Configuration Files (AEN 4.1.1)¶

The default locations for service configuration files are:

server: /opt/wakari/wakari-server/etc/wakari/config.json
gateway: /opt/wakari/wakari-gateway/etc/wakari/config.json
compute: /opt/wakari/wakari-compute/etc/wakari/config.json

For each of these, an additional service-specific configuration file may optionally or alternatively be present:

server: /opt/wakari/wakari-server/etc/wakari/wk-server-config.json
gateway: /opt/wakari/wakari-gateway/etc/wakari/wk-gateway-config.json
compute: /opt/wakari/wakari-compute/etc/wakari/wk-compute-config.json

Each service will load all configuration files in the following order, updating the configuration at each step:

/etc/wakari/config.json
/etc/wakari/wk-gateway-config.json
/opt/wakari/wakari-SERVICE/etc/wakari/config.json
/opt/wakari/wakari-SERVICE/etc/wakari/wk-SERVICE-config.json
./config.json
./wk-gateway-config.json

See the list of supported configuration keys below for more information.

Server Configuration Keys¶
Key	Default	Description
`WAKARI_SERVER`		URL of this Anaconda Enterprise Notebooks server
`DEFAULT` `_PRIVACY`	`public`	Default project privacy setting: either `public` or `private`
`SESSION` `_COOKIE_NAME`	`wakari` `.enterprise.session`	Cookie name used to maintain Anaconda Enterprise Notebooks Enterprise login sessions
`USE_SES`	`false`	Use Amazon SES to send emails
`SMTP`		SMTP email settings. See subkeys below.
`- host`		SMTP mail server hostname
`- user`		username for SMTP server authentication
`- password`		password for SMTP server authentication
`- from_addr`		From address for emails sent through SMTP
`verify` `_gateway` `_certificate`	`true`	Boolean indicating whether the server should verify the gateway SSL certificate
`accounts`	`wk_server.plugins` `.accounts.cloud`	Account provider class. Set to `wk_server.plugins` `.accounts.ldap_accounts` for LDAP.
`uniqueEmail`	`true`	Boolean indicating whether unique user email addresses are required
`LDAP`	389	LDAP Configurations
`- SERVER`		List of LDAP servers. At least one server name must be listed. The primary server should be listed first. All secondary or fail-over servers should be list next.
`- PORT`	389	The LDAP port on the LDAP server
`- AUTH_TYPE`		LDAP Authentication types: `simple`: no encryption not secure or `TLS`: encrypted secure requires the TLS_CERT to be set.
`- TLS_CERT`		Full path to the TLS certificate file. The cert file must also be provided by the Enterprise
`- BASEDN`		The LDAP Base DN value
`- OU`		List of Organizational Units. Some Enterprises group users by OUs in their LDAP server records. Anaconda Enterprise Notebooks will loop over the list of OUs when authenticating a user. The OU value is a list of lists to support multiple OUs where each OU is a single name or a hierarchy of names.
`- ANON_USER`		Username such as `public` or `anonymous` for users who are not logged in to access projects as described in Sudo configuration. Also used for MongoDB configuration.

Gateway Configuration Keys¶
Key	Default	Description
`WAKARI_SERVER`		URL of Anaconda Enterprise Notebooks `WAKARI_SERVER`
`port`	8089	Port number used by the gateway application. Must be a non-privileged port (>= 1024)
`client_id`		Client ID assigned to this gateway by the server during `wk-gateway-configure`
`client_secret`		Client secret assigned to this gateway by the server during `wk-gateway-configure`
`httpTimeout`	600	Timeout in seconds. Default is 10 minutes to allow project creation.

Compute Node Configuration Keys¶
Key	Default	Description
`WAKARI_SERVER`		URL of Anaconda Enterprise Notebooks `WAKARI_SERVER`
`MANAGE` `_ACCOUNTS`	`true`	Boolean indicating whether Anaconda Enterprise Notebooks should manage system user accounts. Set to false for LDAP installations
`port`	2227	Port number used by the compute-launcher application. Note that individual applications use dynamic ports
`projectRoot`	`/projects`	Location of project file storage
`appIdleTime`	172800000 (48 hours)	Idle time before applications will be auto-terminated (in msec)
`idleCheckInterval`	3600000 (1 hour)	Frequency of idle checks
`numericUsernames`	`false`	Boolean indicating whether numeric usernames are permitted
`httpTimeout`	600	Timeout in seconds. Default is 10 minutes to allow project creation.
`- ANON_USER`		Username such as `public` or `anonymous` for users who are not logged in to access projects as described in Sudo configuration. Also used for MongoDB configuration.

Server Unsupported Configuration Keys - Do not change¶
Key	Default	Description
`CDN`	`$WAKARI_SERVER/static/`	Location of static assets
`MONGO_DB`	`wakari`	Name of Anaconda Enterprise Notebooks database in mongodb
`MONGO_URL`	`mongodb://localhost/`	URL of server’s mongodb instance
`PROVIDERS`	`["wk_server.plugins` `.providers.enterprise"]`	List of compute provider classes
`LOGFILE`	`/opt/wakari/wakari-server/` `var/log/wakari/` `wakari-server.application.log`	Path to server log file
`MONGO_ACTION` `_LOG_SIZE`	262144000	Size of Mongo action log in bytes
`SITE_ADMINS`		List of site administrator email addresses. Used for crash notifications and LDAP password reset requests
`FROM` `_EMAIL_ADDR`		From address for notification emails sent by Anaconda Enterprise Notebooks
`uniqueUserName`	`true`	Boolean indicating whether unique usernames are required

Gateway Unsupported Configuration Keys - Do not change¶
Key	Default	Description
`CDN`	`$WAKARI_SERVER/static/`	Location of static assets
`SUBDOMAIN_ROUTING`	`false`	Boolean indicating whether subdomains are being used

Compute Node Unsupported Configuration Keys - Do not change¶
Key	Default	Description
`CDN`	`$WAKARI_SERVER/static/`	Location of static assets
`USE_SES`	`false`	Use Amazon SES to send emails
`multiUser`	`true`	Boolean indicating whether multi-user support is enabled
`multi-project`	`true`	Boolean indicating whether multi-project support is enabled
`ANACONDA_ROOT`	`/opt/wakari/anaconda`	Location of Anaconda installation
`logLevel`	`debug`	Log verbosity. One of: ‘error’ ‘warn’ ‘info’ ‘debug’
`appLogs`	`/opt/wakari/wakari-compute/` `var/log/wakari/compute-launcher-apps`	Directory where application logs will be stored
`appPIDs`	`/opt/wakari/wakari-compute/` `var/run/compute-launcher-apps`	Directory where application PID files will be stored
`applicationLog`	`/opt/wakari/wakari-compute/` `var/log/wakari/` `compute-launcher.application.log`	Path to compute launcher log
`accessLog`	`opt/wakari/wakari-compute/` `var/log/wakari/` `compute-launcher.access.log`	Path to compute launcher access log

DNS Changes¶

It is possible to change the domain names of the various Anaconda Enterprise Notebooks services, however their configuration files need to be updated and the services restarted. Locations of configuration files are documented here. Once these are updated the associated services need to be restarted.

Using the Web interface go to Admin Control Panel, then Data Centers, then click the edit button in order to edit the information of all the data-centers that are changing their Base Domain Name. NOTE: This must include the service port if it is different from the default (80 for HTTP and 443 for HTTPS).

Now from the Admin Control Panel go to Enterprise Resources and edit each Compute Node that has changed its domain name. These are URLs with protocol, hostname, and port.

LDAP Configuration¶

For more information about LDAP, please see the LDAP configuration page.

Example LDAP Configuration¶

Edit the /opt/wakari/wakari-server/etc/wakari/wk-server-config.json file:

{
    "accounts":"wk_server.plugins.accounts.ldap2",
    "LDAP" : {
        "URI": "ldap://openldap.EXAMPLE.COM",
        "BIND_DN": "cn=Bob Jones,ou=Users,DC=EXAMPLE,DC=COM",
        "BIND_AUTH": "secretpass",
        "USER_SEARCH": {"base": "DC=EXAMPLE,DC=COM",
                        "filter": "(| (& (ou=Payroll)
                                         (uid=%(username)s))
                                      (& (ou=Facilities)
                                         (uid=%(username)s)))"
                        },
        "KEY_MAP": {"email": "mail",
                    "name": "cn"
                }
    }
}