8 Default: PlanetLab Test</para>
9 <para>The name of this PLC installation. It is used in
10 the name of the default system site (e.g., PlanetLab Central)
11 and in the names of various administrative entities (e.g.,
12 PlanetLab Support).</para>
16 <term>PLC_SLICE_PREFIX</term>
22 <para>The abbreviated name of this PLC
23 installation. It is used as the prefix for system slices
24 (e.g., pl_conf). Warning: Currently, this variable should
25 not be changed.</para>
29 <term>PLC_ROOT_USER</term>
34 Default: root@localhost.localdomain</para>
35 <para>The name of the initial administrative
36 account. We recommend that this account be used only to create
37 additional accounts associated with real
38 administrators, then disabled.</para>
42 <term>PLC_ROOT_PASSWORD</term>
48 <para>The password of the initial administrative
49 account. Also the password of the root account on the Boot
54 <term>PLC_ROOT_SSH_KEY_PUB</term>
59 Default: /etc/planetlab/root_ssh_key.pub</para>
60 <para>The SSH public key used to access the root
61 account on your nodes.</para>
65 <term>PLC_ROOT_SSH_KEY</term>
70 Default: /etc/planetlab/root_ssh_key.rsa</para>
71 <para>The SSH private key used to access the root
72 account on your nodes.</para>
76 <term>PLC_DEBUG_SSH_KEY_PUB</term>
81 Default: /etc/planetlab/debug_ssh_key.pub</para>
82 <para>The SSH public key used to access the root
83 account on your nodes when they are in Debug mode.</para>
87 <term>PLC_DEBUG_SSH_KEY</term>
92 Default: /etc/planetlab/debug_ssh_key.rsa</para>
93 <para>The SSH private key used to access the root
94 account on your nodes when they are in Debug mode.</para>
98 <term>PLC_ROOT_GPG_KEY_PUB</term>
103 Default: /etc/planetlab/pubring.gpg</para>
104 <para>The GPG public keyring used to sign the Boot
105 Manager and all node packages.</para>
109 <term>PLC_ROOT_GPG_KEY</term>
114 Default: /etc/planetlab/secring.gpg</para>
115 <para>The SSH private key used to access the root
116 account on your nodes.</para>
120 <term>PLC_ROOT_CA_SSL_KEY</term>
125 Default: /etc/planetlab/root_ca_ssl.key</para>
126 <para>The SSL private key used for signing all other
127 generated certificates. If non-existent, one will be
132 <term>PLC_ROOT_CA_SSL_KEY_PUB</term>
137 Default: /etc/planetlab/root_ca_ssl.pub</para>
138 <para>The corresponding SSL public key.</para>
142 <term>PLC_ROOT_CA_SSL_CRT</term>
147 Default: /etc/planetlab/root_ca_ssl.crt</para>
148 <para>The corresponding SSL public
153 <term>PLC_MA_SA_NAMESPACE</term>
159 <para>The namespace of your MA/SA. This should be a
160 globally unique value assigned by PlanetLab
165 <term>PLC_MA_SA_SSL_KEY</term>
170 Default: /etc/planetlab/ma_sa_ssl.key</para>
171 <para>The SSL private key used for signing documents
172 with the signature of your MA/SA. If non-existent, one will
177 <term>PLC_MA_SA_SSL_KEY_PUB</term>
182 Default: /etc/planetlab/ma_sa_ssl.pub</para>
183 <para>The corresponding SSL public key.</para>
187 <term>PLC_MA_SA_SSL_CRT</term>
192 Default: /etc/planetlab/ma_sa_ssl.crt</para>
193 <para>The corresponding SSL public certificate,
194 signed by the root CA.</para>
198 <term>PLC_MA_SA_API_CRT</term>
203 Default: /etc/planetlab/ma_sa_api.xml</para>
204 <para>The API Certificate for your MA/SA is the SSL
205 public key for your MA/SA embedded in an XML document and
206 signed by the root CA SSL private key. The API Certificate
207 can be used by any PlanetLab node managed by any MA, to
208 verify that your MA/SA public key is valid.</para>
212 <term>PLC_NET_DNS1</term>
217 Default: 127.0.0.1</para>
218 <para>Primary DNS server address.</para>
222 <term>PLC_NET_DNS2</term>
228 <para>Secondary DNS server address.</para>
232 <term>PLC_DNS_ENABLED</term>
238 <para>Enable the internal DNS server. The server does
239 not provide reverse resolution and is not a production
240 quality or scalable DNS solution. Use the internal DNS
241 server only for small deployments or for
246 <term>PLC_MAIL_ENABLED</term>
251 Default: false</para>
252 <para>Set to false to suppress all e-mail notifications
257 <term>PLC_MAIL_SUPPORT_ADDRESS</term>
262 Default: root+support@localhost.localdomain</para>
263 <para>This address is used for support
264 requests. Support requests may include traffic complaints,
265 security incident reporting, web site malfunctions, and
266 general requests for information. We recommend that the
267 address be aliased to a ticketing system such as Request
272 <term>PLC_MAIL_BOOT_ADDRESS</term>
277 Default: root+install-msgs@localhost.localdomain</para>
278 <para>The API will notify this address when a problem
279 occurs during node installation or boot.</para>
283 <term>PLC_MAIL_SLICE_ADDRESS</term>
288 Default: root+SLICE@localhost.localdomain</para>
289 <para>This address template is used for sending
290 e-mail notifications to slices. SLICE will be replaced with
291 the name of the slice.</para>
295 <term>PLC_DB_ENABLED</term>
301 <para>Enable the database server on this
306 <term>PLC_DB_TYPE</term>
311 Default: postgresql</para>
312 <para>The type of database server. Currently, only
313 postgresql is supported.</para>
317 <term>PLC_DB_HOST</term>
320 Type: hostname</para>
322 Default: localhost.localdomain</para>
323 <para>The fully qualified hostname of the database
328 <term>PLC_DB_IP</term>
333 Default: 127.0.0.1</para>
334 <para>The IP address of the database server, if not
335 resolvable by the configured DNS servers.</para>
339 <term>PLC_DB_PORT</term>
345 <para>The TCP port number through which the database
346 server should be accessed.</para>
350 <term>PLC_DB_NAME</term>
355 Default: planetlab3</para>
356 <para>The name of the database to access.</para>
360 <term>PLC_DB_USER</term>
365 Default: pgsqluser</para>
366 <para>The username to use when accessing the
371 <term>PLC_DB_PASSWORD</term>
374 Type: password</para>
377 <para>The password to use when accessing the
378 database. If left blank, one will be
383 <term>PLC_API_ENABLED</term>
389 <para>Enable the API server on this
394 <term>PLC_API_DEBUG</term>
399 Default: false</para>
400 <para>Enable verbose API debugging. Do not enable on
401 a production system!</para>
405 <term>PLC_API_HOST</term>
408 Type: hostname</para>
410 Default: localhost.localdomain</para>
411 <para>The fully qualified hostname of the API
416 <term>PLC_API_IP</term>
421 Default: 127.0.0.1</para>
422 <para>The IP address of the API server, if not
423 resolvable by the configured DNS servers.</para>
427 <term>PLC_API_PORT</term>
433 <para>The TCP port number through which the API
434 should be accessed. Warning: SSL (port 443) access is not
435 fully supported by the website code yet. We recommend that
436 port 80 be used for now and that the API server either run
437 on the same machine as the web server, or that they both be
438 on a secure wired network.</para>
442 <term>PLC_API_PATH</term>
447 Default: /PLCAPI/</para>
448 <para>The base path of the API URL.</para>
452 <term>PLC_API_MAINTENANCE_USER</term>
457 Default: maint@localhost.localdomain</para>
458 <para>The username of the maintenance account. This
459 account is used by local scripts that perform automated
460 tasks, and cannot be used for normal logins.</para>
464 <term>PLC_API_MAINTENANCE_PASSWORD</term>
467 Type: password</para>
470 <para>The password of the maintenance account. If
471 left blank, one will be generated. We recommend that the
472 password be changed periodically.</para>
476 <term>PLC_API_MAINTENANCE_SOURCES</term>
479 Type: hostname</para>
482 <para>A space-separated list of IP addresses allowed
483 to access the API through the maintenance account. The value
484 of this variable is set automatically to allow only the API,
485 web, and boot servers, and should not be
490 <term>PLC_API_SSL_KEY</term>
495 Default: /etc/planetlab/api_ssl.key</para>
496 <para>The SSL private key to use for encrypting HTTPS
497 traffic. If non-existent, one will be
502 <term>PLC_API_SSL_CRT</term>
507 Default: /etc/planetlab/api_ssl.crt</para>
508 <para>The corresponding SSL public certificate,
509 signed by the root CA.</para>
513 <term>PLC_WWW_ENABLED</term>
519 <para>Enable the web server on this
524 <term>PLC_WWW_DEBUG</term>
529 Default: false</para>
530 <para>Enable debugging output on web pages. Do not
531 enable on a production system!</para>
535 <term>PLC_WWW_HOST</term>
538 Type: hostname</para>
540 Default: localhost.localdomain</para>
541 <para>The fully qualified hostname of the web
546 <term>PLC_WWW_IP</term>
551 Default: 127.0.0.1</para>
552 <para>The IP address of the web server, if not
553 resolvable by the configured DNS servers.</para>
557 <term>PLC_WWW_PORT</term>
563 <para>The TCP port number through which the
564 unprotected portions of the web site should be
569 <term>PLC_WWW_SSL_PORT</term>
575 <para>The TCP port number through which the protected
576 portions of the web site should be accessed.</para>
580 <term>PLC_WWW_SSL_KEY</term>
585 Default: /etc/planetlab/www_ssl.key</para>
586 <para>The SSL private key to use for encrypting HTTPS
587 traffic. If non-existent, one will be
592 <term>PLC_WWW_SSL_CRT</term>
597 Default: /etc/planetlab/www_ssl.crt</para>
598 <para>The corresponding SSL public certificate,
599 signed by the root CA.</para>
603 <term>PLC_BOOT_ENABLED</term>
609 <para>Enable the boot server on this
614 <term>PLC_BOOT_HOST</term>
617 Type: hostname</para>
619 Default: localhost.localdomain</para>
620 <para>The fully qualified hostname of the boot
625 <term>PLC_BOOT_IP</term>
630 Default: 127.0.0.1</para>
631 <para>The IP address of the boot server, if not
632 resolvable by the configured DNS servers.</para>
636 <term>PLC_BOOT_PORT</term>
642 <para>The TCP port number through which the
643 unprotected portions of the boot server should be
648 <term>PLC_BOOT_SSL_PORT</term>
654 <para>The TCP port number through which the protected
655 portions of the boot server should be
660 <term>PLC_BOOT_SSL_KEY</term>
665 Default: /etc/planetlab/boot_ssl.key</para>
666 <para>The SSL private key to use for encrypting HTTPS
667 traffic. If non-existent, one will be
672 <term>PLC_BOOT_SSL_CRT</term>
677 Default: /etc/planetlab/boot_ssl.crt</para>
678 <para>The corresponding SSL public certificate,
679 signed by the root CA.</para>