2 <!DOCTYPE configuration PUBLIC "-//PlanetLab Central//DTD PLC configuration//EN" "configuration.dtd">
8 <description>Basic system variables. Be sure that the values of
9 these variables are the same across all machines in your
10 installation.</description>
13 <variable id="name" type="string">
15 <value>PlanetLab Test</value>
16 <description>The name of this PLC installation. It is used in
17 the name of the default system site (e.g., PlanetLab Central)
18 and in the names of various administrative entities (e.g.,
19 PlanetLab Support).</description>
22 <variable id="slice_prefix" type="string">
23 <name>Slice Prefix</name>
25 <description>The abbreviated name of this PLC
26 installation. It is used as the prefix for system slices
27 (e.g., pl_conf). Warning: Currently, this variable should
28 not be changed once set.</description>
31 <variable id="root_user" type="password">
32 <name>Root Account</name>
33 <value>root@test.planet-lab.org</value>
34 <description>The name of the initial administrative
35 account. We recommend that this account be used only to create
36 additional accounts associated with real
37 administrators, then disabled.</description>
40 <variable id="root_password" type="password">
41 <name>Root Password</name>
43 <description>The password of the initial administrative
44 account. Also the password of the root account on the Boot
48 <!-- The following are not actually meant to be configurable
49 as variables. The web interface should allow the file to
50 be downloaded, or its contents replaced by a file upload,
51 but the actual <value> shouldn't need to be changed. -->
53 <variable id="root_ssh_key_pub" type="file">
54 <name>Root SSH Public Key</name>
55 <value>/etc/planetlab/root_ssh_key.pub</value>
56 <description>The SSH public key used to access the root
57 account on your nodes.</description>
60 <variable id="root_ssh_key" type="file">
61 <name>Root SSH Private Key</name>
62 <value>/etc/planetlab/root_ssh_key.rsa</value>
63 <description>The SSH private key used to access the root
64 account on your nodes.</description>
67 <variable id="debug_ssh_key_pub" type="file">
68 <name>Debug SSH Public Key</name>
69 <value>/etc/planetlab/debug_ssh_key.pub</value>
70 <description>The SSH public key used to access the root
71 account on your nodes when they are in Debug mode.</description>
74 <variable id="debug_ssh_key" type="file">
75 <name>Debug SSH Private Key</name>
76 <value>/etc/planetlab/debug_ssh_key.rsa</value>
77 <description>The SSH private key used to access the root
78 account on your nodes when they are in Debug mode.</description>
81 <variable id="root_gpg_key_pub" type="file">
82 <name>Root GPG Public Keyring</name>
83 <value>/etc/planetlab/pubring.gpg</value>
84 <description>The GPG public keyring used to sign the Boot
85 Manager and all node packages.</description>
88 <variable id="root_gpg_key" type="file">
89 <name>Root GPG Private Keyring</name>
90 <value>/etc/planetlab/secring.gpg</value>
91 <description>The SSH private key used to access the root
92 account on your nodes.</description>
97 <category id="plc_net">
99 <description>Network environment.</description>
102 <variable id="dns1" type="ip">
103 <name>Primary DNS Server</name>
104 <value>128.112.136.10</value>
105 <description>Primary DNS server address.</description>
108 <variable id="dns2" type="ip">
109 <name>Secondary DNS Server</name>
110 <value>128.112.136.12</value>
111 <description>Secondary DNS server address.</description>
116 <category id="plc_mail">
118 <description>Many maintenance scripts, as well as the API and
119 web site themselves, send e-mail notifications and
120 warnings.</description>
123 <variable id="enabled" type="boolean">
124 <name>Enable Mail</name>
126 <description>Set to false to suppress all e-mail notifications
127 and warnings.</description>
130 <variable id="support_address">
131 <name>Support Address</name>
132 <value>root@localhost</value>
133 <description>This address is used for support
134 requests. Support requests may include traffic complaints,
135 security incident reporting, web site malfunctions, and
136 general requests for information. We recommend that the
137 address be aliased to a ticketing system such as Request
138 Tracker.</description>
141 <variable id="boot_address">
142 <name>Boot Messages Address</name>
143 <value>root@localhost</value>
144 <description>The API will notify this address when a problem
145 occurs during node installation or boot. If a domain is not
146 specified, the default system domain will be used
152 <category id="plc_db">
153 <name>Database Server</name>
154 <description>Database server definitions.</description>
157 <variable id="enabled" type="boolean">
160 <description>Enable the database server on this
161 machine.</description>
164 <variable id="type" type="string">
166 <value>postgresql</value>
167 <description>The type of database server. Currently, only
168 postgresql is supported.</description>
171 <variable id="host" type="hostname">
172 <name>Hostname</name>
173 <value>localhost</value>
174 <description>The fully qualified hostname or IP address of
175 the database server. This hostname must be resolvable and
176 reachable by the rest of your installation.</description>
179 <variable id="name" type="string">
180 <name>Database Name</name>
181 <value>planetlab3</value>
182 <description>The name of the database to access.</description>
185 <variable id="user" type="string">
186 <name>Database Username</name>
187 <value>pgsqluser</value>
188 <description>The username to use when accessing the
189 database.</description>
192 <variable id="password" type="password">
193 <name>Database Password</name>
195 <description>The password to use when accessing the
196 database. If left blank, one will be
197 generated.</description>
202 <category id="plc_api">
203 <name>API Server</name>
204 <description>API (XML-RPC) server definitions.</description>
207 <variable id="enabled" type="boolean">
210 <description>Enable the API server on this
211 machine.</description>
214 <variable id="debug" type="boolean">
217 <description>Enable verbose API debugging. Do not enable on
218 a production system!</description>
221 <variable id="host" type="hostname">
222 <name>Hostname</name>
223 <value>localhost</value>
224 <description>The fully qualified hostname or IP address of
225 the API server. This hostname must be resolvable and
226 reachable by the rest of your installation, as well as your
230 <variable id="ssl_port" type="int">
233 <description>The TCP port number through which the API
234 should be accessed. Warning: SSL (port 443) access is not
235 fully supported by the website code yet. We recommend that
236 port 80 be used for now and that the API server either run
237 on the same machine as the web server, or that they both be
238 on a secure wired network.</description>
241 <variable id="path" type="string">
243 <value>/PLCAPI/</value>
244 <description>The base path of the API URL.</description>
247 <variable id="maintenance_user" type="string">
248 <name>Maintenance User</name>
249 <value>maint@test.planet-lab.org</value>
250 <description>The username of the maintenance account. This
251 account is used by local scripts that perform automated
252 tasks, and cannot be used for normal logins.</description>
255 <variable id="maintenance_password" type="password">
256 <name>Maintenance Password</name>
258 <description>The password of the maintenance account. If
259 left blank, one will be generated. We recommend that the
260 password be changed periodically.</description>
263 <variable id="maintenance_sources" type="hostname">
264 <name>Authorized Hosts</name>
266 <description>A space-separated list of IP addresses allowed
267 to access the API through the maintenance account. If left
268 blank, the API, web, and boot servers are
269 allowed.</description>
272 <!-- The following are not actually meant to be configurable
273 as variables. The web interface should allow the file to
274 be downloaded, or its contents replaced by a file upload,
275 but the actual <value> shouldn't need to be changed. -->
277 <variable id="ssl_crt" type="file">
278 <name>SSL Certificate</name>
279 <value>/etc/planetlab/api_ssl.crt</value>
280 <description>The signed SSL certificate to use for HTTPS
281 access. If not specified or non-existent, a self-signed
282 certificate will be generated.</description>
285 <variable id="ssl_key" type="file">
287 <value>/etc/planetlab/api_ssl.key</value>
288 <description>The corresponding SSL private key. If not
289 specified or non-existent, a self-signed certificate will be
290 generated.</description>
293 <variable id="ticket_key" type="file">
294 <name>Slice Ticket Private Key</name>
295 <value>/etc/planetlab/slice-ticket-key-nopass.pem</value>
296 <description>The private PEM key file used to sign slice
297 tickets.</description>
300 <variable id="ticket_key_pub" type="file">
301 <name>Slice Ticket Public Key</name>
302 <value>/etc/planetlab/slice-ticket-key-public.pem</value>
303 <description>The public PEM key file used to verify signed
304 slice tickets.</description>
309 <category id="plc_www">
310 <name>Web Server</name>
311 <description>Web server definitions.</description>
314 <variable id="enabled" type="boolean">
317 <description>Enable the web server on this
318 machine.</description>
321 <variable id="debug" type="boolean">
324 <description>Enable debugging output on web pages. Do not
325 enable on a production system!</description>
328 <variable id="host" type="hostname">
329 <name>Hostname</name>
330 <value>localhost</value>
331 <description>The fully qualified hostname or IP address of
332 the web server. This hostname must be resolvable and
333 reachable by the rest of your installation, as well as your
337 <variable id="port" type="int">
340 <description>The TCP port number through which the
341 unprotected portions of the web site should be
342 accessed.</description>
345 <variable id="ssl_port" type="int">
346 <name>SSL Port</name>
348 <description>The TCP port number through which the protected
349 portions of the web site should be accessed.</description>
352 <!-- The following are not actually meant to be configurable
353 as variables. The web interface should allow the file to
354 be downloaded, or its contents replaced by a file upload,
355 but the actual <value> shouldn't need to be changed. -->
357 <variable id="ssl_crt" type="file">
358 <name>SSL Certificate</name>
359 <value>/etc/planetlab/www_ssl.crt</value>
360 <description>The signed SSL certificate to use for HTTPS
361 access. If not specified or non-existent, a self-signed
362 certificate will be generated.</description>
365 <variable id="ssl_key" type="file">
367 <value>/etc/planetlab/www_ssl.key</value>
368 <description>The corresponding SSL private key. If not
369 specified or non-existent, a self-signed certificate will be
370 generated.</description>
375 <category id="plc_boot">
376 <name>Boot Server</name>
377 <description>Boot server definitions. Multiple boot servers
378 may be brought up for load balancing, but we recommend that a
379 single DNS round-robin system be implemented so that the
380 following variables are the same across all of
384 <variable id="enabled" type="boolean">
387 <description>Enable the boot server on this
388 machine.</description>
391 <variable id="host" type="hostname">
392 <name>Hostname</name>
393 <value>localhost</value>
394 <description>The fully qualified hostname or IP address of
395 the boot server. This hostname must be resolvable and
396 reachable by the rest of your installation, as well as your
400 <variable id="port" type="int">
403 <description>The TCP port number through which the
404 unprotected portions of the boot server should be
405 accessed.</description>
408 <variable id="ssl_port" type="int">
409 <name>SSL Port</name>
411 <description>The TCP port number through which the protected
412 portions of the boot server should be
413 accessed.</description>
416 <!-- The following are not actually meant to be configurable
417 as variables. The web interface should allow the file to
418 be downloaded, or its contents replaced by a file upload,
419 but the actual <value> shouldn't need to be changed. -->
421 <variable id="ssl_crt" type="binary">
422 <name>SSL Certificate</name>
423 <value>/etc/planetlab/boot_ssl.crt</value>
424 <description>The signed SSL certificate to use for HTTPS
425 access. If not specified, or non-existent a self-signed
426 certificate will be generated.</description>
429 <variable id="ssl_key" type="binary">
431 <value>/etc/planetlab/boot_ssl.key</value>
432 <description>The corresponding SSL private key. If not
433 specified or non-existent, a self-signed certificate will be
434 generated.</description>
443 <name>PlanetLab Central</name>
444 <default>true</default>
445 <description>PlanetLab Central Packages</description>
446 <uservisible>true</uservisible>
448 <!-- Sending mail -->
449 <packagereq type="mandatory">sendmail</packagereq>
450 <packagereq type="mandatory">sendmail-cf</packagereq>
452 <!-- (Optional) Synchronizing with PLC -->
453 <packagereq type="mandatory">rsync</packagereq>
456 <packagereq type="mandatory">vixie-cron</packagereq>
458 <!-- Other utilities -->
459 <packagereq type="mandatory">cvs</packagereq>
460 <packagereq type="mandatory">curl</packagereq>
461 <packagereq type="mandatory">wget</packagereq>
463 <!-- yum >=2.2 uses a new repository format -->
464 <packagereq type="mandatory">createrepo</packagereq>
466 <!-- For mkpasswd -->
467 <packagereq type="mandatory">expect</packagereq>
469 <!-- Almost all scripts are written in Python -->
470 <packagereq type="mandatory">python</packagereq>
472 <!-- For various Python scripts that access the API -->
473 <packagereq type="mandatory">plcapilib</packagereq>
475 <!-- Database server -->
476 <packagereq type="mandatory">postgresql</packagereq>
477 <packagereq type="mandatory">postgresql-server</packagereq>
478 <packagereq type="mandatory">postgresql-python</packagereq>
480 <!-- (Secure) web server -->
481 <packagereq type="mandatory">httpd</packagereq>
482 <packagereq type="mandatory">mod_ssl</packagereq>
484 <!-- Web pages are written primarily in PHP. A few pages still
485 access the DB directly. -->
486 <packagereq type="mandatory">php</packagereq>
487 <packagereq type="mandatory">php-pgsql</packagereq>
488 <packagereq type="mandatory">php-xmlrpc</packagereq>
490 <!-- Need GD for ImageCreate(), etc. -->
491 <packagereq type="mandatory">gd</packagereq>
492 <packagereq type="mandatory">php-gd</packagereq>
494 <!-- API server is implemented in mod_python -->
495 <packagereq type="mandatory">mod_python</packagereq>
497 <!-- API server uses a few non-standard packages -->
498 <packagereq type="mandatory">PyXML</packagereq>
500 <!-- API server uses SSL to sign tickets -->
501 <packagereq type="mandatory">xmlsec1</packagereq>
502 <packagereq type="mandatory">xmlsec1-openssl</packagereq>
503 <packagereq type="mandatory">openssl</packagereq>
505 <!-- bootcd is generated using mkisofs -->
506 <packagereq type="mandatory">mkisofs</packagereq>
508 <!-- bootcd and bootmanager images are signed using GPG -->
509 <packagereq type="mandatory">gnupg</packagereq>
511 <!-- bootmanager requires uuencode -->
512 <packagereq type="mandatory">sharutils</packagereq>