Configuration Files (AEN 4.1.2)#

The default locations for service configuration files are:

  • server: /opt/wakari/wakari-server/etc/wakari/config.json
  • gateway: /opt/wakari/wakari-gateway/etc/wakari/config.json
  • compute: /opt/wakari/wakari-compute/etc/wakari/config.json

For each of these, an additional service-specific configuration file may optionally or alternatively be present:

  • server: /opt/wakari/wakari-server/etc/wakari/wk-server-config.json
  • gateway: /opt/wakari/wakari-gateway/etc/wakari/wk-gateway-config.json
  • compute: /opt/wakari/wakari-compute/etc/wakari/wk-compute-config.json

Each service will load all configuration files in the following order, updating the configuration at each step:

/etc/wakari/config.json
/etc/wakari/wk-gateway-config.json
/opt/wakari/wakari-SERVICE/etc/wakari/config.json
/opt/wakari/wakari-SERVICE/etc/wakari/wk-SERVICE-config.json
./config.json
./wk-gateway-config.json

See the list of supported configuration keys below for more information.

Server Configuration Keys
Key Default Description
WAKARI_SERVER   URL of this Anaconda Enterprise Notebooks server
DEFAULT _PRIVACY public Default project privacy setting: either public or private
SESSION _COOKIE_NAME wakari .enterprise.session Cookie name used to maintain Anaconda Enterprise Notebooks Enterprise login sessions
USE_SES false Use Amazon SES to send emails
SMTP   SMTP email settings. See subkeys below.
- host   SMTP mail server hostname
- user   username for SMTP server authentication
- password   password for SMTP server authentication
- from_addr   From address for emails sent through SMTP
verify _gateway _certificate true Boolean indicating whether the server should verify the gateway SSL certificate
accounts wk_server.plugins .accounts.cloud Account provider class. Set to wk_server.plugins .accounts.ldap_accounts for LDAP.
uniqueEmail true Boolean indicating whether unique user email addresses are required
LDAP 389 LDAP Configurations
- SERVER   List of LDAP servers. At least one server name must be listed. The primary server should be listed first. All secondary or fail-over servers should be list next.
- PORT 389 The LDAP port on the LDAP server
- AUTH_TYPE   LDAP Authentication types: simple: no encryption not secure or TLS: encrypted secure requires the TLS_CERT to be set.
- TLS_CERT   Full path to the TLS certificate file. The cert file must also be provided by the Enterprise
- BASEDN   The LDAP Base DN value
- OU   List of Organizational Units. Some Enterprises group users by OUs in their LDAP server records. Anaconda Enterprise Notebooks will loop over the list of OUs when authenticating a user. The OU value is a list of lists to support multiple OUs where each OU is a single name or a hierarchy of names.
- ANON_USER   Username such as public or anonymous for users who are not logged in to access projects as described in Sudo configuration. Also used for MongoDB configuration.
SEARCH_ENABLED true Boolean indicating whether ElasticSearch is enabled
SEARCH_SERVER 'localhost:9200' IP address or domain name and port of ElasticSearch server
Gateway Configuration Keys
Key Default Description
WAKARI_SERVER   URL of Anaconda Enterprise Notebooks WAKARI_SERVER
port 8089 Port number used by the gateway application. Must be a non-privileged port (>= 1024)
client_id   Client ID assigned to this gateway by the server during wk-gateway-configure
client_secret   Client secret assigned to this gateway by the server during wk-gateway-configure
httpTimeout 600 Timeout in seconds. Default is 10 minutes to allow project creation.
Compute Node Configuration Keys
Key Default Description
WAKARI_SERVER   URL of Anaconda Enterprise Notebooks WAKARI_SERVER
MANAGE _ACCOUNTS true Boolean indicating whether Anaconda Enterprise Notebooks should manage system user accounts. Set to false for LDAP installations
port 2227 Port number used by the compute-launcher application. Note that individual applications use dynamic ports
projectRoot /projects Location of project file storage
appIdleTime 172800000 (48 hours) Idle time before applications will be auto-terminated (in msec)
idleCheckInterval 3600000 (1 hour) Frequency of idle checks
numericUsernames false Boolean indicating whether numeric usernames are permitted
httpTimeout 600 Timeout in seconds. Default is 10 minutes to allow project creation.
- ANON_USER   Username such as public or anonymous for users who are not logged in to access projects as described in Sudo configuration. Also used for MongoDB configuration.
Server Unsupported Configuration Keys - Do not change
Key Default Description
CDN $WAKARI_SERVER/static/ Location of static assets
MONGO_DB wakari Name of Anaconda Enterprise Notebooks database in mongodb
MONGO_URL mongodb://localhost/ URL of server’s mongodb instance
PROVIDERS ["wk_server.plugins .providers.enterprise"] List of compute provider classes
LOGFILE /opt/wakari/wakari-server/ var/log/wakari/ wakari-server.application.log Path to server log file
MONGO_ACTION _LOG_SIZE 262144000 Size of Mongo action log in bytes
SITE_ADMINS   List of site administrator email addresses. Used for crash notifications and LDAP password reset requests
FROM _EMAIL_ADDR   From address for notification emails sent by Anaconda Enterprise Notebooks
uniqueUserName true Boolean indicating whether unique usernames are required
Gateway Unsupported Configuration Keys - Do not change
Key Default Description
CDN $WAKARI_SERVER/static/ Location of static assets
SUBDOMAIN_ROUTING false Boolean indicating whether subdomains are being used
Compute Node Unsupported Configuration Keys - Do not change
Key Default Description
CDN $WAKARI_SERVER/static/ Location of static assets
USE_SES false Use Amazon SES to send emails
multiUser true Boolean indicating whether multi-user support is enabled
multi-project true Boolean indicating whether multi-project support is enabled
ANACONDA_ROOT /opt/wakari/anaconda Location of Anaconda installation
logLevel debug Log verbosity. One of: ‘error’ ‘warn’ ‘info’ ‘debug’
appLogs /opt/wakari/wakari-compute/ var/log/wakari/compute-launcher-apps Directory where application logs will be stored
appPIDs /opt/wakari/wakari-compute/ var/run/compute-launcher-apps Directory where application PID files will be stored
applicationLog /opt/wakari/wakari-compute/ var/log/wakari/ compute-launcher.application.log Path to compute launcher log
accessLog opt/wakari/wakari-compute/ var/log/wakari/ compute-launcher.access.log Path to compute launcher access log

DNS Changes

It is possible to change the domain names of the various Anaconda Enterprise Notebooks services, however their configuration files need to be updated and the services restarted. Locations of configuration files are documented here. Once these are updated the associated services need to be restarted.

Using the Web interface go to Admin Control Panel, then Data Centers, then click the edit button in order to edit the information of all the data-centers that are changing their Base Domain Name. NOTE: This must include the service port if it is different from the default (80 for HTTP and 443 for HTTPS).

Now from the Admin Control Panel go to Enterprise Resources and edit each Compute Node that has changed its domain name. These are URLs with protocol, hostname, and port.

LDAP Configuration

For more information about LDAP, please see the LDAP configuration page.

Example LDAP Configuration

Edit the /opt/wakari/wakari-server/etc/wakari/wk-server-config.json file:

{
    "accounts":"wk_server.plugins.accounts.ldap2",
    "LDAP" : {
        "URI": "ldap://openldap.EXAMPLE.COM",
        "BIND_DN": "cn=Bob Jones,ou=Users,DC=EXAMPLE,DC=COM",
        "BIND_AUTH": "secretpass",
        "USER_SEARCH": {"base": "DC=EXAMPLE,DC=COM",
                        "filter": "(| (& (ou=Payroll)
                                         (uid=%(username)s))
                                      (& (ou=Facilities)
                                         (uid=%(username)s)))"
                        },
        "KEY_MAP": {"email": "mail",
                    "name": "cn"
                }
    }
}