default_config.xml

   1 <?xml version="1.0" encoding="utf-8"?>
   2
   3 <!--
   4 Default PLC configuration file
   5
   6 Mark Huang <mlhuang@cs.princeton.edu>
   7 Copyright (C) 2006 The Trustees of Princeton University
   8
   9 $Id$
  10 -->
  11
  12 <!DOCTYPE configuration PUBLIC "-//PlanetLab Central//DTD PLC configuration//EN" "plc_config.dtd">
  13
  14 <configuration>
  15   <variables>
  16     <category id="plc">
  17       <name>System</name>
  18       <description>Basic system variables. Be sure that the values of
  19       these variables are the same across all machines in your
  20       installation.</description>
  21
  22       <variablelist>
  23         <variable id="name" type="string">
  24           <name>Name</name>
  25           <value>PlanetLab Test</value>
  26           <description>The name of this PLC installation. It is used in
  27           the name of the default system site (e.g., PlanetLab Central)
  28           and in the names of various administrative entities (e.g.,
  29           PlanetLab Support).</description>
  30         </variable>
  31
  32         <variable id="shortname" type="string">
  33           <name>Shortame</name>
  34           <value>Tlab</value>
  35           <description>The short name of this PLC installation. It is
  36           mostly used in the web interface when displaying local
  37           objects.</description>
  38         </variable>
  39
  40         <variable id="slice_prefix" type="string">
  41           <name>Slice Prefix</name>
  42           <value>pl</value>
  43           <description>The abbreviated name of this PLC
  44           installation. It is used as the prefix for system slices
  45           (e.g., pl_conf). Warning: Currently, this variable should
  46           not be changed.</description>
  47         </variable>
  48
  49         <variable id="root_user" type="email">
  50           <name>Root Account</name>
  51           <value>root@localhost.localdomain</value>
  52           <description>The name of the initial administrative
  53           account. We recommend that this account be used only to create
  54           additional accounts associated with real
  55           administrators, then disabled.</description>
  56         </variable>
  57
  58         <variable id="root_password" type="password">
  59           <name>Root Password</name>
  60           <value>root</value>
  61           <description>The password of the initial administrative
  62           account. Also the password of the root account on the Boot
  63           CD.</description>
  64         </variable>
  65
  66         <!-- The following are not actually meant to be configurable
  67              as variables. The web interface should allow the file to
  68              be downloaded, or its contents replaced by a file upload,
  69              but the actual <value> shouldn't need to be changed.  -->
  70
  71         <variable id="root_ssh_key_pub" type="file">
  72           <name>Root SSH Public Key</name>
  73           <value>/etc/planetlab/root_ssh_key.pub</value>
  74           <description>The SSH public key used to access the root
  75           account on your nodes.</description>
  76         </variable>
  77
  78         <variable id="root_ssh_key" type="file">
  79           <name>Root SSH Private Key</name>
  80           <value>/etc/planetlab/root_ssh_key.rsa</value>
  81           <description>The SSH private key used to access the root
  82           account on your nodes.</description>
  83         </variable>
  84
  85         <variable id="debug_ssh_key_pub" type="file">
  86           <name>Debug SSH Public Key</name>
  87           <value>/etc/planetlab/debug_ssh_key.pub</value>
  88           <description>The SSH public key used to access the root
  89           account on your nodes when they are in Debug mode.</description>
  90         </variable>
  91
  92         <variable id="debug_ssh_key" type="file">
  93           <name>Debug SSH Private Key</name>
  94           <value>/etc/planetlab/debug_ssh_key.rsa</value>
  95           <description>The SSH private key used to access the root
  96           account on your nodes when they are in Debug mode.</description>
  97         </variable>
  98
  99         <variable id="root_gpg_key_pub" type="file">
 100           <name>Root GPG Public Keyring</name>
 101           <value>/etc/planetlab/pubring.gpg</value>
 102           <description>The GPG public keyring used to sign the Boot
 103           Manager and all node packages.</description>
 104         </variable>
 105
 106         <variable id="root_gpg_key" type="file">
 107           <name>Root GPG Private Keyring</name>
 108           <value>/etc/planetlab/secring.gpg</value>
 109           <description>The SSH private key used to access the root
 110           account on your nodes.</description>
 111         </variable>
 112       </variablelist>
 113     </category>
 114
 115     <category id="plc_net">
 116       <name>Network</name>
 117       <description>Network environment.</description>
 118
 119       <variablelist>
 120         <variable id="dns1" type="ip">
 121           <name>Primary DNS Server</name>
 122           <value>127.0.0.1</value>
 123           <description>Primary DNS server address.</description>
 124         </variable>
 125
 126         <variable id="dns2" type="ip">
 127           <name>Secondary DNS Server</name>
 128           <value></value>
 129           <description>Secondary DNS server address.</description>
 130         </variable>
 131       </variablelist>
 132     </category>
 133
 134     <category id="plc_dns">
 135       <name>DNS</name>
 136       <description>MyPLC can provide forward DNS resolution for itself
 137       and for its nodes. To enable resolution for MyPLC itself, set
 138       the Primary DNS Server address to 127.0.0.1 and provide external
 139       IP addresses for the database, API, web, and boot servers
 140       below. To enable resolution for nodes, use the external IP
 141       address of this machine as the primary DNS server address for
 142       each node.</description>
 143
 144       <variablelist>
 145         <variable id="enabled" type="boolean">
 146           <name>Enable DNS</name>
 147           <value>true</value>
 148           <description>Enable the internal DNS server. The server does
 149           not provide reverse resolution and is not a production
 150           quality or scalable DNS solution. Use the internal DNS
 151           server only for small deployments or for
 152           testing.</description>
 153         </variable>
 154       </variablelist>
 155     </category>
 156
 157     <category id="plc_mail">
 158       <name>Mail</name>
 159       <description>Many maintenance scripts, as well as the API and
 160       web site themselves, send e-mail notifications and
 161       warnings.</description>
 162
 163       <variablelist>
 164         <variable id="enabled" type="boolean">
 165           <name>Enable Mail</name>
 166           <value>false</value>
 167           <description>Set to false to suppress all e-mail notifications
 168           and warnings.</description>
 169         </variable>
 170
 171         <variable id="support_address" type="email">
 172           <name>Support Address</name>
 173           <value>root+support@localhost.localdomain</value>
 174           <description>This address is used for support
 175           requests. Support requests may include traffic complaints,
 176           security incident reporting, web site malfunctions, and
 177           general requests for information. We recommend that the
 178           address be aliased to a ticketing system such as Request
 179           Tracker.</description>
 180         </variable>
 181
 182         <variable id="boot_address" type="email">
 183           <name>Boot Messages Address</name>
 184           <value>root+install-msgs@localhost.localdomain</value>
 185           <description>The API will notify this address when a problem
 186           occurs during node installation or boot.</description>
 187         </variable>
 188
 189         <variable id="mom_list_address" type="email">
 190           <name>Mom List Address</name>
 191           <value>root+mom@localhost.localdomain</value>
 192           <description>This address is used by operations staff
 193           to monitor Mom (formerly pl_mom) messages indicating
 194           excessive BW or memory usage by a slice.  Mom messages sent
 195           to slices will be cc'ed to this list so as not to clog
 196           the Support Address list.</description>
 197         </variable>
 198
 199         <variable id="slice_address" type="email">
 200           <name>Slice Address</name>
 201           <value>root+SLICE@localhost.localdomain</value>
 202           <description>This address template is used for sending
 203           e-mail notifications to slices. SLICE will be replaced with
 204           the name of the slice.</description>
 205         </variable>
 206       </variablelist>
 207     </category>
 208
 209     <category id="plc_db">
 210       <name>Database Server</name>
 211       <description>Database server definitions.</description>
 212
 213       <variablelist>
 214         <variable id="enabled" type="boolean">
 215           <name>Enabled</name>
 216           <value>true</value>
 217           <description>Enable the database server on this
 218           machine.</description>
 219         </variable>
 220
 221         <variable id="type" type="string">
 222           <name>Type</name>
 223           <value>postgresql</value>
 224           <description>The type of database server. Currently, only
 225           postgresql is supported.</description>
 226         </variable>
 227
 228         <variable id="host" type="hostname">
 229           <name>Hostname</name>
 230           <value>localhost.localdomain</value>
 231           <description>The fully qualified hostname of the database
 232           server.</description>
 233         </variable>
 234
 235         <variable id="ip" type="ip">
 236           <name>IP Address</name>
 237           <value/>
 238           <description>The IP address of the database server, if not
 239           resolvable.</description>
 240         </variable>
 241
 242         <variable id="port" type="int">
 243           <name>Port</name>
 244           <value>5432</value>
 245           <description>The TCP port number through which the database
 246           server should be accessed.</description>
 247         </variable>
 248
 249         <variable id="name" type="string">
 250           <name>Database Name</name>
 251           <value>planetlab5</value>
 252           <description>The name of the database to access.</description>
 253         </variable>
 254
 255         <variable id="user" type="string">
 256           <name>Database Username</name>
 257           <value>pgsqluser</value>
 258           <description>The username to use when accessing the
 259           database.</description>
 260         </variable>
 261
 262         <variable id="password" type="password">
 263           <name>Database Password</name>
 264           <value></value>
 265           <description>The password to use when accessing the
 266           database. If left blank, one will be
 267           generated.</description>
 268         </variable>
 269       </variablelist>
 270     </category>
 271
 272     <category id="plc_api">
 273       <name>API Server</name>
 274       <description>API (XML-RPC) server definitions.</description>
 275
 276       <variablelist>
 277         <variable id="enabled" type="boolean">
 278           <name>Enabled</name>
 279           <value>true</value>
 280           <description>Enable the API server on this
 281           machine.</description>
 282         </variable>
 283
 284         <variable id="debug" type="boolean">
 285           <name>Debug</name>
 286           <value>false</value>
 287           <description>Enable verbose API debugging. Do not enable on
 288           a production system!</description>
 289         </variable>
 290
 291         <variable id="host" type="hostname">
 292           <name>Hostname</name>
 293           <value>localhost.localdomain</value>
 294           <description>The fully qualified hostname of the API
 295           server.</description>
 296         </variable>
 297
 298         <variable id="ip" type="ip">
 299           <name>IP Address</name>
 300           <value/>
 301           <description>The IP address of the API server, if not
 302           resolvable.</description>
 303         </variable>
 304
 305         <variable id="ipod_subnet" type="ip">
 306           <name>IP Subnet</name>
 307           <value>127.0.0.1</value>
 308           <description>The IP Subnet for all API servers.
 309           Used to identify IPoD packet senders.</description>
 310         </variable>
 311
 312         <variable id="ipod_mask" type="ip">
 313           <name>IP Mask</name>
 314           <value>255.255.255.255</value>
 315           <description>The IP Mask that should be applied to incoming
 316           packets to match the IP Subnet for IPoD packets.</description>
 317         </variable>
 318
 319         <variable id="port" type="int">
 320           <name>Port</name>
 321           <value>443</value>
 322           <description>The TCP port number through which the API
 323           should be accessed.</description>
 324         </variable>
 325
 326         <variable id="path" type="string">
 327           <name>Path</name>
 328           <value>/PLCAPI/</value>
 329           <description>The base path of the API URL.</description>
 330         </variable>
 331
 332         <variable id="maintenance_user" type="string">
 333           <name>Maintenance User</name>
 334           <value>maint@localhost.localdomain</value>
 335           <description>The username of the maintenance account. This
 336           account is used by local scripts that perform automated
 337           tasks, and cannot be used for normal logins.</description>
 338         </variable>
 339
 340         <variable id="maintenance_password" type="password">
 341           <name>Maintenance Password</name>
 342           <value></value>
 343           <description>The password of the maintenance account. If
 344           left blank, one will be generated. We recommend that the
 345           password be changed periodically.</description>
 346         </variable>
 347
 348         <variable id="maintenance_sources" type="hostname">
 349           <name>Authorized Hosts</name>
 350           <value></value>
 351           <description>A space-separated list of IP addresses allowed
 352           to access the API through the maintenance account. The value
 353           of this variable is set automatically to allow only the API,
 354           web, and boot servers, and should not be
 355           changed.</description>
 356         </variable>
 357
 358         <!-- The following are not actually meant to be configurable
 359              as variables. The web interface should allow the file to
 360              be downloaded, or its contents replaced by a file upload,
 361              but the actual <value> shouldn't need to be changed.  -->
 362
 363         <variable id="ssl_key" type="file">
 364           <name>SSL Private Key</name>
 365           <value>/etc/planetlab/api_ssl.key</value>
 366           <description>The SSL private key to use for encrypting HTTPS
 367           traffic. If non-existent, one will be
 368           generated.</description>
 369         </variable>
 370
 371         <variable id="ssl_crt" type="file">
 372           <name>SSL Public Certificate</name>
 373           <value>/etc/planetlab/api_ssl.crt</value>
 374           <description>The corresponding SSL public certificate. By
 375           default, this certificate is self-signed. You may replace
 376           the certificate later with one signed by a root
 377           CA.</description>
 378         </variable>
 379
 380         <variable id="ca_ssl_crt" type="file">
 381           <name>Root CA SSL Public Certificate</name>
 382           <value>/etc/planetlab/api_ca_ssl.crt</value>
 383           <description>The certificate of the root CA, if any, that
 384           signed your server certificate. If your server certificate is
 385           self-signed, then this file is the same as your server
 386           certificate.</description>
 387         </variable>
 388       </variablelist>
 389     </category>
 390
 391     <category id="plc_www">
 392       <name>Web Server</name>
 393       <description>Web server definitions.</description>
 394
 395       <variablelist>
 396         <variable id="enabled" type="boolean">
 397           <name>Enabled</name>
 398           <value>true</value>
 399           <description>Enable the web server on this
 400           machine.</description>
 401         </variable>
 402
 403         <variable id="debug" type="boolean">
 404           <name>Debug</name>
 405           <value>false</value>
 406           <description>Enable debugging output on web pages. Do not
 407           enable on a production system!</description>
 408         </variable>
 409
 410         <variable id="host" type="hostname">
 411           <name>Hostname</name>
 412           <value>localhost.localdomain</value>
 413           <description>The fully qualified hostname of the web
 414           server.</description>
 415         </variable>
 416
 417         <variable id="ip" type="ip">
 418           <name>IP Address</name>
 419           <value/>
 420           <description>The IP address of the web server, if not
 421           resolvable.</description>
 422         </variable>
 423
 424         <variable id="port" type="int">
 425           <name>Port</name>
 426           <value>80</value>
 427           <description>The TCP port number through which the
 428           unprotected portions of the web site should be
 429           accessed.</description>
 430         </variable>
 431
 432         <variable id="ssl_port" type="int">
 433           <name>SSL Port</name>
 434           <value>443</value>
 435           <description>The TCP port number through which the protected
 436           portions of the web site should be accessed.</description>
 437         </variable>
 438
 439         <!-- The following are not actually meant to be configurable
 440              as variables. The web interface should allow the file to
 441              be downloaded, or its contents replaced by a file upload,
 442              but the actual <value> shouldn't need to be changed.  -->
 443
 444         <variable id="ssl_key" type="file">
 445           <name>SSL Private Key</name>
 446           <value>/etc/planetlab/www_ssl.key</value>
 447           <description>The SSL private key to use for encrypting HTTPS
 448           traffic. If non-existent, one will be
 449           generated.</description>
 450         </variable>
 451
 452         <variable id="ssl_crt" type="file">
 453           <name>SSL Public Certificate</name>
 454           <value>/etc/planetlab/www_ssl.crt</value>
 455           <description>The corresponding SSL public certificate for
 456           the HTTP server. By default, this certificate is
 457           self-signed. You may replace the certificate later with one
 458           signed by a root CA.</description>
 459         </variable>
 460
 461         <variable id="ca_ssl_crt" type="file">
 462           <name>Root CA SSL Public Certificate</name>
 463           <value>/etc/planetlab/www_ca_ssl.crt</value>
 464           <description>The certificate of the root CA, if any, that
 465           signed your server certificate. If your server certificate is
 466           self-signed, then this file is the same as your server
 467           certificate.</description>
 468         </variable>
 469       </variablelist>
 470     </category>
 471
 472     <category id="plc_boot">
 473       <name>Boot Server</name>
 474       <description>Boot server definitions. Multiple boot servers
 475       may be brought up for load balancing, but we recommend that a
 476       single DNS round-robin system be implemented so that the
 477       following variables are the same across all of
 478       them.</description>
 479
 480       <variablelist>
 481         <variable id="enabled" type="boolean">
 482           <name>Enabled</name>
 483           <value>true</value>
 484           <description>Enable the boot server on this
 485           machine.</description>
 486         </variable>
 487
 488         <variable id="host" type="hostname">
 489           <name>Hostname</name>
 490           <value>localhost.localdomain</value>
 491           <description>The fully qualified hostname of the boot
 492           server.</description>
 493         </variable>
 494
 495         <variable id="ip" type="ip">
 496           <name>IP Address</name>
 497           <value/>
 498           <description>The IP address of the boot server, if not
 499           resolvable.</description>
 500         </variable>
 501
 502         <variable id="port" type="int">
 503           <name>Port</name>
 504           <value>80</value>
 505           <description>The TCP port number through which the
 506           unprotected portions of the boot server should be
 507           accessed.</description>
 508         </variable>
 509
 510         <variable id="ssl_port" type="int">
 511           <name>SSL Port</name>
 512           <value>443</value>
 513           <description>The TCP port number through which the protected
 514           portions of the boot server should be
 515           accessed.</description>
 516         </variable>
 517
 518         <!-- The following are not actually meant to be configurable
 519              as variables. The web interface should allow the file to
 520              be downloaded, or its contents replaced by a file upload,
 521              but the actual <value> shouldn't need to be changed.  -->
 522
 523         <variable id="ssl_key" type="file">
 524           <name>SSL Private Key</name>
 525           <value>/etc/planetlab/boot_ssl.key</value>
 526           <description>The SSL private key to use for encrypting HTTPS
 527           traffic.</description>
 528         </variable>
 529
 530         <variable id="ssl_crt" type="file">
 531           <name>SSL Public Certificate</name>
 532           <value>/etc/planetlab/boot_ssl.crt</value>
 533           <description>The corresponding SSL public certificate for
 534           the HTTP server. By default, this certificate is
 535           self-signed. You may replace the certificate later with one
 536           signed by a root CA.</description>
 537         </variable>
 538
 539         <variable id="ca_ssl_crt" type="file">
 540           <name>Root CA SSL Public Certificate</name>
 541           <value>/etc/planetlab/boot_ca_ssl.crt</value>
 542           <description>The certificate of the root CA, if any, that
 543           signed your server certificate. If your server certificate is
 544           self-signed, then this file is the same as your server
 545           certificate.</description>
 546         </variable>
 547       </variablelist>
 548     </category>
 549
 550
 551     <category id="plc_planetflow">
 552       <name>PlanetFlow Service Configuration</name>
 553       <description>Planetflow service definitions used in the netflow slice. </description>
 554
 555       <variablelist>
 556         <variable id="host" type="hostname">
 557                 <name>Hostname</name>
 558                 <value>localhost.localdomain</value>
 559                 <description>The fully qualified hostname.</description>
 560         </variable>
 561       </variablelist>
 562     </category>
 563     <category id="plc_monitor">
 564       <name>Monitoring Service</name>
 565       <description>The Monitor service that tracks node availablity and repair.</description>
 566       <variablelist>
 567         <variable id="enabled" type="boolean">
 568           <name>Enabled</name>
 569           <value>false</value>
 570           <description>Enable on this machine.</description>
 571         </variable>
 572         <variable id="host" type="hostname">
 573           <name>Hostname</name>
 574           <value>localhost.localdomain</value>
 575           <description>The fully qualified hostname.</description>
 576         </variable>
 577         <variable id="ip" type="ip">
 578           <name>IP Address</name>
 579           <value></value>
 580           <description>The IP address of the monitor server.</description>
 581         </variable>
 582         <variable id="email" type="email">
 583           <name>Monitor Email Address</name>
 584           <value>root+monitor@localhost.localdomain</value>
 585           <description>The source address for all out-going messages from Monitor.</description>
 586         </variable>
 587         <variable id="dbpassword" type="password">
 588           <name>Database Password</name>
 589           <value></value>
 590           <description>The password to use when accessing the
 591           database, Monitor user account in the local PLC.</description>
 592         </variable>
 593       </variablelist>
 594     </category>
 595   </variables>
 596
 597   <comps>
 598     <!-- deprecated - not used anymore - use .lst files instead -->
 599   </comps>
 600
 601 </configuration>