From: Mark Huang Date: Fri, 23 Jun 2006 21:49:17 +0000 (+0000) Subject: regenerate X-Git-Tag: myplc-0_4-rc1~9 X-Git-Url: http://git.onelab.eu/?a=commitdiff_plain;h=a6a9367166ae79455608637203abf8eb4fcb0341;p=myplc.git regenerate --- diff --git a/doc/myplc.pdf b/doc/myplc.pdf index 60617cc..d9f9814 100644 Binary files a/doc/myplc.pdf and b/doc/myplc.pdf differ diff --git a/doc/myplc.php b/doc/myplc.php index 9fd62c3..720182a 100644 --- a/doc/myplc.php +++ b/doc/myplc.php @@ -41,22 +41,22 @@

Table of Contents

-
1. Overview
+
1. Overview
2. Installation
3. Quickstart
3.1. Changing the configuration
-
3.2. Installing nodes
-
3.3. Administering nodes
-
3.4. Creating a slice
+
3.2. Installing nodes
+
3.3. Administering nodes
+
3.4. Creating a slice
-
A. Configuration variables
-
Bibliography
+
A. Configuration variables
+
Bibliography

-1. Overview

+1. Overview

MyPLC is a complete PlanetLab Central (PLC) portable installation contained within a chroot jail. The default installation consists of a web server, an @@ -214,12 +214,14 @@ chkconfig plc on failures occur, you should see output similar to the following:

-

Example 4. A successful MyPLC startup.

+

Example 4. A successful MyPLC startup.

Mounting PLC:                                              [  OK  ]
 PLC: Generating network files:                             [  OK  ]
 PLC: Starting system logger:                               [  OK  ]
 PLC: Starting database server:                             [  OK  ]
 PLC: Generating SSL certificates:                          [  OK  ]
+PLC: Configuring the API:                                  [  OK  ]
+PLC: Updating GPG keys:                                    [  OK  ]
 PLC: Generating SSH keys:                                  [  OK  ]
 PLC: Starting web server:                                  [  OK  ]
 PLC: Bootstrapping the database:                           [  OK  ]
@@ -341,7 +343,7 @@ PLC: Signing node packages:                                [  OK  ]

-3.2. Installing nodes

+3.2. Installing nodes

Install your first node by clicking Add Node under the Nodes tab. Fill in all the appropriate details, then click @@ -365,12 +367,12 @@ PLC: Signing node packages: [ OK ]

-3.3. Administering nodes

+3.3. Administering nodes

You may administer nodes as root by using the SSH key stored in /etc/planetlab/root_ssh_key.rsa.

-

Example 5. Accessing nodes via SSH. Replace +

Example 5. Accessing nodes via SSH. Replace node with the hostname of the node.

ssh -i /etc/planetlab/root_ssh_key.rsa root@node
@@ -393,7 +395,7 @@ PLC: Signing node packages: [ OK ]

-3.4. Creating a slice

+3.4. Creating a slice

Create a slice by clicking Create Slice under the Slices tab. Fill in all the appropriate details, then click Create. Add @@ -408,7 +410,7 @@ PLC: Signing node packages: [ OK ] to determine if it needs to create or delete any slices. You may accelerate this process manually if desired.

-

Example 6. Forcing slice creation on a node.

+

Example 6. Forcing slice creation on a node.

# Update slices.xml immediately
 service plc start crond
 
@@ -420,7 +422,7 @@ vserver pl_conf exec service pl_conf restart

-A. Configuration variables

+A. Configuration variables

Listed below is the set of standard configuration variables and their default values, defined in the template /etc/planetlab/default_config.xml. Additional @@ -525,6 +527,82 @@ vserver pl_conf exec service pl_conf restart

The SSH private key used to access the root account on your nodes.

+
PLC_ROOT_CA_SSL_KEY
+
+

+ Type: file

+

+ Default: /etc/planetlab/root_ca_ssl.key

+

The SSL private key used for signing all other + generated certificates. If non-existent, one will be + generated.

+
+
PLC_ROOT_CA_SSL_KEY_PUB
+
+

+ Type: file

+

+ Default: /etc/planetlab/root_ca_ssl.pub

+

The corresponding SSL public key.

+
+
PLC_ROOT_CA_SSL_CRT
+
+

+ Type: file

+

+ Default: /etc/planetlab/root_ca_ssl.crt

+

The corresponding SSL public + certificate.

+
+
PLC_MA_SA_NAMESPACE
+
+

+ Type: ip

+

+ Default: test

+

The namespace of your MA/SA. This should be a + globally unique value assigned by PlanetLab + Central.

+
+
PLC_MA_SA_SSL_KEY
+
+

+ Type: file

+

+ Default: /etc/planetlab/ma_sa_ssl.key

+

The SSL private key used for signing documents + with the signature of your MA/SA. If non-existent, one will + be generated.

+
+
PLC_MA_SA_SSL_KEY_PUB
+
+

+ Type: file

+

+ Default: /etc/planetlab/ma_sa_ssl.pub

+

The corresponding SSL public key.

+
+
PLC_MA_SA_SSL_CRT
+
+

+ Type: file

+

+ Default: /etc/planetlab/ma_sa_ssl.crt

+

The corresponding SSL public certificate, + signed by the root CA.

+
+
PLC_MA_SA_API_CRT
+
+

+ Type: file

+

+ Default: /etc/planetlab/ma_sa_api.xml

+

The API Certificate for your MA/SA is the SSL + public key for your MA/SA embedded in an XML document and + signed by the root CA SSL private key. The API Certificate + can be used by any PlanetLab node managed by any MA, to + verify that your MA/SA public key is valid.

+
PLC_NET_DNS1

@@ -755,36 +833,24 @@ vserver pl_conf exec service pl_conf restart web, and boot servers, and should not be changed.

-
PLC_API_SSL_CRT
-
-

- Type: file

-

- Default: /etc/planetlab/api_ssl.crt

-

The signed SSL certificate to use for HTTPS - access. If not specified or non-existent, a self-signed - certificate will be generated.

-
PLC_API_SSL_KEY

Type: file

Default: /etc/planetlab/api_ssl.key

-

The corresponding SSL private key used for - signing the certificate, and for signing slice tickets. If - not specified or non-existent, one will be +

The SSL private key to use for encrypting HTTPS + traffic. If non-existent, one will be generated.

-
PLC_API_SSL_KEY_PUB
+
PLC_API_SSL_CRT

Type: file

- Default: /etc/planetlab/api_ssl.pub

-

The corresponding SSL public key. If not - specified or non-existent, one will be - generated.

+ Default: /etc/planetlab/api_ssl.crt

+

The corresponding SSL public certificate, + signed by the root CA.

PLC_WWW_ENABLED
@@ -841,25 +907,24 @@ vserver pl_conf exec service pl_conf restart

The TCP port number through which the protected portions of the web site should be accessed.

-
PLC_WWW_SSL_CRT
+
PLC_WWW_SSL_KEY

Type: file

- Default: /etc/planetlab/www_ssl.crt

-

The signed SSL certificate to use for HTTPS - access. If not specified or non-existent, a self-signed - certificate will be generated.

+ Default: /etc/planetlab/www_ssl.key

+

The SSL private key to use for encrypting HTTPS + traffic. If non-existent, one will be + generated.

-
PLC_WWW_SSL_KEY
+
PLC_WWW_SSL_CRT

Type: file

- Default: /etc/planetlab/www_ssl.key

-

The corresponding SSL private key. If not - specified or non-existent, one will be - generated.

+ Default: /etc/planetlab/www_ssl.crt

+

The corresponding SSL public certificate, + signed by the root CA.

PLC_BOOT_ENABLED
@@ -908,31 +973,30 @@ vserver pl_conf exec service pl_conf restart portions of the boot server should be accessed.

-
PLC_BOOT_SSL_CRT
+
PLC_BOOT_SSL_KEY

- Type: binary

+ Type: file

- Default: /etc/planetlab/boot_ssl.crt

-

The signed SSL certificate to use for HTTPS - access. If not specified, or non-existent a self-signed - certificate will be generated.

+ Default: /etc/planetlab/boot_ssl.key

+

The SSL private key to use for encrypting HTTPS + traffic. If non-existent, one will be + generated.

-
PLC_BOOT_SSL_KEY
+
PLC_BOOT_SSL_CRT

- Type: binary

+ Type: file

- Default: /etc/planetlab/boot_ssl.key

-

The corresponding SSL private key. If not - specified or non-existent, one will be - generated.

+ Default: /etc/planetlab/boot_ssl.crt

+

The corresponding SSL public certificate, + signed by the root CA.

-Bibliography

+Bibliography

[1] Mark Huang. PlanetLab Technical Contact's Guide.

diff --git a/doc/variables.xml b/doc/variables.xml index c3f7af3..87a58e2 100644 --- a/doc/variables.xml +++ b/doc/variables.xml @@ -116,6 +116,98 @@ account on your nodes. + + PLC_ROOT_CA_SSL_KEY + + + Type: file + + Default: /etc/planetlab/root_ca_ssl.key + The SSL private key used for signing all other + generated certificates. If non-existent, one will be + generated. + + + + PLC_ROOT_CA_SSL_KEY_PUB + + + Type: file + + Default: /etc/planetlab/root_ca_ssl.pub + The corresponding SSL public key. + + + + PLC_ROOT_CA_SSL_CRT + + + Type: file + + Default: /etc/planetlab/root_ca_ssl.crt + The corresponding SSL public + certificate. + + + + PLC_MA_SA_NAMESPACE + + + Type: ip + + Default: test + The namespace of your MA/SA. This should be a + globally unique value assigned by PlanetLab + Central. + + + + PLC_MA_SA_SSL_KEY + + + Type: file + + Default: /etc/planetlab/ma_sa_ssl.key + The SSL private key used for signing documents + with the signature of your MA/SA. If non-existent, one will + be generated. + + + + PLC_MA_SA_SSL_KEY_PUB + + + Type: file + + Default: /etc/planetlab/ma_sa_ssl.pub + The corresponding SSL public key. + + + + PLC_MA_SA_SSL_CRT + + + Type: file + + Default: /etc/planetlab/ma_sa_ssl.crt + The corresponding SSL public certificate, + signed by the root CA. + + + + PLC_MA_SA_API_CRT + + + Type: file + + Default: /etc/planetlab/ma_sa_api.xml + The API Certificate for your MA/SA is the SSL + public key for your MA/SA embedded in an XML document and + signed by the root CA SSL private key. The API Certificate + can be used by any PlanetLab node managed by any MA, to + verify that your MA/SA public key is valid. + + PLC_NET_DNS1 @@ -394,18 +486,6 @@ changed. - - PLC_API_SSL_CRT - - - Type: file - - Default: /etc/planetlab/api_ssl.crt - The signed SSL certificate to use for HTTPS - access. If not specified or non-existent, a self-signed - certificate will be generated. - - PLC_API_SSL_KEY @@ -413,22 +493,20 @@ Type: file Default: /etc/planetlab/api_ssl.key - The corresponding SSL private key used for - signing the certificate, and for signing slice tickets. If - not specified or non-existent, one will be + The SSL private key to use for encrypting HTTPS + traffic. If non-existent, one will be generated. - PLC_API_SSL_KEY_PUB + PLC_API_SSL_CRT Type: file - Default: /etc/planetlab/api_ssl.pub - The corresponding SSL public key. If not - specified or non-existent, one will be - generated. + Default: /etc/planetlab/api_ssl.crt + The corresponding SSL public certificate, + signed by the root CA. @@ -499,27 +577,26 @@ - PLC_WWW_SSL_CRT + PLC_WWW_SSL_KEY Type: file - Default: /etc/planetlab/www_ssl.crt - The signed SSL certificate to use for HTTPS - access. If not specified or non-existent, a self-signed - certificate will be generated. + Default: /etc/planetlab/www_ssl.key + The SSL private key to use for encrypting HTTPS + traffic. If non-existent, one will be + generated. - PLC_WWW_SSL_KEY + PLC_WWW_SSL_CRT Type: file - Default: /etc/planetlab/www_ssl.key - The corresponding SSL private key. If not - specified or non-existent, one will be - generated. + Default: /etc/planetlab/www_ssl.crt + The corresponding SSL public certificate, + signed by the root CA. @@ -580,27 +657,26 @@ - PLC_BOOT_SSL_CRT + PLC_BOOT_SSL_KEY - Type: binary + Type: file - Default: /etc/planetlab/boot_ssl.crt - The signed SSL certificate to use for HTTPS - access. If not specified, or non-existent a self-signed - certificate will be generated. + Default: /etc/planetlab/boot_ssl.key + The SSL private key to use for encrypting HTTPS + traffic. If non-existent, one will be + generated. - PLC_BOOT_SSL_KEY + PLC_BOOT_SSL_CRT - Type: binary + Type: file - Default: /etc/planetlab/boot_ssl.key - The corresponding SSL private key. If not - specified or non-existent, one will be - generated. + Default: /etc/planetlab/boot_ssl.crt + The corresponding SSL public certificate, + signed by the root CA.