Setting up an arvbox dev federation

For development of federation features, you can run multiple arvbox instances and configure them for federation.

Create two arvbox instances

$ export ARVBOX_CONTAINER=cluster1
$ arvbox start dev
$ export ARVBOX_CONTAINER=cluster2
$ arvbox start dev

Make note of the cluster ids and IP addresses. In this example cluster1 is 1b7fr and cluster2 is 2gvh8.

Note that Docker assigns IP addresses sequentially. To ensure you get the same IP addresses each time you'll need to start cluster1 first, followed by cluster2, and you don't want any other containers running.

Set configuration overrides

Create files ~/.arvbox/cluster[1,2]/arvados/services/api/config/application.yml.override

development:
  remote_hosts:
    1b7fr: 172.17.0.2:8000
    2gvh8: 172.17.0.3:8000
  sso_insecure: true

Create ~/.arvbox/cluster1/var/cluster_config.yml.override

Clusters:
  1b7fr:  # cluster1 id
    RemoteClusters:
      1b7fr:
        Host: 172.17.0.2:8000
        Proxy: true
        Insecure: true
      2gvh8:
        Host: 172.17.0.3:8000
        Proxy: true
        Insecure: true

Create ~/.arvbox/cluster2/var/cluster_config.yml.override

Clusters:
  2gvh8:  # cluster2 id
    RemoteClusters:
      1b7fr:
        Host: 172.17.0.2:8000
        Proxy: true
        Insecure: true
      2gvh8:
        Host: 172.17.0.3:8000
        Proxy: true
        Insecure: true

Restart services

$ export ARVBOX_CONTAINER=cluster1
$ arvbox sv restart api
$ arvbox sv restart controller
$ arvbox sv restart keepstore0
$ arvbox sv restart keepstore1
$ export ARVBOX_CONTAINER=cluster2
$ arvbox sv restart api
$ arvbox sv restart controller
$ arvbox sv restart keepstore0
$ arvbox sv restart keepstore1

Testing

  1. Visit workbench at 172.17.0.2 and create a user account.
  2. Copy the token
  3. Visit workbench at 172.17.0.3?api_token=token_copied_in_previous_step
  4. You should be logged into workbench on the cluster2 with the user from cluster1

At the command line:

$ export ARVADOS_API_HOST=172.17.0.3:8000
$ export ARVADOS_API_HOST_INSECURE=true
$ export ARVADOS_API_TOKEN=token_copied_in_previous_step
$ arv user current

This shows cluster2 accepting a token for cluster1. Look for the "writable_by" field in the response including uuids with both cluster1 and cluster2.