services/provisioning-service/provisioning.yml - incubator-datalab - Git at Google

 # *****************************************************************************
 #
 #  Licensed to the Apache Software Foundation (ASF) under one
 #  or more contributor license agreements.  See the NOTICE file
 #  distributed with this work for additional information
 #  regarding copyright ownership.  The ASF licenses this file
 #  to you under the Apache License, Version 2.0 (the
 #  "License"); you may not use this file except in compliance
 #  with the License.  You may obtain a copy of the License at
 #
 #  http://www.apache.org/licenses/LICENSE-2.0
 #
 #  Unless required by applicable law or agreed to in writing,
 #  software distributed under the License is distributed on an
 #  "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
 #  KIND, either express or implied.  See the License for the
 #  specific language governing permissions and limitations
 #  under the License.
 #
 # ******************************************************************************

   <#include "ssn.yml">

 backupScriptPath: /opt/datalab/tmp/backup.py
 backupDirectory: /opt/datalab/tmp/result
 keyDirectory: ${KEYS_DIR}
 responseDirectory: /opt/datalab/tmp
 handlerDirectory: /opt/datalab/handlers
 dockerLogDirectory: ${LOG_ROOT_DIR}
 warmupPollTimeout: 2m
 resourceStatusPollTimeout: 400m
 keyLoaderPollTimeout: 30m
 requestEnvStatusTimeout: 50s
 adminKey: KEYNAME
 edgeImage: docker.datalab-edge
 fileLengthCheckDelay: 500ms

   <#if CLOUD_TYPE == "aws">
 emrEC2RoleDefault: EMR_EC2_DefaultRole
 emrServiceRoleDefault: EMR_DefaultRole
 </#if>

 processMaxThreadsPerJvm: 50
 processMaxThreadsPerUser: 5
 processTimeout: 180m

 handlersPersistenceEnabled: true

 server:
   requestLog:
     appenders:
       - type: file
         currentLogFilename: ${LOG_ROOT_DIR}/ssn/request-provisioning.log
         archive: true
         archivedLogFilenamePattern: ${LOG_ROOT_DIR}/ssn/request-provisioning-%d{yyyy-MM-dd}.log.gz
         archivedFileCount: 10
   applicationConnectors:
 #    - type: http
     - type: https
       port: 8084
       certAlias: ssn
       validateCerts: false
       keyStorePath: ${KEY_STORE_PATH}
       keyStorePassword: ${KEY_STORE_PASSWORD}
       trustStorePath: ${TRUST_STORE_PATH}
       trustStorePassword: ${TRUST_STORE_PASSWORD}
   adminConnectors:
 #    - type: http
     - type: https
       port: 8085
       certAlias: ssn
       validateCerts: false
       keyStorePath: ${KEY_STORE_PATH}
       keyStorePassword: ${KEY_STORE_PASSWORD}
       trustStorePath: ${TRUST_STORE_PATH}
       trustStorePassword: ${TRUST_STORE_PASSWORD}

 logging:
   level: INFO
   loggers:
     com.epam: TRACE
     com.aegisql: INFO
   appenders:
 <#if DEV_MODE == "true">
     - type: console
 </#if>
     - type: file
       currentLogFilename: ${LOG_ROOT_DIR}/ssn/provisioning.log
       archive: true
       archivedLogFilenamePattern: ${LOG_ROOT_DIR}/ssn/provisioning-%d{yyyy-MM-dd}.log.gz
       archivedFileCount: 10

 keycloakConfiguration:
   realm: KEYCLOAK_REALM_NAME
   bearer-only: true
   auth-server-url: KEYCLOAK_AUTH_SERVER_URL
   ssl-required: none
   register-node-at-startup: true
   register-node-period: 600
   resource: KEYCLOAK_CLIENT_NAME
   credentials:
     secret: KEYCLOAK_CLIENT_SECRET

 cloudProperties:
   os: CONF_OS
   serviceBaseName: SERVICE_BASE_NAME
   edgeInstanceSize: EDGE_INSTANCE_SIZE
   subnetId: SUBNET_ID
   region: REGION
   zone: ZONE
   confTagResourceId: TAG_RESOURCE_ID
   securityGroupIds: SG_IDS
   ssnInstanceSize: SSN_INSTANCE_SIZE
   notebookVpcId: VPC2_ID
   notebookSubnetId: SUBNET2_ID
   confKeyDir: CONF_KEY_DIR
   vpcId: VPC_ID
   peeringId: PEERING_ID
   azureResourceGroupName: AZURE_RESOURCE_GROUP_NAME
   ssnStorageAccountTagName: AZURE_SSN_STORAGE_ACCOUNT_TAG
   sharedStorageAccountTagName: AZURE_SHARED_STORAGE_ACCOUNT_TAG
   datalakeTagName: AZURE_DATALAKE_TAG
   azureClientId: AZURE_CLIENT_ID
   gcpProjectId: GCP_PROJECT_ID
   imageEnabled: CONF_IMAGE_ENABLED
   azureAuthFile: AZURE_AUTH_FILE_PATH
   ldap:
     host: LDAP_HOST
     dn: LDAP_DN
     ou: LDAP_OU
     user: LDAP_USER_NAME
     password: LDAP_USER_PASSWORD
   stepCerts:
     enabled: STEP_CERTS_ENABLED
     rootCA: STEP_ROOT_CA
     kid: STEP_KID_ID
     kidPassword: STEP_KID_PASSWORD
     caURL: STEP_CA_URL
   keycloak:
     auth_server_url: KEYCLOAK_AUTH_SERVER_URL
     realm_name: KEYCLOAK_REALM_NAME
     user: KEYCLOAK_USER_NAME
     user_password: KEYCLOAK_PASSWORD
	# *****************************************************************************
	#
	# Licensed to the Apache Software Foundation (ASF) under one
	# or more contributor license agreements. See the NOTICE file
	# distributed with this work for additional information
	# regarding copyright ownership. The ASF licenses this file
	# to you under the Apache License, Version 2.0 (the
	# "License"); you may not use this file except in compliance
	# with the License. You may obtain a copy of the License at
	#
	# http://www.apache.org/licenses/LICENSE-2.0
	#
	# Unless required by applicable law or agreed to in writing,
	# software distributed under the License is distributed on an
	# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	# KIND, either express or implied. See the License for the
	# specific language governing permissions and limitations
	# under the License.
	#
	# ******************************************************************************

	<#include "ssn.yml">

	backupScriptPath: /opt/datalab/tmp/backup.py
	backupDirectory: /opt/datalab/tmp/result
	keyDirectory: ${KEYS_DIR}
	responseDirectory: /opt/datalab/tmp
	handlerDirectory: /opt/datalab/handlers
	dockerLogDirectory: ${LOG_ROOT_DIR}
	warmupPollTimeout: 2m
	resourceStatusPollTimeout: 400m
	keyLoaderPollTimeout: 30m
	requestEnvStatusTimeout: 50s
	adminKey: KEYNAME
	edgeImage: docker.datalab-edge
	fileLengthCheckDelay: 500ms

	<#if CLOUD_TYPE == "aws">
	emrEC2RoleDefault: EMR_EC2_DefaultRole
	emrServiceRoleDefault: EMR_DefaultRole
	</#if>

	processMaxThreadsPerJvm: 50
	processMaxThreadsPerUser: 5
	processTimeout: 180m

	handlersPersistenceEnabled: true

	server:
	requestLog:
	appenders:
	- type: file
	currentLogFilename: ${LOG_ROOT_DIR}/ssn/request-provisioning.log
	archive: true
	archivedLogFilenamePattern: ${LOG_ROOT_DIR}/ssn/request-provisioning-%d{yyyy-MM-dd}.log.gz
	archivedFileCount: 10
	applicationConnectors:
	# - type: http
	- type: https
	port: 8084
	certAlias: ssn
	validateCerts: false
	keyStorePath: ${KEY_STORE_PATH}
	keyStorePassword: ${KEY_STORE_PASSWORD}
	trustStorePath: ${TRUST_STORE_PATH}
	trustStorePassword: ${TRUST_STORE_PASSWORD}
	adminConnectors:
	# - type: http
	- type: https
	port: 8085
	certAlias: ssn
	validateCerts: false
	keyStorePath: ${KEY_STORE_PATH}
	keyStorePassword: ${KEY_STORE_PASSWORD}
	trustStorePath: ${TRUST_STORE_PATH}
	trustStorePassword: ${TRUST_STORE_PASSWORD}

	logging:
	level: INFO
	loggers:
	com.epam: TRACE
	com.aegisql: INFO
	appenders:
	<#if DEV_MODE == "true">
	- type: console
	</#if>
	- type: file
	currentLogFilename: ${LOG_ROOT_DIR}/ssn/provisioning.log
	archive: true
	archivedLogFilenamePattern: ${LOG_ROOT_DIR}/ssn/provisioning-%d{yyyy-MM-dd}.log.gz
	archivedFileCount: 10

	keycloakConfiguration:
	realm: KEYCLOAK_REALM_NAME
	bearer-only: true
	auth-server-url: KEYCLOAK_AUTH_SERVER_URL
	ssl-required: none
	register-node-at-startup: true
	register-node-period: 600
	resource: KEYCLOAK_CLIENT_NAME
	credentials:
	secret: KEYCLOAK_CLIENT_SECRET

	cloudProperties:
	os: CONF_OS
	serviceBaseName: SERVICE_BASE_NAME
	edgeInstanceSize: EDGE_INSTANCE_SIZE
	subnetId: SUBNET_ID
	region: REGION
	zone: ZONE
	confTagResourceId: TAG_RESOURCE_ID
	securityGroupIds: SG_IDS
	ssnInstanceSize: SSN_INSTANCE_SIZE
	notebookVpcId: VPC2_ID
	notebookSubnetId: SUBNET2_ID
	confKeyDir: CONF_KEY_DIR
	vpcId: VPC_ID
	peeringId: PEERING_ID
	azureResourceGroupName: AZURE_RESOURCE_GROUP_NAME
	ssnStorageAccountTagName: AZURE_SSN_STORAGE_ACCOUNT_TAG
	sharedStorageAccountTagName: AZURE_SHARED_STORAGE_ACCOUNT_TAG
	datalakeTagName: AZURE_DATALAKE_TAG
	azureClientId: AZURE_CLIENT_ID
	gcpProjectId: GCP_PROJECT_ID
	imageEnabled: CONF_IMAGE_ENABLED
	azureAuthFile: AZURE_AUTH_FILE_PATH
	ldap:
	host: LDAP_HOST
	dn: LDAP_DN
	ou: LDAP_OU
	user: LDAP_USER_NAME
	password: LDAP_USER_PASSWORD
	stepCerts:
	enabled: STEP_CERTS_ENABLED
	rootCA: STEP_ROOT_CA
	kid: STEP_KID_ID
	kidPassword: STEP_KID_PASSWORD
	caURL: STEP_CA_URL
	keycloak:
	auth_server_url: KEYCLOAK_AUTH_SERVER_URL
	realm_name: KEYCLOAK_REALM_NAME
	user: KEYCLOAK_USER_NAME
	user_password: KEYCLOAK_PASSWORD