1 <?xml version="1.0" encoding="utf-8"?>
4 Default PLC configuration file
6 Mark Huang <mlhuang@cs.princeton.edu>
7 Copyright (C) 2006 The Trustees of Princeton University
13 <!DOCTYPE configuration PUBLIC "-//PlanetLab Central//DTD PLC configuration//EN" "plc_config.dtd">
19 <description>Basic system variables. Be sure that the values of
20 these variables are the same across all machines in your
21 installation.</description>
24 <variable id="name" type="string">
26 <value>PlanetLab Test</value>
27 <description>The name of this PLC installation. It is used in
28 the name of the default system site (e.g., PlanetLab Central)
29 and in the names of various administrative entities (e.g.,
30 PlanetLab Support).</description>
33 <variable id="shortname" type="string">
36 <description>The short name of this PLC installation. It is
37 mostly used in the web interface when displaying local
38 objects.</description>
41 <variable id="hrn_root" type="string">
42 <name>Root in Hierarchical Naming Space </name>
43 <value>planetlab.test</value>
44 <description> The root of this peer in the hierarchical federation naming space.</description>
47 <variable id="slice_prefix" type="string">
48 <name>Slice Prefix</name>
50 <description>The abbreviated name of this PLC
51 installation. It is used as the prefix for system slices
52 (e.g., pl_conf). Warning: Currently, this variable should
53 not be changed.</description>
56 <variable id="root_user" type="email">
57 <name>Root Account</name>
58 <value>root@localhost.localdomain</value>
59 <description>The name of the initial administrative
60 account. We recommend that this account be used only to create
61 additional accounts associated with real
62 administrators, then disabled.</description>
65 <variable id="root_password" type="password">
66 <name>Root Password</name>
68 <description>The password of the initial administrative
69 account. Also the password of the root account on the Boot
73 <!-- The following are not actually meant to be configurable
74 as variables. The web interface should allow the file to
75 be downloaded, or its contents replaced by a file upload,
76 but the actual <value> shouldn't need to be changed. -->
78 <variable id="root_ssh_key_pub" type="file">
79 <name>Root SSH Public Key</name>
80 <value>/etc/planetlab/root_ssh_key.pub</value>
81 <description>The SSH public key used to access the root
82 account on your nodes.</description>
85 <variable id="root_ssh_key" type="file">
86 <name>Root SSH Private Key</name>
87 <value>/etc/planetlab/root_ssh_key.rsa</value>
88 <description>The SSH private key used to access the root
89 account on your nodes.</description>
92 <variable id="debug_ssh_key_pub" type="file">
93 <name>Debug SSH Public Key</name>
94 <value>/etc/planetlab/debug_ssh_key.pub</value>
95 <description>The SSH public key used to access the root
96 account on your nodes when they are in Debug mode.</description>
99 <variable id="debug_ssh_key" type="file">
100 <name>Debug SSH Private Key</name>
101 <value>/etc/planetlab/debug_ssh_key.rsa</value>
102 <description>The SSH private key used to access the root
103 account on your nodes when they are in Debug mode.</description>
106 <variable id="root_gpg_key_pub" type="file">
107 <name>Root GPG Public Keyring</name>
108 <value>/etc/planetlab/pubring.gpg</value>
109 <description>The GPG public keyring used to sign the Boot
110 Manager and all node packages.</description>
113 <variable id="root_gpg_key" type="file">
114 <name>Root GPG Private Keyring</name>
115 <value>/etc/planetlab/secring.gpg</value>
116 <description>The SSH private key used to access the root
117 account on your nodes.</description>
122 <category id="plc_net">
124 <description>Network environment.</description>
127 <variable id="enabled" type="boolean">
128 <name>Enable network configuration</name>
130 <description>Let PLC manage /etc/hosts</description>
133 <variable id="dns1" type="ip">
134 <name>Primary DNS Server</name>
135 <value>127.0.0.1</value>
136 <description>Primary DNS server address.</description>
139 <variable id="dns2" type="ip">
140 <name>Secondary DNS Server</name>
142 <description>Secondary DNS server address.</description>
147 <category id="plc_dns">
149 <description>MyPLC can provide forward DNS resolution for itself
150 and for its nodes. To enable resolution for MyPLC itself, set
151 the Primary DNS Server address to 127.0.0.1 and provide external
152 IP addresses for the database, API, web, and boot servers
153 below. To enable resolution for nodes, use the external IP
154 address of this machine as the primary DNS server address for
155 each node.</description>
158 <variable id="enabled" type="boolean">
159 <name>Enable DNS</name>
161 <description>Enable the internal DNS server. The server does
162 not provide reverse resolution and is not a production
163 quality or scalable DNS solution. Use the internal DNS
164 server only for small deployments or for
165 testing.</description>
170 <category id="plc_mail">
172 <description>Many maintenance scripts, as well as the API and
173 web site themselves, send e-mail notifications and
174 warnings.</description>
177 <variable id="enabled" type="boolean">
178 <name>Enable Mail</name>
180 <description>Set to false to suppress all e-mail notifications
181 and warnings.</description>
184 <variable id="support_address" type="email">
185 <name>Support Address</name>
186 <value>root+support@localhost.localdomain</value>
187 <description>This address is used for support
188 requests. Support requests may include traffic complaints,
189 security incident reporting, web site malfunctions, and
190 general requests for information. We recommend that the
191 address be aliased to a ticketing system such as Request
192 Tracker.</description>
195 <variable id="boot_address" type="email">
196 <name>Boot Messages Address</name>
197 <value>root+install-msgs@localhost.localdomain</value>
198 <description>The API will notify this address when a problem
199 occurs during node installation or boot.</description>
202 <variable id="mom_list_address" type="email">
203 <name>Mom List Address</name>
204 <value>root+mom@localhost.localdomain</value>
205 <description>This address is used by operations staff
206 to monitor Mom (formerly pl_mom) messages indicating
207 excessive BW or memory usage by a slice. Mom messages sent
208 to slices will be cc'ed to this list so as not to clog
209 the Support Address list.</description>
212 <variable id="slice_address" type="email">
213 <name>Slice Address</name>
214 <value>root+SLICE@localhost.localdomain</value>
215 <description>This address template is used for sending
216 e-mail notifications to slices. SLICE will be replaced with
217 the name of the slice.</description>
222 <category id="plc_db">
223 <name>Database Server</name>
224 <description>Database server definitions.</description>
227 <variable id="enabled" type="boolean">
230 <description>Enable the database server on this
231 machine.</description>
234 <variable id="type" type="string">
236 <value>postgresql</value>
237 <description>The type of database server. Currently, only
238 postgresql is supported.</description>
241 <variable id="host" type="hostname">
242 <name>Hostname</name>
243 <value>localhost.localdomain</value>
244 <description>The fully qualified hostname of the database
245 server.</description>
248 <variable id="ip" type="ip">
249 <name>IP Address</name>
251 <description>The IP address of the database server, if not
252 resolvable.</description>
255 <variable id="port" type="int">
258 <description>The TCP port number through which the database
259 server should be accessed.</description>
262 <variable id="name" type="string">
263 <name>Database Name</name>
264 <value>planetlab5</value>
265 <description>The name of the database to access.</description>
268 <variable id="user" type="string">
269 <name>Database Username</name>
270 <value>pgsqluser</value>
271 <description>The username to use when accessing the
272 database.</description>
275 <variable id="password" type="password">
276 <name>Database Password</name>
278 <description>The password to use when accessing the
279 database. If left blank, one will be
280 generated.</description>
285 <category id="plc_api">
286 <name>API Server</name>
287 <description>API (XML-RPC) server definitions.</description>
290 <variable id="enabled" type="boolean">
293 <description>Enable the API server on this
294 machine.</description>
297 <variable id="debug" type="boolean">
300 <description>Enable verbose API debugging. Do not enable on
301 a production system!</description>
304 <variable id="host" type="hostname">
305 <name>Hostname</name>
306 <value>localhost.localdomain</value>
307 <description>The fully qualified hostname of the API
308 server.</description>
311 <variable id="ip" type="ip">
312 <name>IP Address</name>
314 <description>The IP address of the API server, if not
315 resolvable.</description>
318 <variable id="ipod_subnet" type="ip">
319 <name>IP Subnet</name>
320 <value>127.0.0.1</value>
321 <description>The IP Subnet for all API servers.
322 Used to identify IPoD packet senders.</description>
325 <variable id="ipod_mask" type="ip">
327 <value>255.255.255.255</value>
328 <description>The IP Mask that should be applied to incoming
329 packets to match the IP Subnet for IPoD packets.</description>
332 <variable id="port" type="int">
335 <description>The TCP port number through which the API
336 should be accessed.</description>
339 <variable id="path" type="string">
341 <value>/PLCAPI/</value>
342 <description>The base path of the API URL.</description>
345 <variable id="maintenance_user" type="string">
346 <name>Maintenance User</name>
347 <value>maint@localhost.localdomain</value>
348 <description>The username of the maintenance account. This
349 account is used by local scripts that perform automated
350 tasks, and cannot be used for normal logins.</description>
353 <variable id="maintenance_password" type="password">
354 <name>Maintenance Password</name>
356 <description>The password of the maintenance account. If
357 left blank, one will be generated. We recommend that the
358 password be changed periodically.</description>
361 <variable id="maintenance_sources" type="hostname">
362 <name>Authorized Hosts</name>
364 <description>A space-separated list of IP addresses allowed
365 to access the API through the maintenance account. The value
366 of this variable is set automatically to allow only the API,
367 web, and boot servers, and should not be
368 changed.</description>
371 <!-- The following are not actually meant to be configurable
372 as variables. The web interface should allow the file to
373 be downloaded, or its contents replaced by a file upload,
374 but the actual <value> shouldn't need to be changed. -->
376 <variable id="ssl_key" type="file">
377 <name>SSL Private Key</name>
378 <value>/etc/planetlab/api_ssl.key</value>
379 <description>The SSL private key to use for encrypting HTTPS
380 traffic. If non-existent, one will be
381 generated.</description>
384 <variable id="ssl_crt" type="file">
385 <name>SSL Public Certificate</name>
386 <value>/etc/planetlab/api_ssl.crt</value>
387 <description>The corresponding SSL public certificate. By
388 default, this certificate is self-signed. You may replace
389 the certificate later with one signed by a root
393 <variable id="ca_ssl_crt" type="file">
394 <name>Root CA SSL Public Certificate</name>
395 <value>/etc/planetlab/api_ca_ssl.crt</value>
396 <description>The certificate of the root CA, if any, that
397 signed your server certificate. If your server certificate is
398 self-signed, then this file is the same as your server
399 certificate.</description>
404 <category id="plc_www">
405 <name>Web Server</name>
406 <description>Web server definitions.</description>
409 <variable id="enabled" type="boolean">
412 <description>Enable the web server on this
413 machine.</description>
416 <variable id="debug" type="boolean">
419 <description>Enable debugging output on web pages. Do not
420 enable on a production system!</description>
423 <variable id="host" type="hostname">
424 <name>Hostname</name>
425 <value>localhost.localdomain</value>
426 <description>The fully qualified hostname of the web
427 server.</description>
430 <variable id="ip" type="ip">
431 <name>IP Address</name>
433 <description>The IP address of the web server, if not
434 resolvable.</description>
437 <variable id="port" type="int">
440 <description>The TCP port number through which the
441 unprotected portions of the web site should be
442 accessed.</description>
445 <variable id="ssl_port" type="int">
446 <name>SSL Port</name>
448 <description>The TCP port number through which the protected
449 portions of the web site should be accessed.</description>
452 <!-- The following are not actually meant to be configurable
453 as variables. The web interface should allow the file to
454 be downloaded, or its contents replaced by a file upload,
455 but the actual <value> shouldn't need to be changed. -->
457 <variable id="ssl_key" type="file">
458 <name>SSL Private Key</name>
459 <value>/etc/planetlab/www_ssl.key</value>
460 <description>The SSL private key to use for encrypting HTTPS
461 traffic. If non-existent, one will be
462 generated.</description>
465 <variable id="ssl_crt" type="file">
466 <name>SSL Public Certificate</name>
467 <value>/etc/planetlab/www_ssl.crt</value>
468 <description>The corresponding SSL public certificate for
469 the HTTP server. By default, this certificate is
470 self-signed. You may replace the certificate later with one
471 signed by a root CA.</description>
474 <variable id="ca_ssl_crt" type="file">
475 <name>Root CA SSL Public Certificate</name>
476 <value>/etc/planetlab/www_ca_ssl.crt</value>
477 <description>The certificate of the root CA, if any, that
478 signed your server certificate. If your server certificate is
479 self-signed, then this file is the same as your server
480 certificate.</description>
485 <category id="plc_boot">
486 <name>Boot Server</name>
487 <description>Boot server definitions. Multiple boot servers
488 may be brought up for load balancing, but we recommend that a
489 single DNS round-robin system be implemented so that the
490 following variables are the same across all of
494 <variable id="enabled" type="boolean">
497 <description>Enable the boot server on this
498 machine.</description>
501 <variable id="host" type="hostname">
502 <name>Hostname</name>
503 <value>localhost.localdomain</value>
504 <description>The fully qualified hostname of the boot
505 server.</description>
508 <variable id="ip" type="ip">
509 <name>IP Address</name>
511 <description>The IP address of the boot server, if not
512 resolvable.</description>
515 <variable id="port" type="int">
518 <description>The TCP port number through which the
519 unprotected portions of the boot server should be
520 accessed.</description>
523 <variable id="ssl_port" type="int">
524 <name>SSL Port</name>
526 <description>The TCP port number through which the protected
527 portions of the boot server should be
528 accessed.</description>
531 <!-- The following are not actually meant to be configurable
532 as variables. The web interface should allow the file to
533 be downloaded, or its contents replaced by a file upload,
534 but the actual <value> shouldn't need to be changed. -->
536 <variable id="ssl_key" type="file">
537 <name>SSL Private Key</name>
538 <value>/etc/planetlab/boot_ssl.key</value>
539 <description>The SSL private key to use for encrypting HTTPS
540 traffic.</description>
543 <variable id="ssl_crt" type="file">
544 <name>SSL Public Certificate</name>
545 <value>/etc/planetlab/boot_ssl.crt</value>
546 <description>The corresponding SSL public certificate for
547 the HTTP server. By default, this certificate is
548 self-signed. You may replace the certificate later with one
549 signed by a root CA.</description>
552 <variable id="ca_ssl_crt" type="file">
553 <name>Root CA SSL Public Certificate</name>
554 <value>/etc/planetlab/boot_ca_ssl.crt</value>
555 <description>The certificate of the root CA, if any, that
556 signed your server certificate. If your server certificate is
557 self-signed, then this file is the same as your server
558 certificate.</description>
564 <category id="plc_planetflow">
565 <name>PlanetFlow Service Configuration</name>
566 <description>Planetflow service definitions used in the netflow slice. </description>
569 <variable id="host" type="hostname">
570 <name>Hostname</name>
571 <value>localhost.localdomain</value>
572 <description>The fully qualified hostname.</description>
576 <category id="plc_monitor">
577 <name>Monitoring Service</name>
578 <description>The Monitor service that tracks node availablity and repair.</description>
580 <variable id="enabled" type="boolean">
583 <description>Enable on this machine.</description>
585 <variable id="host" type="hostname">
586 <name>Hostname</name>
587 <value>localhost.localdomain</value>
588 <description>The fully qualified hostname.</description>
590 <variable id="ip" type="ip">
591 <name>IP Address</name>
593 <description>The IP address of the monitor server.</description>
595 <variable id="from_email" type="email">
596 <name>Monitor Email Address</name>
597 <value>root+monitor@localhost.localdomain</value>
598 <description>All messages from Monitor will appear to come from this address.</description>
600 <variable id="cc_email" type="email">
601 <name>CC Email Address</name>
602 <value>root+monitor@localhost.localdomain</value>
603 <description>All messages from Monitor will be copied to this address.</description>
605 <variable id="rt_queue" type="email">
606 <name>Queue Name in RT for new messages</name>
607 <value>support</value>
608 <description>All messages from Monitor will be copied to this address.</description>
610 <variable id="dbpassword" type="password">
611 <name>Database Password</name>
613 <description>The password to use when accessing the
614 database, Monitor user account in the local PLC.</description>
617 <variable id="ssl_key" type="file">
618 <name>SSL Private Key</name>
619 <value>/etc/planetlab/monitor_ssl.key</value>
620 <description>The SSL private key to use for encrypting HTTPS
621 traffic.</description>
624 <variable id="ssl_crt" type="file">
625 <name>SSL Public Certificate</name>
626 <value>/etc/planetlab/monitor_ssl.crt</value>
627 <description>The corresponding SSL public certificate for
628 the HTTP server. By default, this certificate is
629 self-signed. You may replace the certificate later with one
630 signed by a root CA.</description>
633 <variable id="ca_ssl_crt" type="file">
634 <name>Root CA SSL Public Certificate</name>
635 <value>/etc/planetlab/monitor_ca_ssl.crt</value>
636 <description>The certificate of the root CA, if any, that
637 signed your server certificate. If your server certificate is
638 self-signed, then this file is the same as your server
639 certificate.</description>
644 <category id="plc_rt">
645 <name>RT Configuration</name>
646 <description>RT</description>
648 <variable id="enabled" type="boolean">
651 <description>Enable on this machine.</description>
653 <variable id="host" type="hostname">
654 <name>Hostname</name>
655 <value>localhost.localdomain</value>
656 <description>The fully qualified hostname.</description>
658 <variable id="ip" type="ip">
659 <name>IP Address</name>
661 <description>The IP address of the RT server.</description>
663 <variable id="cc_address" type="email">
664 <name>CC Email Address</name>
665 <value>root+cclist@localhost.localdomain</value>
666 <description>All messages to and from PLCRT will be copied to this address.</description>
668 <variable id="web_user" type="string">
671 <description>Username of a privileged user in RT who can create
672 tickets for any RT Queue.</description>
674 <variable id="web_password" type="password">
675 <name>password</name>
676 <value>password</value>
677 <description>Password for RT web user.</description>
679 <variable id="dbpassword" type="password">
680 <name>Database Password</name>
682 <description>Password to use when accessing the RT database.</description>
689 <!-- deprecated - not used anymore - use .lst files instead -->
git://git.onelab.eu / myplc.git / blob