Configuration Files (AEN 4.1.1)¶
The default locations for service configuration files are:
- server:
/opt/wakari/wakari-server/etc/wakari/config.json
- gateway:
/opt/wakari/wakari-gateway/etc/wakari/config.json
- compute:
/opt/wakari/wakari-compute/etc/wakari/config.json
For each of these, an additional service-specific configuration file may optionally or alternatively be present:
- server:
/opt/wakari/wakari-server/etc/wakari/wk-server-config.json
- gateway:
/opt/wakari/wakari-gateway/etc/wakari/wk-gateway-config.json
- compute:
/opt/wakari/wakari-compute/etc/wakari/wk-compute-config.json
Each service will load all configuration files in the following order, updating the configuration at each step:
/etc/wakari/config.json
/etc/wakari/wk-gateway-config.json
/opt/wakari/wakari-SERVICE/etc/wakari/config.json
/opt/wakari/wakari-SERVICE/etc/wakari/wk-SERVICE-config.json
./config.json
./wk-gateway-config.json
See the list of supported configuration keys below for more information.
Key | Default | Description |
---|---|---|
WAKARI_SERVER |
URL of this Anaconda Enterprise Notebooks server | |
DEFAULT _PRIVACY |
public |
Default project privacy setting: either public or private |
SESSION _COOKIE_NAME |
wakari .enterprise.session |
Cookie name used to maintain Anaconda Enterprise Notebooks Enterprise login sessions |
USE_SES |
false |
Use Amazon SES to send emails |
SMTP |
SMTP email settings. See subkeys below. | |
- host |
SMTP mail server hostname | |
- user |
username for SMTP server authentication | |
- password |
password for SMTP server authentication | |
- from_addr |
From address for emails sent through SMTP | |
verify _gateway _certificate |
true |
Boolean indicating whether the server should verify the gateway SSL certificate |
accounts |
wk_server.plugins .accounts.cloud |
Account provider class. Set to wk_server.plugins .accounts.ldap_accounts for LDAP. |
uniqueEmail |
true |
Boolean indicating whether unique user email addresses are required |
LDAP |
389 | LDAP Configurations |
- SERVER |
List of LDAP servers. At least one server name must be listed. The primary server should be listed first. All secondary or fail-over servers should be list next. | |
- PORT |
389 | The LDAP port on the LDAP server |
- AUTH_TYPE |
LDAP Authentication types: simple : no encryption not secure or TLS : encrypted secure requires the TLS_CERT to be set. |
|
- TLS_CERT |
Full path to the TLS certificate file. The cert file must also be provided by the Enterprise | |
- BASEDN |
The LDAP Base DN value | |
- OU |
List of Organizational Units. Some Enterprises group users by OUs in their LDAP server records. Anaconda Enterprise Notebooks will loop over the list of OUs when authenticating a user. The OU value is a list of lists to support multiple OUs where each OU is a single name or a hierarchy of names. | |
- ANON_USER |
Username such as public or anonymous for users who are not logged in to access projects as described in Sudo configuration. Also used for MongoDB configuration. |
Key | Default | Description |
---|---|---|
WAKARI_SERVER |
URL of Anaconda Enterprise Notebooks WAKARI_SERVER |
|
port |
8089 | Port number used by the gateway application. Must be a non-privileged port (>= 1024) |
client_id |
Client ID assigned to this gateway by the server during wk-gateway-configure |
|
client_secret |
Client secret assigned to this gateway by the server during wk-gateway-configure |
|
httpTimeout |
600 | Timeout in seconds. Default is 10 minutes to allow project creation. |
Key | Default | Description |
---|---|---|
WAKARI_SERVER |
URL of Anaconda Enterprise Notebooks WAKARI_SERVER |
|
MANAGE _ACCOUNTS |
true |
Boolean indicating whether Anaconda Enterprise Notebooks should manage system user accounts. Set to false for LDAP installations |
port |
2227 | Port number used by the compute-launcher application. Note that individual applications use dynamic ports |
projectRoot |
/projects |
Location of project file storage |
appIdleTime |
172800000 (48 hours) | Idle time before applications will be auto-terminated (in msec) |
idleCheckInterval |
3600000 (1 hour) | Frequency of idle checks |
numericUsernames |
false |
Boolean indicating whether numeric usernames are permitted |
httpTimeout |
600 | Timeout in seconds. Default is 10 minutes to allow project creation. |
- ANON_USER |
Username such as public or anonymous for users who are not logged in to access projects as described in Sudo configuration. Also used for MongoDB configuration. |
Key | Default | Description |
---|---|---|
CDN |
$WAKARI_SERVER/static/ |
Location of static assets |
MONGO_DB |
wakari |
Name of Anaconda Enterprise Notebooks database in mongodb |
MONGO_URL |
mongodb://localhost/ |
URL of server’s mongodb instance |
PROVIDERS |
["wk_server.plugins .providers.enterprise"] |
List of compute provider classes |
LOGFILE |
/opt/wakari/wakari-server/ var/log/wakari/ wakari-server.application.log |
Path to server log file |
MONGO_ACTION _LOG_SIZE |
262144000 | Size of Mongo action log in bytes |
SITE_ADMINS |
List of site administrator email addresses. Used for crash notifications and LDAP password reset requests | |
FROM _EMAIL_ADDR |
From address for notification emails sent by Anaconda Enterprise Notebooks | |
uniqueUserName |
true |
Boolean indicating whether unique usernames are required |
Key | Default | Description |
---|---|---|
CDN |
$WAKARI_SERVER/static/ |
Location of static assets |
SUBDOMAIN_ROUTING |
false |
Boolean indicating whether subdomains are being used |
Key | Default | Description |
---|---|---|
CDN |
$WAKARI_SERVER/static/ |
Location of static assets |
USE_SES |
false |
Use Amazon SES to send emails |
multiUser |
true |
Boolean indicating whether multi-user support is enabled |
multi-project |
true |
Boolean indicating whether multi-project support is enabled |
ANACONDA_ROOT |
/opt/wakari/anaconda |
Location of Anaconda installation |
logLevel |
debug |
Log verbosity. One of: ‘error’ ‘warn’ ‘info’ ‘debug’ |
appLogs |
/opt/wakari/wakari-compute/ var/log/wakari/compute-launcher-apps |
Directory where application logs will be stored |
appPIDs |
/opt/wakari/wakari-compute/ var/run/compute-launcher-apps |
Directory where application PID files will be stored |
applicationLog |
/opt/wakari/wakari-compute/ var/log/wakari/ compute-launcher.application.log |
Path to compute launcher log |
accessLog |
opt/wakari/wakari-compute/ var/log/wakari/ compute-launcher.access.log |
Path to compute launcher access log |
DNS Changes¶
It is possible to change the domain names of the various Anaconda Enterprise Notebooks services, however their configuration files need to be updated and the services restarted. Locations of configuration files are documented here. Once these are updated the associated services need to be restarted.
Using the Web interface go to Admin Control Panel, then Data Centers, then click the edit button in order to edit the information of all the data-centers that are changing their Base Domain Name. NOTE: This must include the service port if it is different from the default (80 for HTTP and 443 for HTTPS).
Now from the Admin Control Panel go to Enterprise Resources and edit each Compute Node that has changed its domain name. These are URLs with protocol, hostname, and port.
LDAP Configuration¶
For more information about LDAP, please see the LDAP configuration page.
Example LDAP Configuration¶
Edit the /opt/wakari/wakari-server/etc/wakari/wk-server-config.json file:
{
"accounts":"wk_server.plugins.accounts.ldap2",
"LDAP" : {
"URI": "ldap://openldap.EXAMPLE.COM",
"BIND_DN": "cn=Bob Jones,ou=Users,DC=EXAMPLE,DC=COM",
"BIND_AUTH": "secretpass",
"USER_SEARCH": {"base": "DC=EXAMPLE,DC=COM",
"filter": "(| (& (ou=Payroll)
(uid=%(username)s))
(& (ou=Facilities)
(uid=%(username)s)))"
},
"KEY_MAP": {"email": "mail",
"name": "cn"
}
}
}