1 <?xml version="1.0" encoding="utf-8"?>
4 Default PLC configuration file
6 Mark Huang <mlhuang@cs.princeton.edu>
7 Copyright (C) 2006 The Trustees of Princeton University
12 <!DOCTYPE configuration PUBLIC "-//PlanetLab Central//DTD PLC configuration//EN" "plc_config.dtd">
18 <description>Basic system variables. Be sure that the values of
19 these variables are the same across all machines in your
20 installation.</description>
23 <variable id="name" type="string">
25 <value>PlanetLab Test</value>
26 <description>The name of this PLC installation. It is used in
27 the name of the default system site (e.g., PlanetLab Central)
28 and in the names of various administrative entities (e.g.,
29 PlanetLab Support).</description>
32 <variable id="slice_prefix" type="string">
33 <name>Slice Prefix</name>
35 <description>The abbreviated name of this PLC
36 installation. It is used as the prefix for system slices
37 (e.g., pl_conf). Warning: Currently, this variable should
38 not be changed.</description>
41 <variable id="root_user" type="email">
42 <name>Root Account</name>
43 <value>root@localhost.localdomain</value>
44 <description>The name of the initial administrative
45 account. We recommend that this account be used only to create
46 additional accounts associated with real
47 administrators, then disabled.</description>
50 <variable id="root_password" type="password">
51 <name>Root Password</name>
53 <description>The password of the initial administrative
54 account. Also the password of the root account on the Boot
58 <!-- The following are not actually meant to be configurable
59 as variables. The web interface should allow the file to
60 be downloaded, or its contents replaced by a file upload,
61 but the actual <value> shouldn't need to be changed. -->
63 <variable id="root_ssh_key_pub" type="file">
64 <name>Root SSH Public Key</name>
65 <value>/etc/planetlab/root_ssh_key.pub</value>
66 <description>The SSH public key used to access the root
67 account on your nodes.</description>
70 <variable id="root_ssh_key" type="file">
71 <name>Root SSH Private Key</name>
72 <value>/etc/planetlab/root_ssh_key.rsa</value>
73 <description>The SSH private key used to access the root
74 account on your nodes.</description>
77 <variable id="debug_ssh_key_pub" type="file">
78 <name>Debug SSH Public Key</name>
79 <value>/etc/planetlab/debug_ssh_key.pub</value>
80 <description>The SSH public key used to access the root
81 account on your nodes when they are in Debug mode.</description>
84 <variable id="debug_ssh_key" type="file">
85 <name>Debug SSH Private Key</name>
86 <value>/etc/planetlab/debug_ssh_key.rsa</value>
87 <description>The SSH private key used to access the root
88 account on your nodes when they are in Debug mode.</description>
91 <variable id="root_gpg_key_pub" type="file">
92 <name>Root GPG Public Keyring</name>
93 <value>/etc/planetlab/pubring.gpg</value>
94 <description>The GPG public keyring used to sign the Boot
95 Manager and all node packages.</description>
98 <variable id="root_gpg_key" type="file">
99 <name>Root GPG Private Keyring</name>
100 <value>/etc/planetlab/secring.gpg</value>
101 <description>The SSH private key used to access the root
102 account on your nodes.</description>
107 <category id="plc_net">
109 <description>Network environment.</description>
112 <variable id="dns1" type="ip">
113 <name>Primary DNS Server</name>
114 <value>127.0.0.1</value>
115 <description>Primary DNS server address.</description>
118 <variable id="dns2" type="ip">
119 <name>Secondary DNS Server</name>
121 <description>Secondary DNS server address.</description>
126 <category id="plc_dns">
128 <description>MyPLC can provide forward DNS resolution for itself
129 and for its nodes. To enable resolution for MyPLC itself, set
130 the Primary DNS Server address to 127.0.0.1 and provide external
131 IP addresses for the database, API, web, and boot servers
132 below. To enable resolution for nodes, use the external IP
133 address of this machine as the primary DNS server address for
134 each node.</description>
137 <variable id="enabled" type="boolean">
138 <name>Enable DNS</name>
140 <description>Enable the internal DNS server. The server does
141 not provide reverse resolution and is not a production
142 quality or scalable DNS solution. Use the internal DNS
143 server only for small deployments or for
144 testing.</description>
149 <category id="plc_mail">
151 <description>Many maintenance scripts, as well as the API and
152 web site themselves, send e-mail notifications and
153 warnings.</description>
156 <variable id="enabled" type="boolean">
157 <name>Enable Mail</name>
159 <description>Set to false to suppress all e-mail notifications
160 and warnings.</description>
163 <variable id="support_address" type="email">
164 <name>Support Address</name>
165 <value>root+support@localhost.localdomain</value>
166 <description>This address is used for support
167 requests. Support requests may include traffic complaints,
168 security incident reporting, web site malfunctions, and
169 general requests for information. We recommend that the
170 address be aliased to a ticketing system such as Request
171 Tracker.</description>
174 <variable id="boot_address" type="email">
175 <name>Boot Messages Address</name>
176 <value>root+install-msgs@localhost.localdomain</value>
177 <description>The API will notify this address when a problem
178 occurs during node installation or boot.</description>
181 <variable id="slice_address" type="email">
182 <name>Slice Address</name>
183 <value>root+SLICE@localhost.localdomain</value>
184 <description>This address template is used for sending
185 e-mail notifications to slices. SLICE will be replaced with
186 the name of the slice.</description>
191 <category id="plc_db">
192 <name>Database Server</name>
193 <description>Database server definitions.</description>
196 <variable id="enabled" type="boolean">
199 <description>Enable the database server on this
200 machine.</description>
203 <variable id="type" type="string">
205 <value>postgresql</value>
206 <description>The type of database server. Currently, only
207 postgresql is supported.</description>
210 <variable id="host" type="hostname">
211 <name>Hostname</name>
212 <value>localhost.localdomain</value>
213 <description>The fully qualified hostname of the database
214 server.</description>
217 <variable id="ip" type="ip">
218 <name>IP Address</name>
219 <value>127.0.0.1</value>
220 <description>The IP address of the database server, if not
221 resolvable by the configured DNS servers.</description>
224 <variable id="port" type="int">
227 <description>The TCP port number through which the database
228 server should be accessed.</description>
231 <variable id="name" type="string">
232 <name>Database Name</name>
233 <value>planetlab4</value>
234 <description>The name of the database to access.</description>
237 <variable id="user" type="string">
238 <name>Database Username</name>
239 <value>pgsqluser</value>
240 <description>The username to use when accessing the
241 database.</description>
244 <variable id="password" type="password">
245 <name>Database Password</name>
247 <description>The password to use when accessing the
248 database. If left blank, one will be
249 generated.</description>
254 <category id="plc_api">
255 <name>API Server</name>
256 <description>API (XML-RPC) server definitions.</description>
259 <variable id="enabled" type="boolean">
262 <description>Enable the API server on this
263 machine.</description>
266 <variable id="debug" type="boolean">
269 <description>Enable verbose API debugging. Do not enable on
270 a production system!</description>
273 <variable id="host" type="hostname">
274 <name>Hostname</name>
275 <value>localhost.localdomain</value>
276 <description>The fully qualified hostname of the API
277 server.</description>
280 <variable id="ip" type="ip">
281 <name>IP Address</name>
282 <value>127.0.0.1</value>
283 <description>The IP address of the API server, if not
284 resolvable by the configured DNS servers.</description>
287 <variable id="ipod_subnet" type="ip">
288 <name>IP SUBNET for all API Servers</name>
289 <value>127.0.0.1</value>
290 <description>The IP Subnet for all API servers. Used by IPoD.</description>
293 <variable id="ipod_mask" type="ip">
294 <name>IP Address</name>
295 <value>255.255.255.255</value>
296 <description>The IP Mask that should be applied to incoming
297 packets to match the IP Subnet for IPoD packets.</description>
300 <variable id="port" type="int">
303 <description>The TCP port number through which the API
304 should be accessed.</description>
307 <variable id="path" type="string">
309 <value>/PLCAPI/</value>
310 <description>The base path of the API URL.</description>
313 <variable id="maintenance_user" type="string">
314 <name>Maintenance User</name>
315 <value>maint@localhost.localdomain</value>
316 <description>The username of the maintenance account. This
317 account is used by local scripts that perform automated
318 tasks, and cannot be used for normal logins.</description>
321 <variable id="maintenance_password" type="password">
322 <name>Maintenance Password</name>
324 <description>The password of the maintenance account. If
325 left blank, one will be generated. We recommend that the
326 password be changed periodically.</description>
329 <variable id="maintenance_sources" type="hostname">
330 <name>Authorized Hosts</name>
332 <description>A space-separated list of IP addresses allowed
333 to access the API through the maintenance account. The value
334 of this variable is set automatically to allow only the API,
335 web, and boot servers, and should not be
336 changed.</description>
339 <!-- The following are not actually meant to be configurable
340 as variables. The web interface should allow the file to
341 be downloaded, or its contents replaced by a file upload,
342 but the actual <value> shouldn't need to be changed. -->
344 <variable id="ssl_key" type="file">
345 <name>SSL Private Key</name>
346 <value>/etc/planetlab/api_ssl.key</value>
347 <description>The SSL private key to use for encrypting HTTPS
348 traffic. If non-existent, one will be
349 generated.</description>
352 <variable id="ssl_crt" type="file">
353 <name>SSL Public Certificate</name>
354 <value>/etc/planetlab/api_ssl.crt</value>
355 <description>The corresponding SSL public certificate. By
356 default, this certificate is self-signed. You may replace
357 the certificate later with one signed by a root
361 <variable id="ca_ssl_crt" type="file">
362 <name>Root CA SSL Public Certificate</name>
363 <value>/etc/planetlab/api_ca_ssl.crt</value>
364 <description>The certificate of the root CA, if any, that
365 signed your server certificate. If your server certificate is
366 self-signed, then this file is the same as your server
367 certificate.</description>
372 <category id="plc_www">
373 <name>Web Server</name>
374 <description>Web server definitions.</description>
377 <variable id="enabled" type="boolean">
380 <description>Enable the web server on this
381 machine.</description>
384 <variable id="debug" type="boolean">
387 <description>Enable debugging output on web pages. Do not
388 enable on a production system!</description>
391 <variable id="host" type="hostname">
392 <name>Hostname</name>
393 <value>localhost.localdomain</value>
394 <description>The fully qualified hostname of the web
395 server.</description>
398 <variable id="ip" type="ip">
399 <name>IP Address</name>
400 <value>127.0.0.1</value>
401 <description>The IP address of the web server, if not
402 resolvable by the configured DNS servers.</description>
405 <variable id="port" type="int">
408 <description>The TCP port number through which the
409 unprotected portions of the web site should be
410 accessed.</description>
413 <variable id="ssl_port" type="int">
414 <name>SSL Port</name>
416 <description>The TCP port number through which the protected
417 portions of the web site should be accessed.</description>
420 <!-- The following are not actually meant to be configurable
421 as variables. The web interface should allow the file to
422 be downloaded, or its contents replaced by a file upload,
423 but the actual <value> shouldn't need to be changed. -->
425 <variable id="ssl_key" type="file">
426 <name>SSL Private Key</name>
427 <value>/etc/planetlab/www_ssl.key</value>
428 <description>The SSL private key to use for encrypting HTTPS
429 traffic. If non-existent, one will be
430 generated.</description>
433 <variable id="ssl_crt" type="file">
434 <name>SSL Public Certificate</name>
435 <value>/etc/planetlab/www_ssl.crt</value>
436 <description>The corresponding SSL public certificate for
437 the HTTP server. By default, this certificate is
438 self-signed. You may replace the certificate later with one
439 signed by a root CA.</description>
442 <variable id="ca_ssl_crt" type="file">
443 <name>Root CA SSL Public Certificate</name>
444 <value>/etc/planetlab/www_ca_ssl.crt</value>
445 <description>The certificate of the root CA, if any, that
446 signed your server certificate. If your server certificate is
447 self-signed, then this file is the same as your server
448 certificate.</description>
453 <category id="plc_boot">
454 <name>Boot Server</name>
455 <description>Boot server definitions. Multiple boot servers
456 may be brought up for load balancing, but we recommend that a
457 single DNS round-robin system be implemented so that the
458 following variables are the same across all of
462 <variable id="enabled" type="boolean">
465 <description>Enable the boot server on this
466 machine.</description>
469 <variable id="host" type="hostname">
470 <name>Hostname</name>
471 <value>localhost.localdomain</value>
472 <description>The fully qualified hostname of the boot
473 server.</description>
476 <variable id="ip" type="ip">
477 <name>IP Address</name>
478 <value>127.0.0.1</value>
479 <description>The IP address of the boot server, if not
480 resolvable by the configured DNS servers.</description>
483 <variable id="port" type="int">
486 <description>The TCP port number through which the
487 unprotected portions of the boot server should be
488 accessed.</description>
491 <variable id="ssl_port" type="int">
492 <name>SSL Port</name>
494 <description>The TCP port number through which the protected
495 portions of the boot server should be
496 accessed.</description>
499 <!-- The following are not actually meant to be configurable
500 as variables. The web interface should allow the file to
501 be downloaded, or its contents replaced by a file upload,
502 but the actual <value> shouldn't need to be changed. -->
504 <variable id="ssl_key" type="file">
505 <name>SSL Private Key</name>
506 <value>/etc/planetlab/boot_ssl.key</value>
507 <description>The SSL private key to use for encrypting HTTPS
508 traffic.</description>
511 <variable id="ssl_crt" type="file">
512 <name>SSL Public Certificate</name>
513 <value>/etc/planetlab/boot_ssl.crt</value>
514 <description>The corresponding SSL public certificate for
515 the HTTP server. By default, this certificate is
516 self-signed. You may replace the certificate later with one
517 signed by a root CA.</description>
520 <variable id="ca_ssl_crt" type="file">
521 <name>Root CA SSL Public Certificate</name>
522 <value>/etc/planetlab/boot_ca_ssl.crt</value>
523 <description>The certificate of the root CA, if any, that
524 signed your server certificate. If your server certificate is
525 self-signed, then this file is the same as your server
526 certificate.</description>
533 <!-- deprecated - not used anymore - use .lst files instead -->