1 <?xml version="1.0" encoding="utf-8"?>
4 Default PLC configuration file
6 Mark Huang <mlhuang@cs.princeton.edu>
7 Copyright (C) 2006 The Trustees of Princeton University
12 <!DOCTYPE configuration PUBLIC "-//PlanetLab Central//DTD PLC configuration//EN" "plc_config.dtd">
18 <description>Basic system variables. Be sure that the values of
19 these variables are the same across all machines in your
20 installation.</description>
23 <variable id="name" type="string">
25 <value>PlanetLab Test</value>
26 <description>The name of this PLC installation. It is used in
27 the name of the default system site (e.g., PlanetLab Central)
28 and in the names of various administrative entities (e.g.,
29 PlanetLab Support).</description>
32 <variable id="slice_prefix" type="string">
33 <name>Slice Prefix</name>
35 <description>The abbreviated name of this PLC
36 installation. It is used as the prefix for system slices
37 (e.g., pl_conf). Warning: Currently, this variable should
38 not be changed.</description>
41 <variable id="root_user" type="email">
42 <name>Root Account</name>
43 <value>root@test.planet-lab.org</value>
44 <description>The name of the initial administrative
45 account. We recommend that this account be used only to create
46 additional accounts associated with real
47 administrators, then disabled.</description>
50 <variable id="root_password" type="password">
51 <name>Root Password</name>
53 <description>The password of the initial administrative
54 account. Also the password of the root account on the Boot
58 <!-- The following are not actually meant to be configurable
59 as variables. The web interface should allow the file to
60 be downloaded, or its contents replaced by a file upload,
61 but the actual <value> shouldn't need to be changed. -->
63 <variable id="root_ssh_key_pub" type="file">
64 <name>Root SSH Public Key</name>
65 <value>/etc/planetlab/root_ssh_key.pub</value>
66 <description>The SSH public key used to access the root
67 account on your nodes.</description>
70 <variable id="root_ssh_key" type="file">
71 <name>Root SSH Private Key</name>
72 <value>/etc/planetlab/root_ssh_key.rsa</value>
73 <description>The SSH private key used to access the root
74 account on your nodes.</description>
77 <variable id="debug_ssh_key_pub" type="file">
78 <name>Debug SSH Public Key</name>
79 <value>/etc/planetlab/debug_ssh_key.pub</value>
80 <description>The SSH public key used to access the root
81 account on your nodes when they are in Debug mode.</description>
84 <variable id="debug_ssh_key" type="file">
85 <name>Debug SSH Private Key</name>
86 <value>/etc/planetlab/debug_ssh_key.rsa</value>
87 <description>The SSH private key used to access the root
88 account on your nodes when they are in Debug mode.</description>
91 <variable id="root_gpg_key_pub" type="file">
92 <name>Root GPG Public Keyring</name>
93 <value>/etc/planetlab/pubring.gpg</value>
94 <description>The GPG public keyring used to sign the Boot
95 Manager and all node packages.</description>
98 <variable id="root_gpg_key" type="file">
99 <name>Root GPG Private Keyring</name>
100 <value>/etc/planetlab/secring.gpg</value>
101 <description>The SSH private key used to access the root
102 account on your nodes.</description>
107 <category id="plc_net">
109 <description>Network environment.</description>
112 <variable id="dns1" type="ip">
113 <name>Primary DNS Server</name>
114 <value>128.112.136.10</value>
115 <description>Primary DNS server address.</description>
118 <variable id="dns2" type="ip">
119 <name>Secondary DNS Server</name>
120 <value>128.112.136.12</value>
121 <description>Secondary DNS server address.</description>
126 <category id="plc_mail">
128 <description>Many maintenance scripts, as well as the API and
129 web site themselves, send e-mail notifications and
130 warnings.</description>
133 <variable id="enabled" type="boolean">
134 <name>Enable Mail</name>
136 <description>Set to false to suppress all e-mail notifications
137 and warnings.</description>
140 <variable id="support_address" type="email">
141 <name>Support Address</name>
142 <value>root@localhost</value>
143 <description>This address is used for support
144 requests. Support requests may include traffic complaints,
145 security incident reporting, web site malfunctions, and
146 general requests for information. We recommend that the
147 address be aliased to a ticketing system such as Request
148 Tracker.</description>
151 <variable id="boot_address" type="email">
152 <name>Boot Messages Address</name>
153 <value>root@localhost</value>
154 <description>The API will notify this address when a problem
155 occurs during node installation or boot. If a domain is not
156 specified, the default system domain will be used
162 <category id="plc_db">
163 <name>Database Server</name>
164 <description>Database server definitions.</description>
167 <variable id="enabled" type="boolean">
170 <description>Enable the database server on this
171 machine.</description>
174 <variable id="type" type="string">
176 <value>postgresql</value>
177 <description>The type of database server. Currently, only
178 postgresql is supported.</description>
181 <variable id="host" type="hostname">
182 <name>Hostname</name>
183 <value>localhost</value>
184 <description>The fully qualified hostname or IP address of
185 the database server. This hostname must be resolvable and
186 reachable by the rest of your installation.</description>
189 <variable id="port" type="int">
192 <description>The TCP port number through which the database
193 server should be accessed.</description>
196 <variable id="name" type="string">
197 <name>Database Name</name>
198 <value>planetlab3</value>
199 <description>The name of the database to access.</description>
202 <variable id="user" type="string">
203 <name>Database Username</name>
204 <value>pgsqluser</value>
205 <description>The username to use when accessing the
206 database.</description>
209 <variable id="password" type="password">
210 <name>Database Password</name>
212 <description>The password to use when accessing the
213 database. If left blank, one will be
214 generated.</description>
219 <category id="plc_api">
220 <name>API Server</name>
221 <description>API (XML-RPC) server definitions.</description>
224 <variable id="enabled" type="boolean">
227 <description>Enable the API server on this
228 machine.</description>
231 <variable id="debug" type="boolean">
234 <description>Enable verbose API debugging. Do not enable on
235 a production system!</description>
238 <variable id="host" type="hostname">
239 <name>Hostname</name>
240 <value>localhost</value>
241 <description>The fully qualified hostname or IP address of
242 the API server. This hostname must be resolvable and
243 reachable by the rest of your installation, as well as your
247 <variable id="port" type="int">
250 <description>The TCP port number through which the API
251 should be accessed. Warning: SSL (port 443) access is not
252 fully supported by the website code yet. We recommend that
253 port 80 be used for now and that the API server either run
254 on the same machine as the web server, or that they both be
255 on a secure wired network.</description>
258 <variable id="path" type="string">
260 <value>/PLCAPI/</value>
261 <description>The base path of the API URL.</description>
264 <variable id="maintenance_user" type="string">
265 <name>Maintenance User</name>
266 <value>maint@test.planet-lab.org</value>
267 <description>The username of the maintenance account. This
268 account is used by local scripts that perform automated
269 tasks, and cannot be used for normal logins.</description>
272 <variable id="maintenance_password" type="password">
273 <name>Maintenance Password</name>
275 <description>The password of the maintenance account. If
276 left blank, one will be generated. We recommend that the
277 password be changed periodically.</description>
280 <variable id="maintenance_sources" type="hostname">
281 <name>Authorized Hosts</name>
283 <description>A space-separated list of IP addresses allowed
284 to access the API through the maintenance account. The value
285 of this variable is set automatically to allow only the API,
286 web, and boot servers, and should not be
287 changed.</description>
290 <!-- The following are not actually meant to be configurable
291 as variables. The web interface should allow the file to
292 be downloaded, or its contents replaced by a file upload,
293 but the actual <value> shouldn't need to be changed. -->
295 <variable id="ssl_crt" type="file">
296 <name>SSL Certificate</name>
297 <value>/etc/planetlab/api_ssl.crt</value>
298 <description>The signed SSL certificate to use for HTTPS
299 access. If not specified or non-existent, a self-signed
300 certificate will be generated.</description>
303 <variable id="ssl_key" type="file">
305 <value>/etc/planetlab/api_ssl.key</value>
306 <description>The corresponding SSL private key used for
307 signing the certificate, and for signing slice tickets. If
308 not specified or non-existent, one will be
309 generated.</description>
312 <variable id="ssl_key_pub" type="file">
314 <value>/etc/planetlab/api_ssl.pub</value>
315 <description>The corresponding SSL public key. If not
316 specified or non-existent, one will be
317 generated.</description>
322 <category id="plc_www">
323 <name>Web Server</name>
324 <description>Web server definitions.</description>
327 <variable id="enabled" type="boolean">
330 <description>Enable the web server on this
331 machine.</description>
334 <variable id="debug" type="boolean">
337 <description>Enable debugging output on web pages. Do not
338 enable on a production system!</description>
341 <variable id="host" type="hostname">
342 <name>Hostname</name>
343 <value>localhost</value>
344 <description>The fully qualified hostname or IP address of
345 the web server. This hostname must be resolvable and
346 reachable by the rest of your installation, as well as your
350 <variable id="port" type="int">
353 <description>The TCP port number through which the
354 unprotected portions of the web site should be
355 accessed.</description>
358 <variable id="ssl_port" type="int">
359 <name>SSL Port</name>
361 <description>The TCP port number through which the protected
362 portions of the web site should be accessed.</description>
365 <!-- The following are not actually meant to be configurable
366 as variables. The web interface should allow the file to
367 be downloaded, or its contents replaced by a file upload,
368 but the actual <value> shouldn't need to be changed. -->
370 <variable id="ssl_crt" type="file">
371 <name>SSL Certificate</name>
372 <value>/etc/planetlab/www_ssl.crt</value>
373 <description>The signed SSL certificate to use for HTTPS
374 access. If not specified or non-existent, a self-signed
375 certificate will be generated.</description>
378 <variable id="ssl_key" type="file">
380 <value>/etc/planetlab/www_ssl.key</value>
381 <description>The corresponding SSL private key. If not
382 specified or non-existent, one will be
383 generated.</description>
388 <category id="plc_boot">
389 <name>Boot Server</name>
390 <description>Boot server definitions. Multiple boot servers
391 may be brought up for load balancing, but we recommend that a
392 single DNS round-robin system be implemented so that the
393 following variables are the same across all of
397 <variable id="enabled" type="boolean">
400 <description>Enable the boot server on this
401 machine.</description>
404 <variable id="host" type="hostname">
405 <name>Hostname</name>
406 <value>localhost</value>
407 <description>The fully qualified hostname or IP address of
408 the boot server. This hostname must be resolvable and
409 reachable by the rest of your installation, as well as your
413 <variable id="port" type="int">
416 <description>The TCP port number through which the
417 unprotected portions of the boot server should be
418 accessed.</description>
421 <variable id="ssl_port" type="int">
422 <name>SSL Port</name>
424 <description>The TCP port number through which the protected
425 portions of the boot server should be
426 accessed.</description>
429 <!-- The following are not actually meant to be configurable
430 as variables. The web interface should allow the file to
431 be downloaded, or its contents replaced by a file upload,
432 but the actual <value> shouldn't need to be changed. -->
434 <variable id="ssl_crt" type="binary">
435 <name>SSL Certificate</name>
436 <value>/etc/planetlab/boot_ssl.crt</value>
437 <description>The signed SSL certificate to use for HTTPS
438 access. If not specified, or non-existent a self-signed
439 certificate will be generated.</description>
442 <variable id="ssl_key" type="binary">
444 <value>/etc/planetlab/boot_ssl.key</value>
445 <description>The corresponding SSL private key. If not
446 specified or non-existent, one will be
447 generated.</description>
456 <name>PlanetLab Central</name>
457 <default>true</default>
458 <description>PlanetLab Central Packages</description>
459 <uservisible>true</uservisible>
462 <packagereq type="mandatory">dev</packagereq>
464 <!-- kernel-vserver is intended for the vserver-reference, but
465 serves the same useful purpose for MyPLC, namely, to
466 Provide: kernel without actually installing anything. -->
467 <packagereq type="mandatory">kernel-vserver</packagereq>
469 <!-- Sending mail -->
470 <packagereq type="mandatory">sendmail</packagereq>
471 <packagereq type="mandatory">sendmail-cf</packagereq>
473 <!-- (Optional) Synchronizing with PLC -->
474 <packagereq type="mandatory">rsync</packagereq>
477 <packagereq type="mandatory">vixie-cron</packagereq>
479 <!-- Other utilities -->
480 <packagereq type="mandatory">cvs</packagereq>
481 <packagereq type="mandatory">curl</packagereq>
482 <packagereq type="mandatory">wget</packagereq>
483 <packagereq type="mandatory">less</packagereq>
484 <packagereq type="mandatory">gzip</packagereq>
485 <packagereq type="mandatory">bzip2</packagereq>
486 <packagereq type="mandatory">cpio</packagereq>
487 <packagereq type="mandatory">tar</packagereq>
488 <packagereq type="mandatory">diffutils</packagereq>
490 <!-- yum >=2.2 uses a new repository format -->
491 <packagereq type="mandatory">createrepo</packagereq>
492 <packagereq type="mandatory">yum</packagereq>
493 <packagereq type="mandatory">rpm</packagereq>
495 <!-- For mkpasswd -->
496 <packagereq type="mandatory">expect</packagereq>
498 <!-- For ssh-keygen -->
499 <packagereq type="mandatory">openssh</packagereq>
501 <!-- Almost all scripts are written in Python -->
502 <packagereq type="mandatory">python</packagereq>
504 <!-- For various Python scripts that access the API -->
505 <packagereq type="mandatory">plcapilib</packagereq>
507 <!-- Database server -->
508 <packagereq type="mandatory">postgresql</packagereq>
509 <packagereq type="mandatory">postgresql-server</packagereq>
510 <packagereq type="mandatory">postgresql-python</packagereq>
512 <!-- (Secure) web server -->
513 <packagereq type="mandatory">httpd</packagereq>
514 <packagereq type="mandatory">mod_ssl</packagereq>
516 <!-- Web pages are written primarily in PHP. A few pages still
517 access the DB directly. -->
518 <packagereq type="mandatory">php</packagereq>
519 <packagereq type="mandatory">php-pgsql</packagereq>
520 <packagereq type="mandatory">php-xmlrpc</packagereq>
522 <!-- Need GD for ImageCreate(), etc. -->
523 <packagereq type="mandatory">gd</packagereq>
524 <packagereq type="mandatory">php-gd</packagereq>
526 <!-- API server is implemented in mod_python -->
527 <packagereq type="mandatory">mod_python</packagereq>
529 <!-- API server uses a few non-standard packages -->
530 <packagereq type="mandatory">PyXML</packagereq>
532 <!-- API server uses SSL to sign tickets -->
533 <packagereq type="mandatory">xmlsec1</packagereq>
534 <packagereq type="mandatory">xmlsec1-openssl</packagereq>
535 <packagereq type="mandatory">openssl</packagereq>
537 <!-- Customizable Boot CD and Boot Manager packages -->
538 <packagereq type="mandatory">bootcd</packagereq>
539 <packagereq type="mandatory">bootmanager</packagereq>