default_config.xml

   1 <?xml version="1.0" encoding="utf-8"?>
   2
   3 <!--
   4 Default PLC configuration file
   5
   6 Mark Huang <mlhuang@cs.princeton.edu>
   7 Copyright (C) 2006 The Trustees of Princeton University
   8
   9 $Id$
  10 -->
  11
  12 <!DOCTYPE configuration PUBLIC "-//PlanetLab Central//DTD PLC configuration//EN" "plc_config.dtd">
  13
  14 <configuration>
  15   <variables>
  16     <category id="plc">
  17       <name>System</name>
  18       <description>Basic system variables. Be sure that the values of
  19       these variables are the same across all machines in your
  20       installation.</description>
  21
  22       <variablelist>
  23         <variable id="name" type="string">
  24           <name>Name</name>
  25           <value>PlanetLab Test</value>
  26           <description>The name of this PLC installation. It is used in
  27           the name of the default system site (e.g., PlanetLab Central)
  28           and in the names of various administrative entities (e.g.,
  29           PlanetLab Support).</description>
  30         </variable>
  31
  32         <variable id="shortname" type="string">
  33           <name>Shortame</name>
  34           <value>Tlab</value>
  35           <description>The short name of this PLC installation. It is
  36           mostly used in the web interface when displaying local
  37           objects.</description>
  38         </variable>
  39
  40         <variable id="hrn_root" type="string">
  41           <name>Root in Hierarchical Naming Space </name>
  42           <value>planetlab.test</value>
  43           <description> The root of this peer in the hierarchical federation naming space.</description>
  44         </variable>
  45
  46         <variable id="slice_prefix" type="string">
  47           <name>Slice Prefix</name>
  48           <value>pl</value>
  49           <description>The abbreviated name of this PLC
  50           installation. It is used as the prefix for system slices
  51           (e.g., pl_conf). Warning: Currently, this variable should
  52           not be changed.</description>
  53         </variable>
  54
  55         <variable id="root_user" type="email">
  56           <name>Root Account</name>
  57           <value>root@localhost.localdomain</value>
  58           <description>The name of the initial administrative
  59           account. We recommend that this account be used only to create
  60           additional accounts associated with real
  61           administrators, then disabled.</description>
  62         </variable>
  63
  64         <variable id="root_password" type="password">
  65           <name>Root Password</name>
  66           <value>root</value>
  67           <description>The password of the initial administrative
  68           account. Also the password of the root account on the Boot
  69           CD.</description>
  70         </variable>
  71
  72         <!-- The following are not actually meant to be configurable
  73              as variables. The web interface should allow the file to
  74              be downloaded, or its contents replaced by a file upload,
  75              but the actual <value> shouldn't need to be changed.  -->
  76
  77         <variable id="root_ssh_key_pub" type="file">
  78           <name>Root SSH Public Key</name>
  79           <value>/etc/planetlab/root_ssh_key.pub</value>
  80           <description>The SSH public key used to access the root
  81           account on your nodes.</description>
  82         </variable>
  83
  84         <variable id="root_ssh_key" type="file">
  85           <name>Root SSH Private Key</name>
  86           <value>/etc/planetlab/root_ssh_key.rsa</value>
  87           <description>The SSH private key used to access the root
  88           account on your nodes.</description>
  89         </variable>
  90
  91         <variable id="debug_ssh_key_pub" type="file">
  92           <name>Debug SSH Public Key</name>
  93           <value>/etc/planetlab/debug_ssh_key.pub</value>
  94           <description>The SSH public key used to access the root
  95           account on your nodes when they are in Debug mode.</description>
  96         </variable>
  97
  98         <variable id="debug_ssh_key" type="file">
  99           <name>Debug SSH Private Key</name>
 100           <value>/etc/planetlab/debug_ssh_key.rsa</value>
 101           <description>The SSH private key used to access the root
 102           account on your nodes when they are in Debug mode.</description>
 103         </variable>
 104
 105         <variable id="root_gpg_key_pub" type="file">
 106           <name>Root GPG Public Keyring</name>
 107           <value>/etc/planetlab/pubring.gpg</value>
 108           <description>The GPG public keyring used to sign the Boot
 109           Manager and all node packages.</description>
 110         </variable>
 111
 112         <variable id="root_gpg_key" type="file">
 113           <name>Root GPG Private Keyring</name>
 114           <value>/etc/planetlab/secring.gpg</value>
 115           <description>The SSH private key used to access the root
 116           account on your nodes.</description>
 117         </variable>
 118       </variablelist>
 119     </category>
 120
 121     <category id="plc_net">
 122       <name>Network</name>
 123       <description>Network environment.</description>
 124
 125       <variablelist>
 126         <variable id="dns1" type="ip">
 127           <name>Primary DNS Server</name>
 128           <value>127.0.0.1</value>
 129           <description>Primary DNS server address.</description>
 130         </variable>
 131
 132         <variable id="dns2" type="ip">
 133           <name>Secondary DNS Server</name>
 134           <value></value>
 135           <description>Secondary DNS server address.</description>
 136         </variable>
 137       </variablelist>
 138     </category>
 139
 140     <category id="plc_dns">
 141       <name>DNS</name>
 142       <description>MyPLC can provide forward DNS resolution for itself
 143       and for its nodes. To enable resolution for MyPLC itself, set
 144       the Primary DNS Server address to 127.0.0.1 and provide external
 145       IP addresses for the database, API, web, and boot servers
 146       below. To enable resolution for nodes, use the external IP
 147       address of this machine as the primary DNS server address for
 148       each node.</description>
 149
 150       <variablelist>
 151         <variable id="enabled" type="boolean">
 152           <name>Enable DNS</name>
 153           <value>true</value>
 154           <description>Enable the internal DNS server. The server does
 155           not provide reverse resolution and is not a production
 156           quality or scalable DNS solution. Use the internal DNS
 157           server only for small deployments or for
 158           testing.</description>
 159         </variable>
 160       </variablelist>
 161     </category>
 162
 163     <category id="plc_mail">
 164       <name>Mail</name>
 165       <description>Many maintenance scripts, as well as the API and
 166       web site themselves, send e-mail notifications and
 167       warnings.</description>
 168
 169       <variablelist>
 170         <variable id="enabled" type="boolean">
 171           <name>Enable Mail</name>
 172           <value>false</value>
 173           <description>Set to false to suppress all e-mail notifications
 174           and warnings.</description>
 175         </variable>
 176
 177         <variable id="support_address" type="email">
 178           <name>Support Address</name>
 179           <value>root+support@localhost.localdomain</value>
 180           <description>This address is used for support
 181           requests. Support requests may include traffic complaints,
 182           security incident reporting, web site malfunctions, and
 183           general requests for information. We recommend that the
 184           address be aliased to a ticketing system such as Request
 185           Tracker.</description>
 186         </variable>
 187
 188         <variable id="boot_address" type="email">
 189           <name>Boot Messages Address</name>
 190           <value>root+install-msgs@localhost.localdomain</value>
 191           <description>The API will notify this address when a problem
 192           occurs during node installation or boot.</description>
 193         </variable>
 194
 195         <variable id="mom_list_address" type="email">
 196           <name>Mom List Address</name>
 197           <value>root+mom@localhost.localdomain</value>
 198           <description>This address is used by operations staff
 199           to monitor Mom (formerly pl_mom) messages indicating
 200           excessive BW or memory usage by a slice.  Mom messages sent
 201           to slices will be cc'ed to this list so as not to clog
 202           the Support Address list.</description>
 203         </variable>
 204
 205         <variable id="slice_address" type="email">
 206           <name>Slice Address</name>
 207           <value>root+SLICE@localhost.localdomain</value>
 208           <description>This address template is used for sending
 209           e-mail notifications to slices. SLICE will be replaced with
 210           the name of the slice.</description>
 211         </variable>
 212       </variablelist>
 213     </category>
 214
 215     <category id="plc_db">
 216       <name>Database Server</name>
 217       <description>Database server definitions.</description>
 218
 219       <variablelist>
 220         <variable id="enabled" type="boolean">
 221           <name>Enabled</name>
 222           <value>true</value>
 223           <description>Enable the database server on this
 224           machine.</description>
 225         </variable>
 226
 227         <variable id="type" type="string">
 228           <name>Type</name>
 229           <value>postgresql</value>
 230           <description>The type of database server. Currently, only
 231           postgresql is supported.</description>
 232         </variable>
 233
 234         <variable id="host" type="hostname">
 235           <name>Hostname</name>
 236           <value>localhost.localdomain</value>
 237           <description>The fully qualified hostname of the database
 238           server.</description>
 239         </variable>
 240
 241         <variable id="ip" type="ip">
 242           <name>IP Address</name>
 243           <value/>
 244           <description>The IP address of the database server, if not
 245           resolvable.</description>
 246         </variable>
 247
 248         <variable id="port" type="int">
 249           <name>Port</name>
 250           <value>5432</value>
 251           <description>The TCP port number through which the database
 252           server should be accessed.</description>
 253         </variable>
 254
 255         <variable id="name" type="string">
 256           <name>Database Name</name>
 257           <value>planetlab5</value>
 258           <description>The name of the database to access.</description>
 259         </variable>
 260
 261         <variable id="user" type="string">
 262           <name>Database Username</name>
 263           <value>pgsqluser</value>
 264           <description>The username to use when accessing the
 265           database.</description>
 266         </variable>
 267
 268         <variable id="password" type="password">
 269           <name>Database Password</name>
 270           <value></value>
 271           <description>The password to use when accessing the
 272           database. If left blank, one will be
 273           generated.</description>
 274         </variable>
 275       </variablelist>
 276     </category>
 277
 278     <category id="plc_api">
 279       <name>API Server</name>
 280       <description>API (XML-RPC) server definitions.</description>
 281
 282       <variablelist>
 283         <variable id="enabled" type="boolean">
 284           <name>Enabled</name>
 285           <value>true</value>
 286           <description>Enable the API server on this
 287           machine.</description>
 288         </variable>
 289
 290         <variable id="debug" type="boolean">
 291           <name>Debug</name>
 292           <value>false</value>
 293           <description>Enable verbose API debugging. Do not enable on
 294           a production system!</description>
 295         </variable>
 296
 297         <variable id="host" type="hostname">
 298           <name>Hostname</name>
 299           <value>localhost.localdomain</value>
 300           <description>The fully qualified hostname of the API
 301           server.</description>
 302         </variable>
 303
 304         <variable id="ip" type="ip">
 305           <name>IP Address</name>
 306           <value/>
 307           <description>The IP address of the API server, if not
 308           resolvable.</description>
 309         </variable>
 310
 311         <variable id="ipod_subnet" type="ip">
 312           <name>IP Subnet</name>
 313           <value>127.0.0.1</value>
 314           <description>The IP Subnet for all API servers.
 315           Used to identify IPoD packet senders.</description>
 316         </variable>
 317
 318         <variable id="ipod_mask" type="ip">
 319           <name>IP Mask</name>
 320           <value>255.255.255.255</value>
 321           <description>The IP Mask that should be applied to incoming
 322           packets to match the IP Subnet for IPoD packets.</description>
 323         </variable>
 324
 325         <variable id="port" type="int">
 326           <name>Port</name>
 327           <value>443</value>
 328           <description>The TCP port number through which the API
 329           should be accessed.</description>
 330         </variable>
 331
 332         <variable id="path" type="string">
 333           <name>Path</name>
 334           <value>/PLCAPI/</value>
 335           <description>The base path of the API URL.</description>
 336         </variable>
 337
 338         <variable id="maintenance_user" type="string">
 339           <name>Maintenance User</name>
 340           <value>maint@localhost.localdomain</value>
 341           <description>The username of the maintenance account. This
 342           account is used by local scripts that perform automated
 343           tasks, and cannot be used for normal logins.</description>
 344         </variable>
 345
 346         <variable id="maintenance_password" type="password">
 347           <name>Maintenance Password</name>
 348           <value></value>
 349           <description>The password of the maintenance account. If
 350           left blank, one will be generated. We recommend that the
 351           password be changed periodically.</description>
 352         </variable>
 353
 354         <variable id="maintenance_sources" type="hostname">
 355           <name>Authorized Hosts</name>
 356           <value></value>
 357           <description>A space-separated list of IP addresses allowed
 358           to access the API through the maintenance account. The value
 359           of this variable is set automatically to allow only the API,
 360           web, and boot servers, and should not be
 361           changed.</description>
 362         </variable>
 363
 364         <!-- The following are not actually meant to be configurable
 365              as variables. The web interface should allow the file to
 366              be downloaded, or its contents replaced by a file upload,
 367              but the actual <value> shouldn't need to be changed.  -->
 368
 369         <variable id="ssl_key" type="file">
 370           <name>SSL Private Key</name>
 371           <value>/etc/planetlab/api_ssl.key</value>
 372           <description>The SSL private key to use for encrypting HTTPS
 373           traffic. If non-existent, one will be
 374           generated.</description>
 375         </variable>
 376
 377         <variable id="ssl_crt" type="file">
 378           <name>SSL Public Certificate</name>
 379           <value>/etc/planetlab/api_ssl.crt</value>
 380           <description>The corresponding SSL public certificate. By
 381           default, this certificate is self-signed. You may replace
 382           the certificate later with one signed by a root
 383           CA.</description>
 384         </variable>
 385
 386         <variable id="ca_ssl_crt" type="file">
 387           <name>Root CA SSL Public Certificate</name>
 388           <value>/etc/planetlab/api_ca_ssl.crt</value>
 389           <description>The certificate of the root CA, if any, that
 390           signed your server certificate. If your server certificate is
 391           self-signed, then this file is the same as your server
 392           certificate.</description>
 393         </variable>
 394       </variablelist>
 395     </category>
 396
 397     <category id="plc_www">
 398       <name>Web Server</name>
 399       <description>Web server definitions.</description>
 400
 401       <variablelist>
 402         <variable id="enabled" type="boolean">
 403           <name>Enabled</name>
 404           <value>true</value>
 405           <description>Enable the web server on this
 406           machine.</description>
 407         </variable>
 408
 409         <variable id="debug" type="boolean">
 410           <name>Debug</name>
 411           <value>false</value>
 412           <description>Enable debugging output on web pages. Do not
 413           enable on a production system!</description>
 414         </variable>
 415
 416         <variable id="host" type="hostname">
 417           <name>Hostname</name>
 418           <value>localhost.localdomain</value>
 419           <description>The fully qualified hostname of the web
 420           server.</description>
 421         </variable>
 422
 423         <variable id="ip" type="ip">
 424           <name>IP Address</name>
 425           <value/>
 426           <description>The IP address of the web server, if not
 427           resolvable.</description>
 428         </variable>
 429
 430         <variable id="port" type="int">
 431           <name>Port</name>
 432           <value>80</value>
 433           <description>The TCP port number through which the
 434           unprotected portions of the web site should be
 435           accessed.</description>
 436         </variable>
 437
 438         <variable id="ssl_port" type="int">
 439           <name>SSL Port</name>
 440           <value>443</value>
 441           <description>The TCP port number through which the protected
 442           portions of the web site should be accessed.</description>
 443         </variable>
 444
 445         <!-- The following are not actually meant to be configurable
 446              as variables. The web interface should allow the file to
 447              be downloaded, or its contents replaced by a file upload,
 448              but the actual <value> shouldn't need to be changed.  -->
 449
 450         <variable id="ssl_key" type="file">
 451           <name>SSL Private Key</name>
 452           <value>/etc/planetlab/www_ssl.key</value>
 453           <description>The SSL private key to use for encrypting HTTPS
 454           traffic. If non-existent, one will be
 455           generated.</description>
 456         </variable>
 457
 458         <variable id="ssl_crt" type="file">
 459           <name>SSL Public Certificate</name>
 460           <value>/etc/planetlab/www_ssl.crt</value>
 461           <description>The corresponding SSL public certificate for
 462           the HTTP server. By default, this certificate is
 463           self-signed. You may replace the certificate later with one
 464           signed by a root CA.</description>
 465         </variable>
 466
 467         <variable id="ca_ssl_crt" type="file">
 468           <name>Root CA SSL Public Certificate</name>
 469           <value>/etc/planetlab/www_ca_ssl.crt</value>
 470           <description>The certificate of the root CA, if any, that
 471           signed your server certificate. If your server certificate is
 472           self-signed, then this file is the same as your server
 473           certificate.</description>
 474         </variable>
 475       </variablelist>
 476     </category>
 477
 478     <category id="plc_boot">
 479       <name>Boot Server</name>
 480       <description>Boot server definitions. Multiple boot servers
 481       may be brought up for load balancing, but we recommend that a
 482       single DNS round-robin system be implemented so that the
 483       following variables are the same across all of
 484       them.</description>
 485
 486       <variablelist>
 487         <variable id="enabled" type="boolean">
 488           <name>Enabled</name>
 489           <value>true</value>
 490           <description>Enable the boot server on this
 491           machine.</description>
 492         </variable>
 493
 494         <variable id="host" type="hostname">
 495           <name>Hostname</name>
 496           <value>localhost.localdomain</value>
 497           <description>The fully qualified hostname of the boot
 498           server.</description>
 499         </variable>
 500
 501         <variable id="ip" type="ip">
 502           <name>IP Address</name>
 503           <value/>
 504           <description>The IP address of the boot server, if not
 505           resolvable.</description>
 506         </variable>
 507
 508         <variable id="port" type="int">
 509           <name>Port</name>
 510           <value>80</value>
 511           <description>The TCP port number through which the
 512           unprotected portions of the boot server should be
 513           accessed.</description>
 514         </variable>
 515
 516         <variable id="ssl_port" type="int">
 517           <name>SSL Port</name>
 518           <value>443</value>
 519           <description>The TCP port number through which the protected
 520           portions of the boot server should be
 521           accessed.</description>
 522         </variable>
 523
 524         <!-- The following are not actually meant to be configurable
 525              as variables. The web interface should allow the file to
 526              be downloaded, or its contents replaced by a file upload,
 527              but the actual <value> shouldn't need to be changed.  -->
 528
 529         <variable id="ssl_key" type="file">
 530           <name>SSL Private Key</name>
 531           <value>/etc/planetlab/boot_ssl.key</value>
 532           <description>The SSL private key to use for encrypting HTTPS
 533           traffic.</description>
 534         </variable>
 535
 536         <variable id="ssl_crt" type="file">
 537           <name>SSL Public Certificate</name>
 538           <value>/etc/planetlab/boot_ssl.crt</value>
 539           <description>The corresponding SSL public certificate for
 540           the HTTP server. By default, this certificate is
 541           self-signed. You may replace the certificate later with one
 542           signed by a root CA.</description>
 543         </variable>
 544
 545         <variable id="ca_ssl_crt" type="file">
 546           <name>Root CA SSL Public Certificate</name>
 547           <value>/etc/planetlab/boot_ca_ssl.crt</value>
 548           <description>The certificate of the root CA, if any, that
 549           signed your server certificate. If your server certificate is
 550           self-signed, then this file is the same as your server
 551           certificate.</description>
 552         </variable>
 553       </variablelist>
 554     </category>
 555
 556
 557     <category id="plc_planetflow">
 558       <name>PlanetFlow Service Configuration</name>
 559       <description>Planetflow service definitions used in the netflow slice. </description>
 560
 561       <variablelist>
 562         <variable id="host" type="hostname">
 563                 <name>Hostname</name>
 564                 <value>localhost.localdomain</value>
 565                 <description>The fully qualified hostname.</description>
 566         </variable>
 567       </variablelist>
 568     </category>
 569     <category id="plc_monitor">
 570       <name>Monitoring Service</name>
 571       <description>The Monitor service that tracks node availablity and repair.</description>
 572       <variablelist>
 573         <variable id="enabled" type="boolean">
 574           <name>Enabled</name>
 575           <value>false</value>
 576           <description>Enable on this machine.</description>
 577         </variable>
 578         <variable id="host" type="hostname">
 579           <name>Hostname</name>
 580           <value>localhost.localdomain</value>
 581           <description>The fully qualified hostname.</description>
 582         </variable>
 583         <variable id="ip" type="ip">
 584           <name>IP Address</name>
 585           <value></value>
 586           <description>The IP address of the monitor server.</description>
 587         </variable>
 588         <variable id="from_email" type="email">
 589           <name>Monitor Email Address</name>
 590           <value>root+monitor@localhost.localdomain</value>
 591           <description>All messages from Monitor will appear to come from this address.</description>
 592         </variable>
 593         <variable id="cc_email" type="email">
 594           <name>CC Email Address</name>
 595           <value>root+monitor@localhost.localdomain</value>
 596           <description>All messages from Monitor will be copied to this address.</description>
 597         </variable>
 598         <variable id="rt_queue" type="email">
 599           <name>Queue Name in RT for new messages</name>
 600           <value>support</value>
 601           <description>All messages from Monitor will be copied to this address.</description>
 602         </variable>
 603         <variable id="dbpassword" type="password">
 604           <name>Database Password</name>
 605           <value></value>
 606           <description>The password to use when accessing the
 607           database, Monitor user account in the local PLC.</description>
 608         </variable>
 609       </variablelist>
 610     </category>
 611     <category id="plc_rt">
 612       <name>RT Configuration</name>
 613       <description>RT</description>
 614       <variablelist>
 615         <variable id="enabled" type="boolean">
 616           <name>Enabled</name>
 617           <value>false</value>
 618           <description>Enable on this machine.</description>
 619         </variable>
 620         <variable id="host" type="hostname">
 621           <name>Hostname</name>
 622           <value>localhost.localdomain</value>
 623           <description>The fully qualified hostname.</description>
 624         </variable>
 625         <variable id="ip" type="ip">
 626           <name>IP Address</name>
 627           <value/>
 628           <description>The IP address of the RT server.</description>
 629         </variable>
 630         <variable id="web_user" type="string">
 631           <name>root</name>
 632           <value>root</value>
 633           <description>Username of a privileged user in RT who can create
 634                   tickets in the queue named PLC_MONITOR_RT_QUEUE.</description>
 635         </variable>
 636         <variable id="web_password" type="password">
 637           <name>password</name>
 638           <value>password</value>
 639           <description>Password for RT web user.</description>
 640         </variable>
 641         <variable id="dbpassword" type="password">
 642           <name>Database Password</name>
 643           <value></value>
 644           <description>Password to use when accessing the RT database.</description>
 645         </variable>
 646       </variablelist>
 647     </category>
 648   </variables>
 649
 650   <comps>
 651     <!-- deprecated - not used anymore - use .lst files instead -->
 652   </comps>
 653
 654 </configuration>