2 <!DOCTYPE configuration PUBLIC "-//PlanetLab Central//DTD PLC configuration//EN" "configuration.dtd">
8 <description>Basic system variables. Be sure that the values of
9 these variables are the same across all machines in your
10 installation.</description>
13 <variable id="name" type="string">
15 <value>PlanetLab Test</value>
16 <description>The name of this PLC installation. It is used in
17 the name of the default system site (e.g., PlanetLab Central)
18 and in the names of various administrative entities (e.g.,
19 PlanetLab Support).</description>
22 <variable id="slice_prefix" type="string">
23 <name>Slice Prefix</name>
25 <description>The abbreviated name of this PLC
26 installation. It is used as the prefix for system slices
27 (e.g., pl_conf). Warning: Currently, this variable should
28 not be changed.</description>
31 <variable id="root_user" type="password">
32 <name>Root Account</name>
33 <value>root@test.planet-lab.org</value>
34 <description>The name of the initial administrative
35 account. We recommend that this account be used only to create
36 additional accounts associated with real
37 administrators, then disabled.</description>
40 <variable id="root_password" type="password">
41 <name>Root Password</name>
43 <description>The password of the initial administrative
44 account. Also the password of the root account on the Boot
48 <!-- The following are not actually meant to be configurable
49 as variables. The web interface should allow the file to
50 be downloaded, or its contents replaced by a file upload,
51 but the actual <value> shouldn't need to be changed. -->
53 <variable id="root_ssh_key_pub" type="file">
54 <name>Root SSH Public Key</name>
55 <value>/etc/planetlab/root_ssh_key.pub</value>
56 <description>The SSH public key used to access the root
57 account on your nodes.</description>
60 <variable id="root_ssh_key" type="file">
61 <name>Root SSH Private Key</name>
62 <value>/etc/planetlab/root_ssh_key.rsa</value>
63 <description>The SSH private key used to access the root
64 account on your nodes.</description>
67 <variable id="debug_ssh_key_pub" type="file">
68 <name>Debug SSH Public Key</name>
69 <value>/etc/planetlab/debug_ssh_key.pub</value>
70 <description>The SSH public key used to access the root
71 account on your nodes when they are in Debug mode.</description>
74 <variable id="debug_ssh_key" type="file">
75 <name>Debug SSH Private Key</name>
76 <value>/etc/planetlab/debug_ssh_key.rsa</value>
77 <description>The SSH private key used to access the root
78 account on your nodes when they are in Debug mode.</description>
81 <variable id="root_gpg_key_pub" type="file">
82 <name>Root GPG Public Keyring</name>
83 <value>/etc/planetlab/pubring.gpg</value>
84 <description>The GPG public keyring used to sign the Boot
85 Manager and all node packages.</description>
88 <variable id="root_gpg_key" type="file">
89 <name>Root GPG Private Keyring</name>
90 <value>/etc/planetlab/secring.gpg</value>
91 <description>The SSH private key used to access the root
92 account on your nodes.</description>
97 <category id="plc_net">
99 <description>Network environment.</description>
102 <variable id="dns1" type="ip">
103 <name>Primary DNS Server</name>
104 <value>128.112.136.10</value>
105 <description>Primary DNS server address.</description>
108 <variable id="dns2" type="ip">
109 <name>Secondary DNS Server</name>
110 <value>128.112.136.12</value>
111 <description>Secondary DNS server address.</description>
116 <category id="plc_mail">
118 <description>Many maintenance scripts, as well as the API and
119 web site themselves, send e-mail notifications and
120 warnings.</description>
123 <variable id="enabled" type="boolean">
124 <name>Enable Mail</name>
126 <description>Set to false to suppress all e-mail notifications
127 and warnings.</description>
130 <variable id="support_address">
131 <name>Support Address</name>
132 <value>root@localhost</value>
133 <description>This address is used for support
134 requests. Support requests may include traffic complaints,
135 security incident reporting, web site malfunctions, and
136 general requests for information. We recommend that the
137 address be aliased to a ticketing system such as Request
138 Tracker.</description>
141 <variable id="boot_address">
142 <name>Boot Messages Address</name>
143 <value>root@localhost</value>
144 <description>The API will notify this address when a problem
145 occurs during node installation or boot. If a domain is not
146 specified, the default system domain will be used
152 <category id="plc_db">
153 <name>Database Server</name>
154 <description>Database server definitions.</description>
157 <variable id="enabled" type="boolean">
160 <description>Enable the database server on this
161 machine.</description>
164 <variable id="type" type="string">
166 <value>postgresql</value>
167 <description>The type of database server. Currently, only
168 postgresql is supported.</description>
171 <variable id="host" type="hostname">
172 <name>Hostname</name>
173 <value>localhost</value>
174 <description>The fully qualified hostname or IP address of
175 the database server. This hostname must be resolvable and
176 reachable by the rest of your installation.</description>
179 <variable id="port" type="int">
182 <description>The TCP port number through which the database
183 server should be accessed.</description>
186 <variable id="name" type="string">
187 <name>Database Name</name>
188 <value>planetlab3</value>
189 <description>The name of the database to access.</description>
192 <variable id="user" type="string">
193 <name>Database Username</name>
194 <value>pgsqluser</value>
195 <description>The username to use when accessing the
196 database.</description>
199 <variable id="password" type="password">
200 <name>Database Password</name>
202 <description>The password to use when accessing the
203 database. If left blank, one will be
204 generated.</description>
209 <category id="plc_api">
210 <name>API Server</name>
211 <description>API (XML-RPC) server definitions.</description>
214 <variable id="enabled" type="boolean">
217 <description>Enable the API server on this
218 machine.</description>
221 <variable id="debug" type="boolean">
224 <description>Enable verbose API debugging. Do not enable on
225 a production system!</description>
228 <variable id="host" type="hostname">
229 <name>Hostname</name>
230 <value>localhost</value>
231 <description>The fully qualified hostname or IP address of
232 the API server. This hostname must be resolvable and
233 reachable by the rest of your installation, as well as your
237 <variable id="port" type="int">
240 <description>The TCP port number through which the API
241 should be accessed. Warning: SSL (port 443) access is not
242 fully supported by the website code yet. We recommend that
243 port 80 be used for now and that the API server either run
244 on the same machine as the web server, or that they both be
245 on a secure wired network.</description>
248 <variable id="path" type="string">
250 <value>/PLCAPI/</value>
251 <description>The base path of the API URL.</description>
254 <variable id="maintenance_user" type="string">
255 <name>Maintenance User</name>
256 <value>maint@test.planet-lab.org</value>
257 <description>The username of the maintenance account. This
258 account is used by local scripts that perform automated
259 tasks, and cannot be used for normal logins.</description>
262 <variable id="maintenance_password" type="password">
263 <name>Maintenance Password</name>
265 <description>The password of the maintenance account. If
266 left blank, one will be generated. We recommend that the
267 password be changed periodically.</description>
270 <variable id="maintenance_sources" type="hostname">
271 <name>Authorized Hosts</name>
273 <description>A space-separated list of IP addresses allowed
274 to access the API through the maintenance account. The value
275 of this variable is set automatically to allow only the API,
276 web, and boot servers, and should not be
277 changed.</description>
280 <!-- The following are not actually meant to be configurable
281 as variables. The web interface should allow the file to
282 be downloaded, or its contents replaced by a file upload,
283 but the actual <value> shouldn't need to be changed. -->
285 <variable id="ssl_crt" type="file">
286 <name>SSL Certificate</name>
287 <value>/etc/planetlab/api_ssl.crt</value>
288 <description>The signed SSL certificate to use for HTTPS
289 access. If not specified or non-existent, a self-signed
290 certificate will be generated.</description>
293 <variable id="ssl_key" type="file">
295 <value>/etc/planetlab/api_ssl.key</value>
296 <description>The corresponding SSL private key used for
297 signing the certificate, and for signing slice tickets. If
298 not specified or non-existent, one will be
299 generated.</description>
302 <variable id="ssl_key_pub" type="file">
304 <value>/etc/planetlab/api_ssl.pub</value>
305 <description>The corresponding SSL public key. If not
306 specified or non-existent, one will be
307 generated.</description>
312 <category id="plc_www">
313 <name>Web Server</name>
314 <description>Web server definitions.</description>
317 <variable id="enabled" type="boolean">
320 <description>Enable the web server on this
321 machine.</description>
324 <variable id="debug" type="boolean">
327 <description>Enable debugging output on web pages. Do not
328 enable on a production system!</description>
331 <variable id="host" type="hostname">
332 <name>Hostname</name>
333 <value>localhost</value>
334 <description>The fully qualified hostname or IP address of
335 the web server. This hostname must be resolvable and
336 reachable by the rest of your installation, as well as your
340 <variable id="port" type="int">
343 <description>The TCP port number through which the
344 unprotected portions of the web site should be
345 accessed.</description>
348 <variable id="ssl_port" type="int">
349 <name>SSL Port</name>
351 <description>The TCP port number through which the protected
352 portions of the web site should be accessed.</description>
355 <!-- The following are not actually meant to be configurable
356 as variables. The web interface should allow the file to
357 be downloaded, or its contents replaced by a file upload,
358 but the actual <value> shouldn't need to be changed. -->
360 <variable id="ssl_crt" type="file">
361 <name>SSL Certificate</name>
362 <value>/etc/planetlab/www_ssl.crt</value>
363 <description>The signed SSL certificate to use for HTTPS
364 access. If not specified or non-existent, a self-signed
365 certificate will be generated.</description>
368 <variable id="ssl_key" type="file">
370 <value>/etc/planetlab/www_ssl.key</value>
371 <description>The corresponding SSL private key. If not
372 specified or non-existent, one will be
373 generated.</description>
378 <category id="plc_boot">
379 <name>Boot Server</name>
380 <description>Boot server definitions. Multiple boot servers
381 may be brought up for load balancing, but we recommend that a
382 single DNS round-robin system be implemented so that the
383 following variables are the same across all of
387 <variable id="enabled" type="boolean">
390 <description>Enable the boot server on this
391 machine.</description>
394 <variable id="host" type="hostname">
395 <name>Hostname</name>
396 <value>localhost</value>
397 <description>The fully qualified hostname or IP address of
398 the boot server. This hostname must be resolvable and
399 reachable by the rest of your installation, as well as your
403 <variable id="port" type="int">
406 <description>The TCP port number through which the
407 unprotected portions of the boot server should be
408 accessed.</description>
411 <variable id="ssl_port" type="int">
412 <name>SSL Port</name>
414 <description>The TCP port number through which the protected
415 portions of the boot server should be
416 accessed.</description>
419 <!-- The following are not actually meant to be configurable
420 as variables. The web interface should allow the file to
421 be downloaded, or its contents replaced by a file upload,
422 but the actual <value> shouldn't need to be changed. -->
424 <variable id="ssl_crt" type="binary">
425 <name>SSL Certificate</name>
426 <value>/etc/planetlab/boot_ssl.crt</value>
427 <description>The signed SSL certificate to use for HTTPS
428 access. If not specified, or non-existent a self-signed
429 certificate will be generated.</description>
432 <variable id="ssl_key" type="binary">
434 <value>/etc/planetlab/boot_ssl.key</value>
435 <description>The corresponding SSL private key. If not
436 specified or non-existent, one will be
437 generated.</description>
446 <name>PlanetLab Central</name>
447 <default>true</default>
448 <description>PlanetLab Central Packages</description>
449 <uservisible>true</uservisible>
451 <!-- Sending mail -->
452 <packagereq type="mandatory">sendmail</packagereq>
453 <packagereq type="mandatory">sendmail-cf</packagereq>
455 <!-- (Optional) Synchronizing with PLC -->
456 <packagereq type="mandatory">rsync</packagereq>
459 <packagereq type="mandatory">vixie-cron</packagereq>
461 <!-- Other utilities -->
462 <packagereq type="mandatory">cvs</packagereq>
463 <packagereq type="mandatory">curl</packagereq>
464 <packagereq type="mandatory">wget</packagereq>
466 <!-- yum >=2.2 uses a new repository format -->
467 <packagereq type="mandatory">createrepo</packagereq>
469 <!-- For mkpasswd -->
470 <packagereq type="mandatory">expect</packagereq>
472 <!-- For ssh-keygen -->
473 <packagereq type="mandatory">openssh</packagereq>
475 <!-- Almost all scripts are written in Python -->
476 <packagereq type="mandatory">python</packagereq>
478 <!-- For various Python scripts that access the API -->
479 <packagereq type="mandatory">plcapilib</packagereq>
481 <!-- Database server -->
482 <packagereq type="mandatory">postgresql</packagereq>
483 <packagereq type="mandatory">postgresql-server</packagereq>
484 <packagereq type="mandatory">postgresql-python</packagereq>
486 <!-- (Secure) web server -->
487 <packagereq type="mandatory">httpd</packagereq>
488 <packagereq type="mandatory">mod_ssl</packagereq>
490 <!-- Web pages are written primarily in PHP. A few pages still
491 access the DB directly. -->
492 <packagereq type="mandatory">php</packagereq>
493 <packagereq type="mandatory">php-pgsql</packagereq>
494 <packagereq type="mandatory">php-xmlrpc</packagereq>
496 <!-- Need GD for ImageCreate(), etc. -->
497 <packagereq type="mandatory">gd</packagereq>
498 <packagereq type="mandatory">php-gd</packagereq>
500 <!-- API server is implemented in mod_python -->
501 <packagereq type="mandatory">mod_python</packagereq>
503 <!-- API server uses a few non-standard packages -->
504 <packagereq type="mandatory">PyXML</packagereq>
506 <!-- API server uses SSL to sign tickets -->
507 <packagereq type="mandatory">xmlsec1</packagereq>
508 <packagereq type="mandatory">xmlsec1-openssl</packagereq>
509 <packagereq type="mandatory">openssl</packagereq>
511 <!-- bootcd is generated using mkisofs -->
512 <packagereq type="mandatory">mkisofs</packagereq>
514 <!-- bootcd and bootmanager images are signed using GPG -->
515 <packagereq type="mandatory">gnupg</packagereq>
517 <!-- bootmanager requires uuencode -->
518 <packagereq type="mandatory">sharutils</packagereq>