err=1
 	fi
 
-	if test -n "$err" ; then
+	if [[ -n "$err" ]] ; then
 	    exit 1
 	fi
 
@@ -111,9 +111,30 @@ case "$subcmd" in
 	    git commit -m"prepare for deploy"
 	fi
 
-	if test -z "$NODE"; then
+	if [[ -z "$NODE" ]]; then
 	    for NODE in "${!NODES[@]}"
 	    do
+		# Do 'database' role first,
+		if [[ "${NODES[$NODE]}" =~ database ]] ; then
+		    sync
+		    deploynode
+		    unset NODES[$NODE]
+		fi
+	    done
+
+	    for NODE in "${!NODES[@]}"
+	    do
+		# then  'api' or 'controller' roles
+		if [[ "${NODES[$NODE]}" =~ (api|controller) ]] ; then
+		    sync
+		    deploynode
+		    unset NODES[$NODE]
+		fi
+	    done
+
+	    for NODE in "${!NODES[@]}"
+	    do
+		# Everything else
 		sync
 		deploynode
 	    done

commit d70538d2019716a15159f85079d1174cc84e8407
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Mon Jun 27 16:13:21 2022 -0400

    18870: Make sure database password is quoted in pillar
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/config_examples/multi_host/aws/pillars/postgresql.sls b/tools/salt-install/config_examples/multi_host/aws/pillars/postgresql.sls
index e06ddd041..d6320da24 100644
--- a/tools/salt-install/config_examples/multi_host/aws/pillars/postgresql.sls
+++ b/tools/salt-install/config_examples/multi_host/aws/pillars/postgresql.sls
@@ -19,7 +19,7 @@ postgres:
   users:
     __CLUSTER___arvados:
       ensure: present
-      password: __DATABASE_PASSWORD__
+      password: "__DATABASE_PASSWORD__"
 
   # tablespaces:
   #   arvados_tablespace:
diff --git a/tools/salt-install/config_examples/single_host/multiple_hostnames/pillars/postgresql.sls b/tools/salt-install/config_examples/single_host/multiple_hostnames/pillars/postgresql.sls
index f3bc09f65..edb961eba 100644
--- a/tools/salt-install/config_examples/single_host/multiple_hostnames/pillars/postgresql.sls
+++ b/tools/salt-install/config_examples/single_host/multiple_hostnames/pillars/postgresql.sls
@@ -38,7 +38,7 @@ postgres:
   users:
     __CLUSTER___arvados:
       ensure: present
-      password: __DATABASE_PASSWORD__
+      password: "__DATABASE_PASSWORD__"
 
   # tablespaces:
   #   arvados_tablespace:
diff --git a/tools/salt-install/config_examples/single_host/single_hostname/pillars/postgresql.sls b/tools/salt-install/config_examples/single_host/single_hostname/pillars/postgresql.sls
index a69b88cb1..14452a990 100644
--- a/tools/salt-install/config_examples/single_host/single_hostname/pillars/postgresql.sls
+++ b/tools/salt-install/config_examples/single_host/single_hostname/pillars/postgresql.sls
@@ -40,7 +40,7 @@ postgres:
   users:
     __CLUSTER___arvados:
       ensure: present
-      password: __DATABASE_PASSWORD__
+      password: "__DATABASE_PASSWORD__"
 
   # tablespaces:
   #   arvados_tablespace:

commit 53d1c0d6e9986ae9d0e28fd872cde882284662af
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Mon Jun 27 12:58:08 2022 -0400

    18870: Change deploy target directory name
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 534ee629c..1db9ce7bd 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -10,18 +10,18 @@ declare -A NODES
 
 sync() {
     if test "$NODE" != localhost ; then
-	if ! ssh $NODE test -d arvados-setup ; then
-	    ssh $NODE git init --bare arvados-setup.git
-	    if ! git remote add $NODE $DEPLOY_USER@$NODE:arvados-setup.git ; then
-		git remote set-url $NODE $DEPLOY_USER@$NODE:arvados-setup.git
+	if ! ssh $NODE test -d ${TARGET}.git ; then
+	    ssh $NODE git init --bare ${GITTARGET}.git
+	    if ! git remote add $NODE $DEPLOY_USER@$NODE:${GITTARGET}.git ; then
+		git remote set-url $NODE $DEPLOY_USER@$NODE:${GITTARGET}.git
 	    fi
 	    git push $NODE $BRANCH
-	    ssh $NODE git clone arvados-setup.git arvados-setup
+	    ssh $NODE git clone ${GITTARGET}.git ${GITTARGET}
 	fi
 
 	git push $NODE $BRANCH
-	ssh $NODE git -C arvados-setup checkout $BRANCH
-	ssh $NODE git -C arvados-setup pull
+	ssh $NODE git -C ${GITTARGET} checkout $BRANCH
+	ssh $NODE git -C ${GITTARGET} pull
     fi
 }
 
@@ -34,16 +34,17 @@ deploynode() {
     if test $NODE = localhost ; then
 	sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}
     else
-	ssh $DEPLOY_USER@$NODE "cd arvados-setup && sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}"
+	ssh $DEPLOY_USER@$NODE "cd ${GITTARGET} && sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}"
     fi
 }
 
 loadconfig() {
     CONFIG_FILE=local.params
     if ! test -s $CONFIG_FILE ; then
-	echo "Must be run from arvados-setup, maybe you need to 'initialize' first?"
+	echo "Must be run from initialized setup dir, maybe you need to 'initialize' first?"
     fi
     source ${CONFIG_FILE}
+    GITTARGET=arvados-deploy-config-${CLUSTER}
 }
 
 subcmd="$1"

commit bf261328ff15d3f9cf5109bfcc505e12f78481fc
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Mon Jun 27 10:43:14 2022 -0400

    18870: Use correct default vm hostname
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/config_examples/multi_host/aws/pillars/arvados.sls b/tools/salt-install/config_examples/multi_host/aws/pillars/arvados.sls
index f41b6ac5b..02653082f 100644
--- a/tools/salt-install/config_examples/multi_host/aws/pillars/arvados.sls
+++ b/tools/salt-install/config_examples/multi_host/aws/pillars/arvados.sls
@@ -93,7 +93,7 @@ arvados:
     resources:
       virtual_machines:
         shell:
-          name: shell
+          name: shell.__CLUSTER__.__DOMAIN__
           backend: __SHELL_INT_IP__
           port: 4200
 

commit 4090574822afd6a7b48ccd277ba84c3cc6244e71
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 23:06:38 2022 -0400

    18870: Fixing declare
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/local.params.example.multiple_hosts b/tools/salt-install/local.params.example.multiple_hosts
index edbee413b..ade1ad467 100644
--- a/tools/salt-install/local.params.example.multiple_hosts
+++ b/tools/salt-install/local.params.example.multiple_hosts
@@ -19,14 +19,13 @@ DEPLOY_USER=root
 # The mapping of nodes to roles
 # installer.sh will log in to each of these nodes and then provision
 # it for the specified roles.
-declare -A NODES
 NODES=(
-  [controller.${CLUSTER}.$DOMAIN]=api,controller,websocket,dispatcher,keepbalance
-  [keep0.${CLUSTER}.$DOMAIN]=keepstore
-  [keep1.${CLUSTER}.$DOMAIN]=keepstore
-  [keep.${CLUSTER}.$DOMAIN]=keepproxy,keepweb
-  [workbench.${CLUSTER}.$DOMAIN]=workbench,workbench2,webshell
-  [shell.${CLUSTER}.$DOMAIN]=shell
+  [controller.${CLUSTER}.${DOMAIN}]=api,controller,websocket,dispatcher,keepbalance
+  [keep0.${CLUSTER}.${DOMAIN}]=keepstore
+  [keep1.${CLUSTER}.${DOMAIN}]=keepstore
+  [keep.${CLUSTER}.${DOMAIN}]=keepproxy,keepweb
+  [workbench.${CLUSTER}.${DOMAIN}]=workbench,workbench2,webshell
+  [shell.${CLUSTER}.${DOMAIN}]=shell
 )
 
 # Host SSL port where you want to point your browser to access Arvados
diff --git a/tools/salt-install/local.params.example.single_host_multiple_hostnames b/tools/salt-install/local.params.example.single_host_multiple_hostnames
index f6b652612..20f334166 100644
--- a/tools/salt-install/local.params.example.single_host_multiple_hostnames
+++ b/tools/salt-install/local.params.example.single_host_multiple_hostnames
@@ -18,7 +18,6 @@ DEPLOY_USER=root
 # The mapping of nodes to roles
 # installer.sh will log in to each of these nodes and then provision
 # it for the specified roles.
-declare -A NODES
 NODES=(
   [localhost]=api,controller,websocket,dispatcher,keepbalance,keepstore,keepproxy,keepweb,workbench,workbench2,webshell
 )
diff --git a/tools/salt-install/local.params.example.single_host_single_hostname b/tools/salt-install/local.params.example.single_host_single_hostname
index 58847e3c5..a68450094 100644
--- a/tools/salt-install/local.params.example.single_host_single_hostname
+++ b/tools/salt-install/local.params.example.single_host_single_hostname
@@ -18,7 +18,6 @@ DEPLOY_USER=root
 # The mapping of nodes to roles
 # installer.sh will log in to each of these nodes and then provision
 # it for the specified roles.
-declare -A NODES
 NODES=(
   [localhost]=api,controller,websocket,dispatcher,keepbalance,keepstore,keepproxy,keepweb,workbench,workbench2,webshell
 )
diff --git a/tools/salt-install/provision.sh b/tools/salt-install/provision.sh
index 3c5fb41e0..da3ef88a8 100755
--- a/tools/salt-install/provision.sh
+++ b/tools/salt-install/provision.sh
@@ -237,6 +237,8 @@ T_DIR="/tmp/cluster_tests"
 
 arguments ${@}
 
+declare -A NODES
+
 if [ -s ${CONFIG_FILE} ]; then
   source ${CONFIG_FILE}
 else

commit 093ec98e4a065acfc537ea22c08c337c115fe273
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 22:57:08 2022 -0400

    18870: Need to declare NODES as array
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index fde261611..534ee629c 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -6,6 +6,8 @@
 
 set -e
 
+declare -A NODES
+
 sync() {
     if test "$NODE" != localhost ; then
 	if ! ssh $NODE test -d arvados-setup ; then

commit 09e7068b4b1e0c046eb52dadce4d5d7de813fff2
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 22:38:15 2022 -0400

    18870: Fix diagnostic
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 20484e265..fde261611 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -127,7 +127,7 @@ case "$subcmd" in
 	    apt-get install arvados-client
 	fi
 
-	export ARVADOS_API_HOST="${CONTROLLER_INT_IP}"
+	export ARVADOS_API_HOST="${CLUSTER}.${DOMAIN}"
 	export ARVADOS_API_TOKEN="$SYSTEM_ROOT_TOKEN"
 
 	arvados-client diagnostics -internal-client

commit 8e26a9aeede967030e10cb93b01aad6bd519b484
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 22:34:35 2022 -0400

    18870: fix
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index f4934aa2f..20484e265 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -131,10 +131,12 @@ case "$subcmd" in
 	export ARVADOS_API_TOKEN="$SYSTEM_ROOT_TOKEN"
 
 	arvados-client diagnostics -internal-client
+	;;
     *)
 	echo "Arvados installer"
 	echo ""
 	echo "initialize   initialize the setup directory for configuration"
 	echo "deploy       deploy the configuration from the setup directory"
+	echo "diagnostics  check your install using diagnostics"
 	;;
 esac

commit e39adbe28e6ada009b086a53bc9e4187b824fd0d
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 22:33:27 2022 -0400

    18870: Run diagnostics
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 12efc3eab..f4934aa2f 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -36,6 +36,14 @@ deploynode() {
     fi
 }
 
+loadconfig() {
+    CONFIG_FILE=local.params
+    if ! test -s $CONFIG_FILE ; then
+	echo "Must be run from arvados-setup, maybe you need to 'initialize' first?"
+    fi
+    source ${CONFIG_FILE}
+}
+
 subcmd="$1"
 if test -n "$subcmd" ; then
     shift
@@ -88,12 +96,8 @@ case "$subcmd" in
 	;;
     deploy)
 	NODE=$1
-	CONFIG_FILE=local.params
-	if ! test -s $CONFIG_FILE ; then
-	    echo "Must be run from arvados-setup, maybe you need to 'initialize' first?"
-	fi
 
-	source ${CONFIG_FILE}
+	loadconfig
 
 	set -x
 
@@ -114,7 +118,19 @@ case "$subcmd" in
 	    sync
 	    deploynode
 	fi
+
 	;;
+    diagnostics)
+	loadconfig
+
+	if ! which arvados-client ; then
+	    apt-get install arvados-client
+	fi
+
+	export ARVADOS_API_HOST="${CONTROLLER_INT_IP}"
+	export ARVADOS_API_TOKEN="$SYSTEM_ROOT_TOKEN"
+
+	arvados-client diagnostics -internal-client
     *)
 	echo "Arvados installer"
 	echo ""

commit 713f0a0a96840404115b57ae92b8a2f2a554383e
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 21:24:12 2022 -0400

    18870: another fix
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 90584b36f..12efc3eab 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -20,6 +20,7 @@ sync() {
 	git push $NODE $BRANCH
 	ssh $NODE git -C arvados-setup checkout $BRANCH
 	ssh $NODE git -C arvados-setup pull
+    fi
 }
 
 deploynode() {

commit 3a7b7f2254e57dc8f273cc468ec9622b759905bd
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 21:23:24 2022 -0400

    18870: Fix typo
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 6fdd0320f..90584b36f 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -7,9 +7,7 @@
 set -e
 
 sync() {
-    if test $NODE = localhost ; then
-	# nothing to do
-    else
+    if test "$NODE" != localhost ; then
 	if ! ssh $NODE test -d arvados-setup ; then
 	    ssh $NODE git init --bare arvados-setup.git
 	    if ! git remote add $NODE $DEPLOY_USER@$NODE:arvados-setup.git ; then

commit e59273e06c41fa1532ab887f62695a2bd6d0e284
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 21:22:03 2022 -0400

    18870: Refactor sync
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 2024c2cd1..6fdd0320f 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -6,25 +6,35 @@
 
 set -e
 
-deploynode() {
-	    if test $NODE = localhost ; then
-		sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}
-	    else
-		if ! ssh $NODE test -d arvados-setup ; then
-		    ssh $NODE git init --bare arvados-setup.git
-		    if ! git remote add $NODE $DEPLOY_USER@$NODE:arvados-setup.git ; then
-			git remote set-url $NODE $DEPLOY_USER@$NODE:arvados-setup.git
-		    fi
-		    git push $NODE $BRANCH
-		    ssh $NODE git clone arvados-setup.git arvados-setup
-		fi
-
-		git push $NODE $BRANCH
-		ssh $NODE git -C arvados-setup checkout $BRANCH
-		ssh $NODE git -C arvados-setup pull
-
-		ssh $DEPLOY_USER@$NODE "cd arvados-setup && sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}"
+sync() {
+    if test $NODE = localhost ; then
+	# nothing to do
+    else
+	if ! ssh $NODE test -d arvados-setup ; then
+	    ssh $NODE git init --bare arvados-setup.git
+	    if ! git remote add $NODE $DEPLOY_USER@$NODE:arvados-setup.git ; then
+		git remote set-url $NODE $DEPLOY_USER@$NODE:arvados-setup.git
 	    fi
+	    git push $NODE $BRANCH
+	    ssh $NODE git clone arvados-setup.git arvados-setup
+	fi
+
+	git push $NODE $BRANCH
+	ssh $NODE git -C arvados-setup checkout $BRANCH
+	ssh $NODE git -C arvados-setup pull
+}
+
+deploynode() {
+    if test -z "${NODES[$NODE]}" ; then
+	echo "No roles declared for '$NODE' in local.params"
+	exit 1
+    fi
+
+    if test $NODE = localhost ; then
+	sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}
+    else
+	ssh $DEPLOY_USER@$NODE "cd arvados-setup && sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}"
+    fi
 }
 
 subcmd="$1"
@@ -76,7 +86,7 @@ case "$subcmd" in
 	git commit -m"initial commit"
 
 	echo "setup directory initialized, now go to $SETUPDIR, edit 'local.params' and 'local_config_dir' as needed, then run 'installer.sh deploy'"
-    ;;
+	;;
     deploy)
 	NODE=$1
 	CONFIG_FILE=local.params
@@ -98,9 +108,11 @@ case "$subcmd" in
 	if test -z "$NODE"; then
 	    for NODE in "${!NODES[@]}"
 	    do
+		sync
 		deploynode
 	    done
 	else
+	    sync
 	    deploynode
 	fi
 	;;
diff --git a/tools/salt-install/local.params.example.multiple_hosts b/tools/salt-install/local.params.example.multiple_hosts
index 404d8b005..edbee413b 100644
--- a/tools/salt-install/local.params.example.multiple_hosts
+++ b/tools/salt-install/local.params.example.multiple_hosts
@@ -8,7 +8,8 @@
 # The Arvados cluster ID, needs to be 5 lowercase alphanumeric characters.
 CLUSTER="cluster_fixme_or_this_wont_work"
 
-# The domainname you want tou give to your cluster's hosts
+# The domain name you want to give to your cluster's hosts
+# the end result hostnames will be $SERVICE.$CLUSTER.$DOMAIN
 DOMAIN="domain_fixme_or_this_wont_work"
 
 # For multi-node installs, the ssh log in for each node
@@ -20,12 +21,12 @@ DEPLOY_USER=root
 # it for the specified roles.
 declare -A NODES
 NODES=(
-  [controller.$DOMAIN]=api,controller,websocket,dispatcher,keepbalance
-  [keep0.$DOMAIN]=keepstore
-  [keep1.$DOMAIN]=keepstore
-  [keep.$DOMAIN]=keepproxy,keepweb
-  [workbench.$DOMAIN]=workbench,workbench2,webshell
-  [shell.$DOMAIN]=shell
+  [controller.${CLUSTER}.$DOMAIN]=api,controller,websocket,dispatcher,keepbalance
+  [keep0.${CLUSTER}.$DOMAIN]=keepstore
+  [keep1.${CLUSTER}.$DOMAIN]=keepstore
+  [keep.${CLUSTER}.$DOMAIN]=keepproxy,keepweb
+  [workbench.${CLUSTER}.$DOMAIN]=workbench,workbench2,webshell
+  [shell.${CLUSTER}.$DOMAIN]=shell
 )
 
 # Host SSL port where you want to point your browser to access Arvados

commit c47e500a8143b1354624a962eae7f8fc016ba72f
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 20:46:41 2022 -0400

    18870: Deploy individual nodes
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index b901651e7..2024c2cd1 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -6,6 +6,27 @@
 
 set -e
 
+deploynode() {
+	    if test $NODE = localhost ; then
+		sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}
+	    else
+		if ! ssh $NODE test -d arvados-setup ; then
+		    ssh $NODE git init --bare arvados-setup.git
+		    if ! git remote add $NODE $DEPLOY_USER@$NODE:arvados-setup.git ; then
+			git remote set-url $NODE $DEPLOY_USER@$NODE:arvados-setup.git
+		    fi
+		    git push $NODE $BRANCH
+		    ssh $NODE git clone arvados-setup.git arvados-setup
+		fi
+
+		git push $NODE $BRANCH
+		ssh $NODE git -C arvados-setup checkout $BRANCH
+		ssh $NODE git -C arvados-setup pull
+
+		ssh $DEPLOY_USER@$NODE "cd arvados-setup && sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}"
+	    fi
+}
+
 subcmd="$1"
 if test -n "$subcmd" ; then
     shift
@@ -57,6 +78,7 @@ case "$subcmd" in
 	echo "setup directory initialized, now go to $SETUPDIR, edit 'local.params' and 'local_config_dir' as needed, then run 'installer.sh deploy'"
     ;;
     deploy)
+	NODE=$1
 	CONFIG_FILE=local.params
 	if ! test -s $CONFIG_FILE ; then
 	    echo "Must be run from arvados-setup, maybe you need to 'initialize' first?"
@@ -72,27 +94,15 @@ case "$subcmd" in
 	if ! git diff --cached --exit-code ; then
 	    git commit -m"prepare for deploy"
 	fi
-	for NODE in "${!NODES[@]}"
-	do
-	    if test $NODE = localhost ; then
-		sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}
-	    else
-		if ! ssh $NODE test -d arvados-setup ; then
-		    ssh $NODE git init --bare arvados-setup.git
-		    if ! git remote add $NODE $DEPLOY_USER@$NODE:arvados-setup.git ; then
-			git remote set-url $NODE $DEPLOY_USER@$NODE:arvados-setup.git
-		    fi
-		    git push $NODE $BRANCH
-		    ssh $NODE git clone arvados-setup.git arvados-setup
-		fi
 
-		git push $NODE $BRANCH
-		ssh $NODE git -C arvados-setup checkout $BRANCH
-		ssh $NODE git -C arvados-setup pull
-
-		ssh $DEPLOY_USER@$NODE "cd arvados-setup && sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}"
-	    fi
-	done
+	if test -z "$NODE"; then
+	    for NODE in "${!NODES[@]}"
+	    do
+		deploynode
+	    done
+	else
+	    deploynode
+	fi
 	;;
     *)
 	echo "Arvados installer"

commit 6d154157c70aaf4a5856b170a1b2eb9395348cc1
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 19:43:26 2022 -0400

    18870: Flexible branch naming
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 37f1baf20..b901651e7 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -66,6 +66,8 @@ case "$subcmd" in
 
 	set -x
 
+	BRANCH=$(git branch --show-current)
+
 	git add -A
 	if ! git diff --cached --exit-code ; then
 	    git commit -m"prepare for deploy"
@@ -80,11 +82,12 @@ case "$subcmd" in
 		    if ! git remote add $NODE $DEPLOY_USER@$NODE:arvados-setup.git ; then
 			git remote set-url $NODE $DEPLOY_USER@$NODE:arvados-setup.git
 		    fi
-		    git push $NODE master
+		    git push $NODE $BRANCH
 		    ssh $NODE git clone arvados-setup.git arvados-setup
 		fi
 
-		git push $NODE master
+		git push $NODE $BRANCH
+		ssh $NODE git -C arvados-setup checkout $BRANCH
 		ssh $NODE git -C arvados-setup pull
 
 		ssh $DEPLOY_USER@$NODE "cd arvados-setup && sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}"

commit fc3e2c30b85c138fdbdf440f4f29f5f710de2814
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 19:32:52 2022 -0400

    18870: git stuff
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 604bd7e32..37f1baf20 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -77,8 +77,10 @@ case "$subcmd" in
 	    else
 		if ! ssh $NODE test -d arvados-setup ; then
 		    ssh $NODE git init --bare arvados-setup.git
-		    git remote add $NODE $DEPLOY_USER@$NODE:arvados-setup.git
-		    git push $NODE
+		    if ! git remote add $NODE $DEPLOY_USER@$NODE:arvados-setup.git ; then
+			git remote set-url $NODE $DEPLOY_USER@$NODE:arvados-setup.git
+		    fi
+		    git push $NODE master
 		    ssh $NODE git clone arvados-setup.git arvados-setup
 		fi
 

commit 7aecff0797f9d282587544b356b105c05f13da21
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 19:29:43 2022 -0400

    18870: tweaking git stuff
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index a943fff6a..604bd7e32 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -67,7 +67,7 @@ case "$subcmd" in
 	set -x
 
 	git add -A
-	if ! git diff --exit-code ; then
+	if ! git diff --cached --exit-code ; then
 	    git commit -m"prepare for deploy"
 	fi
 	for NODE in "${!NODES[@]}"
@@ -75,7 +75,7 @@ case "$subcmd" in
 	    if test $NODE = localhost ; then
 		sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}
 	    else
-		if ! ssh $NODE test -d arvados-setup.git ; then
+		if ! ssh $NODE test -d arvados-setup ; then
 		    ssh $NODE git init --bare arvados-setup.git
 		    git remote add $NODE $DEPLOY_USER@$NODE:arvados-setup.git
 		    git push $NODE

commit 5c32f7ed756e32bb3fa03182730f9fad8aab9897
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 19:24:27 2022 -0400

    18870: Commits stuff
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 4d601d9bf..a943fff6a 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -64,8 +64,12 @@ case "$subcmd" in
 
 	source ${CONFIG_FILE}
 
+	set -x
+
 	git add -A
-	git commit -m"prepare for deploy"
+	if ! git diff --exit-code ; then
+	    git commit -m"prepare for deploy"
+	fi
 	for NODE in "${!NODES[@]}"
 	do
 	    if test $NODE = localhost ; then

commit 9b9da21b7bcdb593ed0b06b693add9fdb01d3437
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 19:13:24 2022 -0400

    18870: Fix remote add
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 63db3378e..4d601d9bf 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -73,7 +73,7 @@ case "$subcmd" in
 	    else
 		if ! ssh $NODE test -d arvados-setup.git ; then
 		    ssh $NODE git init --bare arvados-setup.git
-		    git add remote $NODE $DEPLOY_USER@$NODE:arvados-setup.git
+		    git remote add $NODE $DEPLOY_USER@$NODE:arvados-setup.git
 		    git push $NODE
 		    ssh $NODE git clone arvados-setup.git arvados-setup
 		fi

commit 7c14fcc9171f6fe707a9f17dc44357f00ff51333
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 19:09:16 2022 -0400

    18870: git add everything
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index d9666cbc0..63db3378e 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -64,6 +64,7 @@ case "$subcmd" in
 
 	source ${CONFIG_FILE}
 
+	git add -A
 	git commit -m"prepare for deploy"
 	for NODE in "${!NODES[@]}"
 	do

commit 623bd0b69f9ad3fe3889acc463955630946275d2
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 19:03:54 2022 -0400

    18870: Updating params.local
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
index 7bd789f68..d9666cbc0 100755
--- a/tools/salt-install/installer.sh
+++ b/tools/salt-install/installer.sh
@@ -67,17 +67,21 @@ case "$subcmd" in
 	git commit -m"prepare for deploy"
 	for NODE in "${!NODES[@]}"
 	do
-	    if ! ssh $NODE test -d arvados-setup.git ; then
-		ssh $NODE git init --bare arvados-setup.git
-		git add remote $NODE $DEPLOY_USER@$NODE:arvados-setup.git
-		git push $NODE
-		ssh $NODE git clone arvados-setup.git arvados-setup
+	    if test $NODE = localhost ; then
+		sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}
+	    else
+		if ! ssh $NODE test -d arvados-setup.git ; then
+		    ssh $NODE git init --bare arvados-setup.git
+		    git add remote $NODE $DEPLOY_USER@$NODE:arvados-setup.git
+		    git push $NODE
+		    ssh $NODE git clone arvados-setup.git arvados-setup
+		fi
+
+		git push $NODE master
+		ssh $NODE git -C arvados-setup pull
+
+		ssh $DEPLOY_USER@$NODE "cd arvados-setup && sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}"
 	    fi
-
-	    git push $NODE master
-	    ssh $NODE git -C arvados-setup pull
-
-	    ssh $DEPLOY_USER@$NODE "cd arvados-setup && sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}"
 	done
 	;;
     *)
diff --git a/tools/salt-install/local.params.example.multiple_hosts b/tools/salt-install/local.params.example.multiple_hosts
index 31a69e984..404d8b005 100644
--- a/tools/salt-install/local.params.example.multiple_hosts
+++ b/tools/salt-install/local.params.example.multiple_hosts
@@ -11,6 +11,23 @@ CLUSTER="cluster_fixme_or_this_wont_work"
 # The domainname you want tou give to your cluster's hosts
 DOMAIN="domain_fixme_or_this_wont_work"
 
+# For multi-node installs, the ssh log in for each node
+# must be root or able to sudo
+DEPLOY_USER=root
+
+# The mapping of nodes to roles
+# installer.sh will log in to each of these nodes and then provision
+# it for the specified roles.
+declare -A NODES
+NODES=(
+  [controller.$DOMAIN]=api,controller,websocket,dispatcher,keepbalance
+  [keep0.$DOMAIN]=keepstore
+  [keep1.$DOMAIN]=keepstore
+  [keep.$DOMAIN]=keepproxy,keepweb
+  [workbench.$DOMAIN]=workbench,workbench2,webshell
+  [shell.$DOMAIN]=shell
+)
+
 # Host SSL port where you want to point your browser to access Arvados
 # Defaults to 443 for regular runs, and to 8443 when called in Vagrant.
 # You can point it to another port if desired
diff --git a/tools/salt-install/local.params.example.single_host_multiple_hostnames b/tools/salt-install/local.params.example.single_host_multiple_hostnames
index 2ce155651..f6b652612 100644
--- a/tools/salt-install/local.params.example.single_host_multiple_hostnames
+++ b/tools/salt-install/local.params.example.single_host_multiple_hostnames
@@ -11,6 +11,18 @@ CLUSTER="cluster_fixme_or_this_wont_work"
 # The domainname you want tou give to your cluster's hosts
 DOMAIN="domain_fixme_or_this_wont_work"
 
+# For multi-node installs, the ssh log in for each node
+# must be root or able to sudo
+DEPLOY_USER=root
+
+# The mapping of nodes to roles
+# installer.sh will log in to each of these nodes and then provision
+# it for the specified roles.
+declare -A NODES
+NODES=(
+  [localhost]=api,controller,websocket,dispatcher,keepbalance,keepstore,keepproxy,keepweb,workbench,workbench2,webshell
+)
+
 # External ports used by the Arvados services
 CONTROLLER_EXT_SSL_PORT=443
 KEEP_EXT_SSL_PORT=25101
diff --git a/tools/salt-install/local.params.example.single_host_single_hostname b/tools/salt-install/local.params.example.single_host_single_hostname
index 7add9868d..58847e3c5 100644
--- a/tools/salt-install/local.params.example.single_host_single_hostname
+++ b/tools/salt-install/local.params.example.single_host_single_hostname
@@ -11,6 +11,18 @@ CLUSTER="cluster_fixme_or_this_wont_work"
 # The domainname for your cluster's hosts
 DOMAIN="domain_fixme_or_this_wont_work"
 
+# For multi-node installs, the ssh log in for each node
+# must be root or able to sudo
+DEPLOY_USER=root
+
+# The mapping of nodes to roles
+# installer.sh will log in to each of these nodes and then provision
+# it for the specified roles.
+declare -A NODES
+NODES=(
+  [localhost]=api,controller,websocket,dispatcher,keepbalance,keepstore,keepproxy,keepweb,workbench,workbench2,webshell
+)
+
 # Set this value when installing a cluster in a single host with a single
 # hostname to access all the instances. HOSTNAME_EXT should be set to the
 # external hostname for the instance.

commit 722fbc71928e7fc6b91eb101788b51c2bb9577eb
Author: Peter Amstutz <peter.amstutz at curii.com>
Date:   Sun Jun 26 18:42:03 2022 -0400

    18870: New script to help manage install
    
    Arvados-DCO-1.1-Signed-off-by: Peter Amstutz <peter.amstutz at curii.com>

diff --git a/tools/salt-install/installer.sh b/tools/salt-install/installer.sh
new file mode 100755
index 000000000..7bd789f68
--- /dev/null
+++ b/tools/salt-install/installer.sh
@@ -0,0 +1,89 @@
+#!/bin/bash
+
+# Copyright (C) The Arvados Authors. All rights reserved.
+#
+# SPDX-License-Identifier: CC-BY-SA-3.0
+
+set -e
+
+subcmd="$1"
+if test -n "$subcmd" ; then
+    shift
+fi
+case "$subcmd" in
+    initialize)
+	if ! test -f provision.sh ; then
+	    echo "Must be run from arvados/tools/salt-install"
+	    exit
+	fi
+
+	SETUPDIR=$1
+	PARAMS=$2
+	SLS=$3
+
+	err=
+	if test -z "$PARAMS" -o ! -f local.params.example.$PARAMS ; then
+	    echo "Not found: local.params.example.$PARAMS"
+	    echo "Expected one of multiple_hosts, single_host_multiple_hostnames, single_host_single_hostname"
+	    err=1
+	fi
+
+	if test -z "$SLS" -o ! -d config_examples/$SLS ; then
+	    echo "Not found: config_examples/$SLS"
+	    echo "Expected one of multi_host/aws, single_host/multiple_hostnames, single_host/single_hostname"
+	    err=1
+	fi
+
+	if test -z "$SETUPDIR" -o -z "$PARAMS" -o -z "$SLS" ; then
+	    echo "installer.sh <setup dir to initialize> <params template> <config template>"
+	    err=1
+	fi
+
+	if test -n "$err" ; then
+	    exit 1
+	fi
+
+	echo "Initializing $SETUPDIR"
+	git init $SETUPDIR
+	cp -r *.sh tests $SETUPDIR
+
+	cp local.params.example.$PARAMS $SETUPDIR/local.params
+	cp -r config_examples/$SLS $SETUPDIR/local_config_dir
+
+	cd $SETUPDIR
+	git add *.sh local.params local_config_dir tests
+	git commit -m"initial commit"
+
+	echo "setup directory initialized, now go to $SETUPDIR, edit 'local.params' and 'local_config_dir' as needed, then run 'installer.sh deploy'"
+    ;;
+    deploy)
+	CONFIG_FILE=local.params
+	if ! test -s $CONFIG_FILE ; then
+	    echo "Must be run from arvados-setup, maybe you need to 'initialize' first?"
+	fi
+
+	source ${CONFIG_FILE}
+
+	git commit -m"prepare for deploy"
+	for NODE in "${!NODES[@]}"
+	do
+	    if ! ssh $NODE test -d arvados-setup.git ; then
+		ssh $NODE git init --bare arvados-setup.git
+		git add remote $NODE $DEPLOY_USER@$NODE:arvados-setup.git
+		git push $NODE
+		ssh $NODE git clone arvados-setup.git arvados-setup
+	    fi
+
+	    git push $NODE master
+	    ssh $NODE git -C arvados-setup pull
+
+	    ssh $DEPLOY_USER@$NODE "cd arvados-setup && sudo ./provision.sh --config local.params --roles ${NODES[$NODE]}"
+	done
+	;;
+    *)
+	echo "Arvados installer"
+	echo ""
+	echo "initialize   initialize the setup directory for configuration"
+	echo "deploy       deploy the configuration from the setup directory"
+	;;
+esac

-----------------------------------------------------------------------


hooks/post-receive
-- 




More information about the arvados-commits mailing list