default_config.xml

   1 <?xml version="1.0" encoding="utf-8"?>
   2
   3 <!--
   4 Default PLC configuration file
   5
   6 Mark Huang <mlhuang@cs.princeton.edu>
   7 Copyright (C) 2006 The Trustees of Princeton University
   8
   9 $Id$
  10 -->
  11
  12 <!DOCTYPE configuration PUBLIC "-//PlanetLab Central//DTD PLC configuration//EN" "plc_config.dtd">
  13
  14 <configuration>
  15   <variables>
  16     <category id="plc">
  17       <name>System</name>
  18       <description>Basic system variables. Be sure that the values of
  19       these variables are the same across all machines in your
  20       installation.</description>
  21
  22       <variablelist>
  23         <variable id="name" type="string">
  24           <name>Name</name>
  25           <value>PlanetLab Test</value>
  26           <description>The name of this PLC installation. It is used in
  27           the name of the default system site (e.g., PlanetLab Central)
  28           and in the names of various administrative entities (e.g.,
  29           PlanetLab Support).</description>
  30         </variable>
  31
  32         <variable id="slice_prefix" type="string">
  33           <name>Slice Prefix</name>
  34           <value>pl</value>
  35           <description>The abbreviated name of this PLC
  36           installation. It is used as the prefix for system slices
  37           (e.g., pl_conf). Warning: Currently, this variable should
  38           not be changed.</description>
  39         </variable>
  40
  41         <variable id="root_user" type="email">
  42           <name>Root Account</name>
  43           <value>root@localhost.localdomain</value>
  44           <description>The name of the initial administrative
  45           account. We recommend that this account be used only to create
  46           additional accounts associated with real
  47           administrators, then disabled.</description>
  48         </variable>
  49
  50         <variable id="root_password" type="password">
  51           <name>Root Password</name>
  52           <value>root</value>
  53           <description>The password of the initial administrative
  54           account. Also the password of the root account on the Boot
  55           CD.</description>
  56         </variable>
  57
  58         <!-- The following are not actually meant to be configurable
  59              as variables. The web interface should allow the file to
  60              be downloaded, or its contents replaced by a file upload,
  61              but the actual <value> shouldn't need to be changed.  -->
  62
  63         <variable id="root_ssh_key_pub" type="file">
  64           <name>Root SSH Public Key</name>
  65           <value>/etc/planetlab/root_ssh_key.pub</value>
  66           <description>The SSH public key used to access the root
  67           account on your nodes.</description>
  68         </variable>
  69
  70         <variable id="root_ssh_key" type="file">
  71           <name>Root SSH Private Key</name>
  72           <value>/etc/planetlab/root_ssh_key.rsa</value>
  73           <description>The SSH private key used to access the root
  74           account on your nodes.</description>
  75         </variable>
  76
  77         <variable id="debug_ssh_key_pub" type="file">
  78           <name>Debug SSH Public Key</name>
  79           <value>/etc/planetlab/debug_ssh_key.pub</value>
  80           <description>The SSH public key used to access the root
  81           account on your nodes when they are in Debug mode.</description>
  82         </variable>
  83
  84         <variable id="debug_ssh_key" type="file">
  85           <name>Debug SSH Private Key</name>
  86           <value>/etc/planetlab/debug_ssh_key.rsa</value>
  87           <description>The SSH private key used to access the root
  88           account on your nodes when they are in Debug mode.</description>
  89         </variable>
  90
  91         <variable id="root_gpg_key_pub" type="file">
  92           <name>Root GPG Public Keyring</name>
  93           <value>/etc/planetlab/pubring.gpg</value>
  94           <description>The GPG public keyring used to sign the Boot
  95           Manager and all node packages.</description>
  96         </variable>
  97
  98         <variable id="root_gpg_key" type="file">
  99           <name>Root GPG Private Keyring</name>
 100           <value>/etc/planetlab/secring.gpg</value>
 101           <description>The SSH private key used to access the root
 102           account on your nodes.</description>
 103         </variable>
 104       </variablelist>
 105     </category>
 106
 107     <category id="plc_net">
 108       <name>Network</name>
 109       <description>Network environment.</description>
 110
 111       <variablelist>
 112         <variable id="dns1" type="ip">
 113           <name>Primary DNS Server</name>
 114           <value>127.0.0.1</value>
 115           <description>Primary DNS server address.</description>
 116         </variable>
 117
 118         <variable id="dns2" type="ip">
 119           <name>Secondary DNS Server</name>
 120           <value></value>
 121           <description>Secondary DNS server address.</description>
 122         </variable>
 123       </variablelist>
 124     </category>
 125
 126     <category id="plc_dns">
 127       <name>DNS</name>
 128       <description>MyPLC can provide forward DNS resolution for itself
 129       and for its nodes. To enable resolution for MyPLC itself, set
 130       the Primary DNS Server address to 127.0.0.1 and provide external
 131       IP addresses for the database, API, web, and boot servers
 132       below. To enable resolution for nodes, use the external IP
 133       address of this machine as the primary DNS server address for
 134       each node.</description>
 135
 136       <variablelist>
 137         <variable id="enabled" type="boolean">
 138           <name>Enable DNS</name>
 139           <value>true</value>
 140           <description>Enable the internal DNS server. The server does
 141           not provide reverse resolution and is not a production
 142           quality or scalable DNS solution. Use the internal DNS
 143           server only for small deployments or for
 144           testing.</description>
 145         </variable>
 146       </variablelist>
 147     </category>
 148
 149     <category id="plc_mail">
 150       <name>Mail</name>
 151       <description>Many maintenance scripts, as well as the API and
 152       web site themselves, send e-mail notifications and
 153       warnings.</description>
 154
 155       <variablelist>
 156         <variable id="enabled" type="boolean">
 157           <name>Enable Mail</name>
 158           <value>false</value>
 159           <description>Set to false to suppress all e-mail notifications
 160           and warnings.</description>
 161         </variable>
 162
 163         <variable id="support_address" type="email">
 164           <name>Support Address</name>
 165           <value>root+support@localhost.localdomain</value>
 166           <description>This address is used for support
 167           requests. Support requests may include traffic complaints,
 168           security incident reporting, web site malfunctions, and
 169           general requests for information. We recommend that the
 170           address be aliased to a ticketing system such as Request
 171           Tracker.</description>
 172         </variable>
 173
 174         <variable id="boot_address" type="email">
 175           <name>Boot Messages Address</name>
 176           <value>root+install-msgs@localhost.localdomain</value>
 177           <description>The API will notify this address when a problem
 178           occurs during node installation or boot.</description>
 179         </variable>
 180
 181         <variable id="mom_list_address" type="email">
 182           <name>Mom List Address</name>
 183           <value>root+mom@localhost.localdomain</value>
 184           <description>This address is used by operations staff
 185           to monitor Mom (formerly pl_mom) messages indicating
 186           excessive BW or memory usage by a slice.  Mom messages sent
 187           to slices will be cc'ed to this list so as not to clog
 188           the Support Address list.</description>
 189         </variable>
 190
 191         <variable id="slice_address" type="email">
 192           <name>Slice Address</name>
 193           <value>root+SLICE@localhost.localdomain</value>
 194           <description>This address template is used for sending
 195           e-mail notifications to slices. SLICE will be replaced with
 196           the name of the slice.</description>
 197         </variable>
 198       </variablelist>
 199     </category>
 200
 201     <category id="plc_db">
 202       <name>Database Server</name>
 203       <description>Database server definitions.</description>
 204
 205       <variablelist>
 206         <variable id="enabled" type="boolean">
 207           <name>Enabled</name>
 208           <value>true</value>
 209           <description>Enable the database server on this
 210           machine.</description>
 211         </variable>
 212
 213         <variable id="type" type="string">
 214           <name>Type</name>
 215           <value>postgresql</value>
 216           <description>The type of database server. Currently, only
 217           postgresql is supported.</description>
 218         </variable>
 219
 220         <variable id="host" type="hostname">
 221           <name>Hostname</name>
 222           <value>localhost.localdomain</value>
 223           <description>The fully qualified hostname of the database
 224           server.</description>
 225         </variable>
 226
 227         <variable id="ip" type="ip">
 228           <name>IP Address</name>
 229           <value/>
 230           <description>The IP address of the database server, if not
 231           resolvable.</description>
 232         </variable>
 233
 234         <variable id="port" type="int">
 235           <name>Port</name>
 236           <value>5432</value>
 237           <description>The TCP port number through which the database
 238           server should be accessed.</description>
 239         </variable>
 240
 241         <variable id="name" type="string">
 242           <name>Database Name</name>
 243           <value>planetlab4</value>
 244           <description>The name of the database to access.</description>
 245         </variable>
 246
 247         <variable id="user" type="string">
 248           <name>Database Username</name>
 249           <value>pgsqluser</value>
 250           <description>The username to use when accessing the
 251           database.</description>
 252         </variable>
 253
 254         <variable id="password" type="password">
 255           <name>Database Password</name>
 256           <value></value>
 257           <description>The password to use when accessing the
 258           database. If left blank, one will be
 259           generated.</description>
 260         </variable>
 261       </variablelist>
 262     </category>
 263
 264     <category id="plc_api">
 265       <name>API Server</name>
 266       <description>API (XML-RPC) server definitions.</description>
 267
 268       <variablelist>
 269         <variable id="enabled" type="boolean">
 270           <name>Enabled</name>
 271           <value>true</value>
 272           <description>Enable the API server on this
 273           machine.</description>
 274         </variable>
 275
 276         <variable id="debug" type="boolean">
 277           <name>Debug</name>
 278           <value>false</value>
 279           <description>Enable verbose API debugging. Do not enable on
 280           a production system!</description>
 281         </variable>
 282
 283         <variable id="host" type="hostname">
 284           <name>Hostname</name>
 285           <value>localhost.localdomain</value>
 286           <description>The fully qualified hostname of the API
 287           server.</description>
 288         </variable>
 289
 290         <variable id="ip" type="ip">
 291           <name>IP Address</name>
 292           <value/>
 293           <description>The IP address of the API server, if not
 294           resolvable.</description>
 295         </variable>
 296
 297         <variable id="ipod_subnet" type="ip">
 298           <name>IP Subnet</name>
 299           <value>127.0.0.1</value>
 300           <description>The IP Subnet for all API servers.
 301           Used to identify IPoD packet senders.</description>
 302         </variable>
 303
 304         <variable id="ipod_mask" type="ip">
 305           <name>IP Mask</name>
 306           <value>255.255.255.255</value>
 307           <description>The IP Mask that should be applied to incoming
 308           packets to match the IP Subnet for IPoD packets.</description>
 309         </variable>
 310
 311         <variable id="port" type="int">
 312           <name>Port</name>
 313           <value>443</value>
 314           <description>The TCP port number through which the API
 315           should be accessed.</description>
 316         </variable>
 317
 318         <variable id="path" type="string">
 319           <name>Path</name>
 320           <value>/PLCAPI/</value>
 321           <description>The base path of the API URL.</description>
 322         </variable>
 323
 324         <variable id="maintenance_user" type="string">
 325           <name>Maintenance User</name>
 326           <value>maint@localhost.localdomain</value>
 327           <description>The username of the maintenance account. This
 328           account is used by local scripts that perform automated
 329           tasks, and cannot be used for normal logins.</description>
 330         </variable>
 331
 332         <variable id="maintenance_password" type="password">
 333           <name>Maintenance Password</name>
 334           <value></value>
 335           <description>The password of the maintenance account. If
 336           left blank, one will be generated. We recommend that the
 337           password be changed periodically.</description>
 338         </variable>
 339
 340         <variable id="maintenance_sources" type="hostname">
 341           <name>Authorized Hosts</name>
 342           <value></value>
 343           <description>A space-separated list of IP addresses allowed
 344           to access the API through the maintenance account. The value
 345           of this variable is set automatically to allow only the API,
 346           web, and boot servers, and should not be
 347           changed.</description>
 348         </variable>
 349
 350         <!-- The following are not actually meant to be configurable
 351              as variables. The web interface should allow the file to
 352              be downloaded, or its contents replaced by a file upload,
 353              but the actual <value> shouldn't need to be changed.  -->
 354
 355         <variable id="ssl_key" type="file">
 356           <name>SSL Private Key</name>
 357           <value>/etc/planetlab/api_ssl.key</value>
 358           <description>The SSL private key to use for encrypting HTTPS
 359           traffic. If non-existent, one will be
 360           generated.</description>
 361         </variable>
 362
 363         <variable id="ssl_crt" type="file">
 364           <name>SSL Public Certificate</name>
 365           <value>/etc/planetlab/api_ssl.crt</value>
 366           <description>The corresponding SSL public certificate. By
 367           default, this certificate is self-signed. You may replace
 368           the certificate later with one signed by a root
 369           CA.</description>
 370         </variable>
 371
 372         <variable id="ca_ssl_crt" type="file">
 373           <name>Root CA SSL Public Certificate</name>
 374           <value>/etc/planetlab/api_ca_ssl.crt</value>
 375           <description>The certificate of the root CA, if any, that
 376           signed your server certificate. If your server certificate is
 377           self-signed, then this file is the same as your server
 378           certificate.</description>
 379         </variable>
 380       </variablelist>
 381     </category>
 382
 383     <category id="plc_www">
 384       <name>Web Server</name>
 385       <description>Web server definitions.</description>
 386
 387       <variablelist>
 388         <variable id="enabled" type="boolean">
 389           <name>Enabled</name>
 390           <value>true</value>
 391           <description>Enable the web server on this
 392           machine.</description>
 393         </variable>
 394
 395         <variable id="debug" type="boolean">
 396           <name>Debug</name>
 397           <value>false</value>
 398           <description>Enable debugging output on web pages. Do not
 399           enable on a production system!</description>
 400         </variable>
 401
 402         <variable id="host" type="hostname">
 403           <name>Hostname</name>
 404           <value>localhost.localdomain</value>
 405           <description>The fully qualified hostname of the web
 406           server.</description>
 407         </variable>
 408
 409         <variable id="ip" type="ip">
 410           <name>IP Address</name>
 411           <value/>
 412           <description>The IP address of the web server, if not
 413           resolvable.</description>
 414         </variable>
 415
 416         <variable id="port" type="int">
 417           <name>Port</name>
 418           <value>80</value>
 419           <description>The TCP port number through which the
 420           unprotected portions of the web site should be
 421           accessed.</description>
 422         </variable>
 423
 424         <variable id="ssl_port" type="int">
 425           <name>SSL Port</name>
 426           <value>443</value>
 427           <description>The TCP port number through which the protected
 428           portions of the web site should be accessed.</description>
 429         </variable>
 430
 431         <!-- The following are not actually meant to be configurable
 432              as variables. The web interface should allow the file to
 433              be downloaded, or its contents replaced by a file upload,
 434              but the actual <value> shouldn't need to be changed.  -->
 435
 436         <variable id="ssl_key" type="file">
 437           <name>SSL Private Key</name>
 438           <value>/etc/planetlab/www_ssl.key</value>
 439           <description>The SSL private key to use for encrypting HTTPS
 440           traffic. If non-existent, one will be
 441           generated.</description>
 442         </variable>
 443
 444         <variable id="ssl_crt" type="file">
 445           <name>SSL Public Certificate</name>
 446           <value>/etc/planetlab/www_ssl.crt</value>
 447           <description>The corresponding SSL public certificate for
 448           the HTTP server. By default, this certificate is
 449           self-signed. You may replace the certificate later with one
 450           signed by a root CA.</description>
 451         </variable>
 452
 453         <variable id="ca_ssl_crt" type="file">
 454           <name>Root CA SSL Public Certificate</name>
 455           <value>/etc/planetlab/www_ca_ssl.crt</value>
 456           <description>The certificate of the root CA, if any, that
 457           signed your server certificate. If your server certificate is
 458           self-signed, then this file is the same as your server
 459           certificate.</description>
 460         </variable>
 461       </variablelist>
 462     </category>
 463
 464     <category id="plc_boot">
 465       <name>Boot Server</name>
 466       <description>Boot server definitions. Multiple boot servers
 467       may be brought up for load balancing, but we recommend that a
 468       single DNS round-robin system be implemented so that the
 469       following variables are the same across all of
 470       them.</description>
 471
 472       <variablelist>
 473         <variable id="enabled" type="boolean">
 474           <name>Enabled</name>
 475           <value>true</value>
 476           <description>Enable the boot server on this
 477           machine.</description>
 478         </variable>
 479
 480         <variable id="host" type="hostname">
 481           <name>Hostname</name>
 482           <value>localhost.localdomain</value>
 483           <description>The fully qualified hostname of the boot
 484           server.</description>
 485         </variable>
 486
 487         <variable id="ip" type="ip">
 488           <name>IP Address</name>
 489           <value/>
 490           <description>The IP address of the boot server, if not
 491           resolvable.</description>
 492         </variable>
 493
 494         <variable id="port" type="int">
 495           <name>Port</name>
 496           <value>80</value>
 497           <description>The TCP port number through which the
 498           unprotected portions of the boot server should be
 499           accessed.</description>
 500         </variable>
 501
 502         <variable id="ssl_port" type="int">
 503           <name>SSL Port</name>
 504           <value>443</value>
 505           <description>The TCP port number through which the protected
 506           portions of the boot server should be
 507           accessed.</description>
 508         </variable>
 509
 510         <!-- The following are not actually meant to be configurable
 511              as variables. The web interface should allow the file to
 512              be downloaded, or its contents replaced by a file upload,
 513              but the actual <value> shouldn't need to be changed.  -->
 514
 515         <variable id="ssl_key" type="file">
 516           <name>SSL Private Key</name>
 517           <value>/etc/planetlab/boot_ssl.key</value>
 518           <description>The SSL private key to use for encrypting HTTPS
 519           traffic.</description>
 520         </variable>
 521
 522         <variable id="ssl_crt" type="file">
 523           <name>SSL Public Certificate</name>
 524           <value>/etc/planetlab/boot_ssl.crt</value>
 525           <description>The corresponding SSL public certificate for
 526           the HTTP server. By default, this certificate is
 527           self-signed. You may replace the certificate later with one
 528           signed by a root CA.</description>
 529         </variable>
 530
 531         <variable id="ca_ssl_crt" type="file">
 532           <name>Root CA SSL Public Certificate</name>
 533           <value>/etc/planetlab/boot_ca_ssl.crt</value>
 534           <description>The certificate of the root CA, if any, that
 535           signed your server certificate. If your server certificate is
 536           self-signed, then this file is the same as your server
 537           certificate.</description>
 538         </variable>
 539       </variablelist>
 540     </category>
 541
 542
 543     <category id="plc_planetflow">
 544       <name>PlanetFlow Service Configuration</name>
 545       <description>Planetflow service definitions used in the netflow slice. </description>
 546
 547       <variablelist>
 548         <variable id="host" type="hostname">
 549                 <name>Hostname</name>
 550                 <value>localhost.localdomain</value>
 551                 <description>The fully qualified hostname of the boot
 552                 server.</description>
 553         </variable>
 554       </variablelist>
 555     </category>
 556   </variables>
 557
 558   <comps>
 559     <!-- deprecated - not used anymore - use .lst files instead -->
 560   </comps>
 561
 562 </configuration>