forked from waltermoreira/abaco
-
Notifications
You must be signed in to change notification settings - Fork 14
/
local-dev.conf
264 lines (202 loc) · 10.2 KB
/
local-dev.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
[general]
TAG: dev
[logs]
# global configs for all of abaco
#level = ERROR
level = DEBUG
# configs for specific modules
#level.worker = DEBUG
#level.docker_utils = DEBUG
#level.spawner = DEBUG
#level.controllers = DEBUG
[store]
# url for the mongo instance
mongo_host: mongo
# port for the mongo instance
mongo_port: 27017
# uncomment the next two lines for authenticated mongo
#mongo_user: abaco
#mongo_password: the_mongo_password
[rabbit]
# url and port for the rabbitmq instance
uri: amqp://rabbit:5672
[spawner]
# For scalability, worker containers can run on separate physical hosts. At least one
# spawner and one health check worker should be launched on each worker host, and the
# host_id should be the unique for each worker host.
host_id: 0
# list of queues that spawners on this host will subscribe to.
host_queues: default, special
# An addressable IP for the spawner's host. This config is not currently used but could
# be at a future date to support a conatiner scheduler like swarm or mesos.
host_ip: 172.17.0.1
# When new workers are spawned, a config file must be mounted for communication with rabbit.
# This path should be an absolute path *on the host* where such a config file exists. By default, spawners
# read this path from an environment variable, abaco_conf_host_path, but if this variable isn't set spawners
# will fall back to using this configuration.
# abaco_conf_host_path: /path/to/abaco.conf
# the maximum number of messages that the autoscaler should put on the default command channel.
max_cmd_length: 12
# the maximum number of workers that are allowed to simultaneously be running on a given compute host.
# Spawners will unsubscribe from the command channel when this threshold is met.
# For local development, we intentially keep the max workers small:
max_workers_per_host: 75
# the default maximum number of workers that a given actor can have at one time. admin's can set the
# max_workers attribute for a given actor to a different number. the autoscaler will not scale
# an actor's worker pool beyond this number.
max_workers_per_actor: 6
# name of the docker network on which the Abaco agents should start spawner and worker containers.
# when using the local development stack, by default this network will be named {{ repo_name }}_abaco, where
# repo_name is the name of the directory in which this repository was checked out.
# this setting is required when using the local-dev.conf file included here so that spawners and workers
# can communicate with the database containers.
# when this setting is not configured, spawners and workers started programmatically will be added to the
# default docker network for the host.
docker_network: abaco_abaco
[docker]
# url to use for docker daemon by spawners and workers. Currently only the unix socket is
# supported but other options could be implemented in the future.
dd: unix://var/run/docker.sock
# docker hub credentials: can pass multuple sets and abaco agents will use a different set at random.0
# format should be
# dockerhub_username_1
# dockerhub_password_1
# dockerhub_username_2
# dockerhub_password_2
# etc.
# See stache entry "CIC (Abaco) DockerHub credentials" for credentials.
[workers]
# number of worker containers to initially start when an actor is created
init_count: 1
# set whether autoscaling is enabled
autoscaling = true
# max length of time, in seconds, an actor container is allowed to execute before being killed.
# set to -1 for indefinite execution time.
max_run_time: -1
# The maximum amount of memory an Actor container can use; similar to the --memory flag in Docker
# set to -1 for unlimited memory
# examples:
# limit each actor to 1 gig
# mem_limit = 1g
# limit each actor to 5 meg
# mem_limit = 5m
# maximum number of CPUs each actor will have available to them. Does not guarantee these CPU resources
# to each actor, but rather provides the upper bound on available resources.
# set to -1 for unlimited CPU resources.
# allow access to 1 cpu
max_cpus = 1000000000
# length of time, in seconds, to keep an idle worker alive. Set to -1 to keep workers
# alive indefinitely.
# Set the ttl to 2 minutes.
# worker_ttl: 120
# Set the ttl to 24 hours.
worker_ttl: 86400
# length of time, in seconds, to keep an idle worker alive when the actor has the "sync" hint.
# Set the max idle time to 2 minutes.
# worker_ttl: 120
# Set the max idle time to 10 minutes:
sync_max_idle_time: 600
# whether worker containers should be scheduled with the auto_remove flag. In general, this should be set to true
# but requires docker version > 1.25 so should be set to false when that is not the case. Also can be helpful to set to
# False for development/debugging efforts.
auto_remove: true
# Whether the workers should have OAuth clients generated for them:
generate_clients: False
# specifiy client generation is available for a specific tenant -
# DEV-STAGING_generate_clients: True
# a list of mounts to make for every actor container, separated by comma (,) characters.
# Mounts should be of the form <absolute_host_path>:<absolute_container_path>:<mode>
# where mode is either ro for read-only or rw for read-write.
# Token replacement done at runtime for the following:
# tenant_id: the tenant id associated with the actor.
# username: the username of the owner of the actor.
# tasdir: the homeDirectory attribute returned from tas. This attribute requires the
# use_tas_uid field to be set.
#global_mounts: /data1:/_abaco_data1:ro,/data2/{tenant_id}/{username}:/_abaco_data2:rw
#, /data3/{tasdir}:/work:rw
# global mounts for a specific tenant; the format of the attribute is {tenant_id}_global mounts.
# Use lower case for the tenant_id.
# If this setting is in place, the general "global_mounts" config will be ignored for that tenant.
# Example of setting global mounts specifically for the designsafe tenant:
designsafe_global_mounts: /corral-repl/tacc/NHERI/shared/{username}:/mydata:rw
dev-develop_global_mounts: /data1:/_abaco_data1:ro
# a list of mounts to make for privileged actor containers. Follows the same format as the global mounts
#privileged_mounts: /data1:/_abaco_data1:ro,/data2:/_abaco_data2:rw
# whether to leave the actor containers or remove them. Should be False in
# staging/production but setting True can be helpful when debugging locally.
leave_containers: False
# container uid and gid can be set on a tenant by tenant basis, or at a global level for the entire
# Abaco instance. By default, the container image's uid and gid will be used. through configuration,
# there are two other options: 1) using TAS (tacc accounting system) to run the container as the user's
# uid/gid, or 2) using a fixed uid/gid for all containers.
# to use a specific uid/gid for all containers within a tenant, set {tenant}_actor_uid and {tenant}_actor_gid;
# for example:
#dev-develop_actor_uid: 1000
#dev-develop_actor_gid: 1000
designsafe_actor_uid: 458981
designsafe_actor_gid: 816877
# to use a specific uid/gid for all containers, regardless of tenant, set actor_uid and actor_gid.
# for example:
# actor_uid: 1000
# actor_gid: 1000
# to run the actor containers as the UID associated with the owner of the actor in TAS.
# requires TAS_ROLE_ACCT and TAS_ROLE_PASS passes as environment variables.
# Default value is False in which case the container run as the UID set in the container image.
use_tas_uid: False
# to just use TAS uid/gid for a specific tenant, set {tenant}_use_tas_uid: True; for example, configure
# Abco to use TAS just for the sd2e tenant:
sd2e_use_tas_uid: True
# path on the workers host to use for mounting temporary sockets for processing execution results.
socket_host_path_dir: /_abaco_results_sockets
# path on the workers host to use for mounting temporary fifo's for processing binary messages.
fifo_host_path_dir: /_abaco_fifos
[web]
# type of access control for the web front end. supports: 'jwt', and 'none'
# access_control: none
access_control: jwt
# the role required for "base level" access to the service. This setting is only used when using JWT access control.
user_role: Internal/everyone
# whether to allow the use of nonces for authenticating requests to the API. The x-nonce query parameter is only
# checked in the absence of a JWT header.
accept_nonce: True
# the name of the tenant when not using jwt
tenant_name: dev_staging
# public key for the apim instance when deployed behind apim (jwt access control)
apim_public_key: MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCUp/oV1vWc8/TkQSiAvTousMzOM4asB2iltr2QKozni5aVFu818MpOLZIr8LMnTzWllJvvaA5RAAdpbECb 48FjbBe0hseUdN5HpwvnH/DW8ZccGvk53I6Orq7hLCv1ZHtuOCokghz/ATrhyPq QktMfXnRS4HrKGJTzxaCcU7OQIDAQAB
# the default value for an actor's token attribute; can be set globally with:
default_token: false
# or for a specific tenant
DEV-STAGING_default_token: true
# whether the web apps return a stacktrace or a nice JSON object on an APIException:
# 'true' or 'false'
show_traceback: false
# Amount of time, in seconds, to store log data. Set to -1 to store indefinitely.
# Here we set the to 12 hours.
log_ex: 43200
# Max amount of time that any log can be set.
log_ex_limit: 86400
# Amount of time, in seconds, to which sd2e's logs will be set.
sd2e_log_ex: 10800
# Max amount of time, in seconds, to which sd2e's logs can be set.
sd2e_log_ex_limit: 21600
# Max amount of time, in seconds, to which this DEV's logs can be set.
DEV_log_ex_limit: 30000
# Amount of time, in seconds, to which this DEV's logs will be set.
DEV_log_ex: 15000
# Max length (in bytes) to store an actor execution's log. If a log exceeds this length, the log will be truncated.
# Note: max_log_length must not exceed the maximum document length for the log store.
# here we default it to 1 MB
max_log_length: 1000000
# Either camel or snake: Whether to return responses in camel case or snake. Default is snake.
case: snake
# The maximum content length, in bytes, allowed for raw (binary) data messages.
# Below we set it to 500M:
max_content_length: 500000000
# list of all allowable queues
all_queues: default, special
# used to encrypt secrets
# generate q key with the following:
# >>> from cryptography.fernet import Fernet
# >>> key = Fernet.generate_key()
# the following is just an example used for local development (it is NOT used in any hosted Abaco deployments):
encryption_key: djq6ghD6YMWU43TyxGy58pmw_I2hfroAvcbqz9kV23o=