2 <!DOCTYPE configuration PUBLIC "-//PlanetLab Central//DTD PLC configuration//EN" "configuration.dtd">
8 <description>Basic system variables. Be sure that the values of
9 these variables are the same across all machines in your
10 installation.</description>
13 <variable id="name" type="string">
15 <value>PlanetLab Test</value>
16 <description>The name of this PLC installation. It is used in
17 the name of the default system site (e.g., PlanetLab Central)
18 and in the names of various administrative entities (e.g.,
19 PlanetLab Support).</description>
22 <variable id="slice_prefix" type="string">
23 <name>Slice Prefix</name>
25 <description>The abbreviated name of this PLC
26 installation. It is used as the prefix for system slices
27 (e.g., pl_conf). Warning: Currently, this variable should
28 not be changed.</description>
31 <variable id="root_user" type="password">
32 <name>Root Account</name>
33 <value>root@test.planet-lab.org</value>
34 <description>The name of the initial administrative
35 account. We recommend that this account be used only to create
36 additional accounts associated with real
37 administrators, then disabled.</description>
40 <variable id="root_password" type="password">
41 <name>Root Password</name>
43 <description>The password of the initial administrative
44 account. Also the password of the root account on the Boot
48 <!-- The following are not actually meant to be configurable
49 as variables. The web interface should allow the file to
50 be downloaded, or its contents replaced by a file upload,
51 but the actual <value> shouldn't need to be changed. -->
53 <variable id="root_ssh_key_pub" type="file">
54 <name>Root SSH Public Key</name>
55 <value>/etc/planetlab/root_ssh_key.pub</value>
56 <description>The SSH public key used to access the root
57 account on your nodes.</description>
60 <variable id="root_ssh_key" type="file">
61 <name>Root SSH Private Key</name>
62 <value>/etc/planetlab/root_ssh_key.rsa</value>
63 <description>The SSH private key used to access the root
64 account on your nodes.</description>
67 <variable id="debug_ssh_key_pub" type="file">
68 <name>Debug SSH Public Key</name>
69 <value>/etc/planetlab/debug_ssh_key.pub</value>
70 <description>The SSH public key used to access the root
71 account on your nodes when they are in Debug mode.</description>
74 <variable id="debug_ssh_key" type="file">
75 <name>Debug SSH Private Key</name>
76 <value>/etc/planetlab/debug_ssh_key.rsa</value>
77 <description>The SSH private key used to access the root
78 account on your nodes when they are in Debug mode.</description>
81 <variable id="root_gpg_key_pub" type="file">
82 <name>Root GPG Public Keyring</name>
83 <value>/etc/planetlab/pubring.gpg</value>
84 <description>The GPG public keyring used to sign the Boot
85 Manager and all node packages.</description>
88 <variable id="root_gpg_key" type="file">
89 <name>Root GPG Private Keyring</name>
90 <value>/etc/planetlab/secring.gpg</value>
91 <description>The SSH private key used to access the root
92 account on your nodes.</description>
97 <category id="plc_net">
99 <description>Network environment.</description>
102 <variable id="dns1" type="ip">
103 <name>Primary DNS Server</name>
104 <value>128.112.136.10</value>
105 <description>Primary DNS server address.</description>
108 <variable id="dns2" type="ip">
109 <name>Secondary DNS Server</name>
110 <value>128.112.136.12</value>
111 <description>Secondary DNS server address.</description>
116 <category id="plc_mail">
118 <description>Many maintenance scripts, as well as the API and
119 web site themselves, send e-mail notifications and
120 warnings.</description>
123 <variable id="enabled" type="boolean">
124 <name>Enable Mail</name>
126 <description>Set to false to suppress all e-mail notifications
127 and warnings.</description>
130 <variable id="support_address">
131 <name>Support Address</name>
132 <value>root@localhost</value>
133 <description>This address is used for support
134 requests. Support requests may include traffic complaints,
135 security incident reporting, web site malfunctions, and
136 general requests for information. We recommend that the
137 address be aliased to a ticketing system such as Request
138 Tracker.</description>
141 <variable id="boot_address">
142 <name>Boot Messages Address</name>
143 <value>root@localhost</value>
144 <description>The API will notify this address when a problem
145 occurs during node installation or boot. If a domain is not
146 specified, the default system domain will be used
152 <category id="plc_db">
153 <name>Database Server</name>
154 <description>Database server definitions.</description>
157 <variable id="enabled" type="boolean">
160 <description>Enable the database server on this
161 machine.</description>
164 <variable id="type" type="string">
166 <value>postgresql</value>
167 <description>The type of database server. Currently, only
168 postgresql is supported.</description>
171 <variable id="host" type="hostname">
172 <name>Hostname</name>
173 <value>localhost</value>
174 <description>The fully qualified hostname or IP address of
175 the database server. This hostname must be resolvable and
176 reachable by the rest of your installation.</description>
179 <variable id="name" type="string">
180 <name>Database Name</name>
181 <value>planetlab3</value>
182 <description>The name of the database to access.</description>
185 <variable id="user" type="string">
186 <name>Database Username</name>
187 <value>pgsqluser</value>
188 <description>The username to use when accessing the
189 database.</description>
192 <variable id="password" type="password">
193 <name>Database Password</name>
195 <description>The password to use when accessing the
196 database. If left blank, one will be
197 generated.</description>
202 <category id="plc_api">
203 <name>API Server</name>
204 <description>API (XML-RPC) server definitions.</description>
207 <variable id="enabled" type="boolean">
210 <description>Enable the API server on this
211 machine.</description>
214 <variable id="debug" type="boolean">
217 <description>Enable verbose API debugging. Do not enable on
218 a production system!</description>
221 <variable id="host" type="hostname">
222 <name>Hostname</name>
223 <value>localhost</value>
224 <description>The fully qualified hostname or IP address of
225 the API server. This hostname must be resolvable and
226 reachable by the rest of your installation, as well as your
230 <variable id="port" type="int">
233 <description>The TCP port number through which the API
234 should be accessed. Warning: SSL (port 443) access is not
235 fully supported by the website code yet. We recommend that
236 port 80 be used for now and that the API server either run
237 on the same machine as the web server, or that they both be
238 on a secure wired network.</description>
241 <variable id="path" type="string">
243 <value>/PLCAPI/</value>
244 <description>The base path of the API URL.</description>
247 <variable id="maintenance_user" type="string">
248 <name>Maintenance User</name>
249 <value>maint@test.planet-lab.org</value>
250 <description>The username of the maintenance account. This
251 account is used by local scripts that perform automated
252 tasks, and cannot be used for normal logins.</description>
255 <variable id="maintenance_password" type="password">
256 <name>Maintenance Password</name>
258 <description>The password of the maintenance account. If
259 left blank, one will be generated. We recommend that the
260 password be changed periodically.</description>
263 <variable id="maintenance_sources" type="hostname">
264 <name>Authorized Hosts</name>
266 <description>A space-separated list of IP addresses allowed
267 to access the API through the maintenance account. If left
268 blank, the API, web, and boot servers are
269 allowed.</description>
272 <!-- The following are not actually meant to be configurable
273 as variables. The web interface should allow the file to
274 be downloaded, or its contents replaced by a file upload,
275 but the actual <value> shouldn't need to be changed. -->
277 <variable id="ssl_crt" type="file">
278 <name>SSL Certificate</name>
279 <value>/etc/planetlab/api_ssl.crt</value>
280 <description>The signed SSL certificate to use for HTTPS
281 access. If not specified or non-existent, a self-signed
282 certificate will be generated.</description>
285 <variable id="ssl_key" type="file">
287 <value>/etc/planetlab/api_ssl.key</value>
288 <description>The corresponding SSL private key used for
289 signing the certificate, and for signing slice tickets. If
290 not specified or non-existent, one will be
291 generated.</description>
294 <variable id="ssl_key_pub" type="file">
296 <value>/etc/planetlab/api_ssl.pub</value>
297 <description>The corresponding SSL public key. If not
298 specified or non-existent, one will be
299 generated.</description>
304 <category id="plc_www">
305 <name>Web Server</name>
306 <description>Web server definitions.</description>
309 <variable id="enabled" type="boolean">
312 <description>Enable the web server on this
313 machine.</description>
316 <variable id="debug" type="boolean">
319 <description>Enable debugging output on web pages. Do not
320 enable on a production system!</description>
323 <variable id="host" type="hostname">
324 <name>Hostname</name>
325 <value>localhost</value>
326 <description>The fully qualified hostname or IP address of
327 the web server. This hostname must be resolvable and
328 reachable by the rest of your installation, as well as your
332 <variable id="port" type="int">
335 <description>The TCP port number through which the
336 unprotected portions of the web site should be
337 accessed.</description>
340 <variable id="ssl_port" type="int">
341 <name>SSL Port</name>
343 <description>The TCP port number through which the protected
344 portions of the web site should be accessed.</description>
347 <!-- The following are not actually meant to be configurable
348 as variables. The web interface should allow the file to
349 be downloaded, or its contents replaced by a file upload,
350 but the actual <value> shouldn't need to be changed. -->
352 <variable id="ssl_crt" type="file">
353 <name>SSL Certificate</name>
354 <value>/etc/planetlab/www_ssl.crt</value>
355 <description>The signed SSL certificate to use for HTTPS
356 access. If not specified or non-existent, a self-signed
357 certificate will be generated.</description>
360 <variable id="ssl_key" type="file">
362 <value>/etc/planetlab/www_ssl.key</value>
363 <description>The corresponding SSL private key. If not
364 specified or non-existent, one will be
365 generated.</description>
370 <category id="plc_boot">
371 <name>Boot Server</name>
372 <description>Boot server definitions. Multiple boot servers
373 may be brought up for load balancing, but we recommend that a
374 single DNS round-robin system be implemented so that the
375 following variables are the same across all of
379 <variable id="enabled" type="boolean">
382 <description>Enable the boot server on this
383 machine.</description>
386 <variable id="host" type="hostname">
387 <name>Hostname</name>
388 <value>localhost</value>
389 <description>The fully qualified hostname or IP address of
390 the boot server. This hostname must be resolvable and
391 reachable by the rest of your installation, as well as your
395 <variable id="port" type="int">
398 <description>The TCP port number through which the
399 unprotected portions of the boot server should be
400 accessed.</description>
403 <variable id="ssl_port" type="int">
404 <name>SSL Port</name>
406 <description>The TCP port number through which the protected
407 portions of the boot server should be
408 accessed.</description>
411 <!-- The following are not actually meant to be configurable
412 as variables. The web interface should allow the file to
413 be downloaded, or its contents replaced by a file upload,
414 but the actual <value> shouldn't need to be changed. -->
416 <variable id="ssl_crt" type="binary">
417 <name>SSL Certificate</name>
418 <value>/etc/planetlab/boot_ssl.crt</value>
419 <description>The signed SSL certificate to use for HTTPS
420 access. If not specified, or non-existent a self-signed
421 certificate will be generated.</description>
424 <variable id="ssl_key" type="binary">
426 <value>/etc/planetlab/boot_ssl.key</value>
427 <description>The corresponding SSL private key. If not
428 specified or non-existent, one will be
429 generated.</description>
438 <name>PlanetLab Central</name>
439 <default>true</default>
440 <description>PlanetLab Central Packages</description>
441 <uservisible>true</uservisible>
443 <!-- Sending mail -->
444 <packagereq type="mandatory">sendmail</packagereq>
445 <packagereq type="mandatory">sendmail-cf</packagereq>
447 <!-- (Optional) Synchronizing with PLC -->
448 <packagereq type="mandatory">rsync</packagereq>
451 <packagereq type="mandatory">vixie-cron</packagereq>
453 <!-- Other utilities -->
454 <packagereq type="mandatory">cvs</packagereq>
455 <packagereq type="mandatory">curl</packagereq>
456 <packagereq type="mandatory">wget</packagereq>
458 <!-- yum >=2.2 uses a new repository format -->
459 <packagereq type="mandatory">createrepo</packagereq>
461 <!-- For mkpasswd -->
462 <packagereq type="mandatory">expect</packagereq>
464 <!-- Almost all scripts are written in Python -->
465 <packagereq type="mandatory">python</packagereq>
467 <!-- For various Python scripts that access the API -->
468 <packagereq type="mandatory">plcapilib</packagereq>
470 <!-- Database server -->
471 <packagereq type="mandatory">postgresql</packagereq>
472 <packagereq type="mandatory">postgresql-server</packagereq>
473 <packagereq type="mandatory">postgresql-python</packagereq>
475 <!-- (Secure) web server -->
476 <packagereq type="mandatory">httpd</packagereq>
477 <packagereq type="mandatory">mod_ssl</packagereq>
479 <!-- Web pages are written primarily in PHP. A few pages still
480 access the DB directly. -->
481 <packagereq type="mandatory">php</packagereq>
482 <packagereq type="mandatory">php-pgsql</packagereq>
483 <packagereq type="mandatory">php-xmlrpc</packagereq>
485 <!-- Need GD for ImageCreate(), etc. -->
486 <packagereq type="mandatory">gd</packagereq>
487 <packagereq type="mandatory">php-gd</packagereq>
489 <!-- API server is implemented in mod_python -->
490 <packagereq type="mandatory">mod_python</packagereq>
492 <!-- API server uses a few non-standard packages -->
493 <packagereq type="mandatory">PyXML</packagereq>
495 <!-- API server uses SSL to sign tickets -->
496 <packagereq type="mandatory">xmlsec1</packagereq>
497 <packagereq type="mandatory">xmlsec1-openssl</packagereq>
498 <packagereq type="mandatory">openssl</packagereq>
500 <!-- bootcd is generated using mkisofs -->
501 <packagereq type="mandatory">mkisofs</packagereq>
503 <!-- bootcd and bootmanager images are signed using GPG -->
504 <packagereq type="mandatory">gnupg</packagereq>
506 <!-- bootmanager requires uuencode -->
507 <packagereq type="mandatory">sharutils</packagereq>