defs-example 14.5 KB
Newer Older
1 2 3
#
# This is an example definitions file for configure.
#
4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19
# This version has an entirely private address space; i.e., the servers
# and nodes cannot be accessed directly from the Internet.
# The control network looks like:
#
# Complete:            10.1.32/22
# "public" segment:      10.1.33/24
# "private" segment:     10.1.32/24
# "node control segment: 10.1.34/23 (aka: 10.1.34/24, 10.1.35/24)
#
# This configuration requires a router/firewall between the segments
# and providing access to the outside. The router interface addresses
# for each segment are 10.1.{32,33,34}.1.
#
# Use the --with-TBDEFS=filename to specify your own file.
# If you add a variable, be sure to go and update configure.in.
#
20
# ALL VARIABLES MUST BE DEFINED! DO NOT COMMENT OUT VARIABLES!
21 22
#

23 24
# The name of this installation
THISHOMEBASE=Example.Emulab.Net
25 26 27 28

#
# Various domain and host names
#
29 30 31
# NOTE: If a fully qualified hostname is used as an example, then
# be sure to use a fully qualified hostname! Do not use an IP. 
#
32

33
# Fully-qualified hostname of the our web server.
34
# This name should resolve to boss's IP address - though it can be a CNAME
35 36
WWWHOST=www.example.emulab.net

37
# Fully-qualified hostname of the boss node
38 39
BOSSNODE=boss.example.emulab.net

40
# Fully-qualified hostname of the ops (also called users) node
41 42
USERNODE=ops.example.emulab.net

43 44
# Fully-qualified hostname of the fileserver (will typically be the same
# as the ops node; ops.example.emulab.net)
45 46
FSNODE=fs.example.emulab.net

47 48 49 50 51 52 53 54 55 56 57
#
# Minimum Unix uid and gid values for Emulab users.
# Emulab will create the initial user with these values and all additional
# users will have values greater than these.  It would be unwise to make
# these less than 1000 to avoid conflicts with "standard" BSD and Linux
# users.  These can also be tweaked to avoid pre-existing accounts on the
# fileserver machine.
#
MIN_UNIX_UID=10000
MIN_UNIX_GID=6000

58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103
# 
# Addresses to which email will be sent - These are expected to go to mailing
# lists. You can either host the lists on your ops node, send them off to
# some external server. If you chose to run them from the ops node, the
# ops-install script sets up empty lists for you.
#

# Main address for the 'operations staff' - Copies of error messages, etc. will
# get sent to this address, and in some cases users are directed to this
# address if they have questions and/or problems.
TBOPSEMAIL=testbed-ops@example.emulab.net

# Notification of new projects requests get sent to this address for approval.
# Should have a few admin-types on it.
TBAPPROVALEMAIL=testbed-approval@example.emulab.net

# Logs, such as experiment creation/deletion go to this address. Probably no
# more than one person needs to be on this one.
TBLOGSEMAIL=testbed-logs@example.emulab.net

# Various auditing message about account maintenance go here. Again, probably
# only needs one member.
TBAUDITEMAIL=testbed-audit@example.emulab.net

# Some web reports get sent to this one.
TBWWWEMAIL=testbed-www@example.emulab.net

# Our node state management daemon sends mail to this address. Someone should
# be on this list, and reporting persistent error messages to Utah would be a
# good idea.
TBSTATEDEMAIL=testbed-stated@example.emulab.net

# We have a test suite to test the front end. This email is for the results
# of the testsuite, but is not used yet.
TBTESTSUITEEMAIL=testbed-testsuite@example.emulab.net

# We dynamically create two email addresses for notifications to users - one
# for all testbed users, and one for all users whose projects have active
# experiments. These addresses are included in the above lists, with the
# intent that they can be used to archive all mail sent to them.
TBUSERSARCHIVE=testbed-users-archive@example.emulab.net
TBACTIVEARCHIVE=testbed-active-users-archive@example.emulab.net

#
# Real paths (no symlinks) to the directories that get exported from ops
#
104 105 106 107 108 109 110 111
# FSDIR_SCRATCH is optional.  The intent is that it provides per-project
# space that is not "guaranteed" (for the Utah Emulab that means we do
# not back it up to tape).  If defined, you would either set no quotas,
# or higher quotas than for FSDIR_PROJ, on this filesystem.  If you are
# not providing guarantees and are not doing quotas, you might as well
# just put all your space in /proj and leave FSDIR_SCRATCH= blank.
#
FSDIR_GROUPS=/q/groups
112 113 114
FSDIR_PROJ=/q/proj
FSDIR_USERS=/users
FSDIR_SHARE=/share
115
FSDIR_SCRATCH=
116 117 118 119

#
# Filesystems on which quotas should be enforced.
# Note that if multiple of the FSDIR_* vars above are on the same filesystem
120
# (e.g., /q/proj and /q/groups) then you should only specify the base of the
121 122 123
# common filesystem on which they all reside here (e.g., /q).
# Set to the empty string to turn off quota checking.
#
124
FS_WITH_QUOTAS="/q /users"
125

126 127 128 129 130
#
# SSL Certificate stuff. Used to customize config files in ssl directory.
# Note that OrganizationalUnit is set in the cnf file.
# CommonName is typically set to BOSSNODE and emailAddress to TBOPSEMAIL
#
131 132 133
# The Country *must* be a two letter abbreviation.
# See: http://sustainablesources.com/resources/country-abbreviations/
#
134 135 136 137 138 139 140
SSLCERT_COUNTRY="US"
SSLCERT_STATE="Utah"
SSLCERT_LOCALITY="Salt Lake City"
SSLCERT_ORGNAME="Utah Network Testbed"

#
# Control network configuration stuff.
141
#
142 143 144 145 146 147 148 149 150 151
# Used primarily to generate initial named and dhcpd config files.
# See doc/setup-network.txt for definitions of the private, public and
# control segments.
#

#
# Boss and users node IP addresses on the control network.
# For boss this is an address on the private segment of the control net.
# For users this is an address on the public segment of the control net.
#
152 153
BOSSNODE_IP=10.1.32.70
USERNODE_IP=10.1.33.74
154
FSNODE_IP=$USERNODE_IP
155

156 157 158 159 160 161 162 163
#
# If your boss/ops nodes are multihomed (and typically, one of the
# networks is a public routable network, and the other is an internal
# unroutable network), then define the the external addresses here (and
# the internal addresses above).
#
EXTERNAL_BOSSNODE_IP=$BOSSNODE_IP
EXTERNAL_USERNODE_IP=$USERNODE_IP
Mike Hibler's avatar
Mike Hibler committed
164
EXTERNAL_FSNODE_IP=$EXTERNAL_USERNODE_IP
165

166
#
167 168 169 170 171 172 173
# Network definitions - see doc/setup-network.txt for a description of how
# we recommend laying out your network
#

#
# The overall control network range - this subnet should cover the
# CONTROL, PRIVATE, and PUBLIC networks below.
174
#
175 176 177
# The name server on the boss node will only respond to queries from nodes
# in this range and will only provide info about nodes in this range.
#
178
TESTBED_NETWORK=10.1.32.0
179
TESTBED_NETMASK=255.255.252.0
180

181 182 183
#
# As above, if you have internal and external networks, define the
# external network here, and the internal network above.
184 185 186 187 188 189 190
#
# The name server on the boss node will respond to queries from any node
# not in the testbed (i.e., not in TESTBED_NET{WORK,MASK}) and provide info
# about only nodes in this range. Thus if you want to advertise all nodes
# in your testbed to networks "upstream", define these the same as for
# TESTBED_NET{WORK,MASK}. If however you only want to expose your boss (ops)
# node, define it the same as PRIVATE_NET{WORK,MASK} (PUBLIC_NET{WORK,MASK}).
191 192 193 194
# 
EXTERNAL_TESTBED_NETWORK=$TESTBED_NETWORK
EXTERNAL_TESTBED_NETMASK=$TESTBED_NETMASK

195 196
#
# The node control network segment.
197
# The DHCP server on boss provides information about nodes in this range.
198
#
199 200 201
CONTROL_ROUTER_IP=10.1.34.1
CONTROL_NETWORK=10.1.34.0
CONTROL_NETMASK=255.255.254.0
202 203 204

#
# The private network segment.
205
# Where boss lives.
206
#
207 208
PRIVATE_NETWORK=10.1.32.0
PRIVATE_ROUTER=10.1.32.1
209 210 211 212
PRIVATE_NETMASK=255.255.255.0

#
# The public network segment.
213
# Where ops (users) and fs live.
214
#
215 216
PUBLIC_NETWORK=10.1.33.0
PUBLIC_ROUTER=10.1.33.1
217 218 219 220 221 222 223
PUBLIC_NETMASK=255.255.255.0

#
# A range of addresses within the node control network segment
# to use for new nodes being added to the testbed.
# You need at least one.
#
224
DHCPD_DYNRANGE="10.1.34.200 10.1.34.219"
225

226
#
227 228 229 230 231 232
# Fill in the nameservers for your campus network here - the nameserver on boss
# will forward requests for domains other than your own to these nameservers
# OR
# Leave this variable empty to have boss ignore any local nameservers and go
# straight to the roots itself. This is NOT recommended, as you won't get the
# benefit of local caches, and may be blocked on some campuses.
233 234 235
#
NAMED_FORWARDERS="1.1.1.1 1.1.2.1"

236
#
237 238
# Windows support. Turn this on if you think you might want to use WindowsXP
# or Windows7 images on your experimental nodes. Note though, that Utah cannot
239
# provide those images to you (because of obvious licensing issues), so it
240 241
# will be up to you to generate an image yourself and install the Emulab
# client side that enables Windows to work inside your testbed. Turning on
242 243 244 245 246 247 248
# Windows support will install and enable Samba on your ops node, so there 
# are firewall issues to be aware of (you want to block the appropriate ports
# so that your ops samba server can be accessed from *only* your control
# subnet!).
#
WINSUPPORT=0

249 250 251 252 253 254 255 256 257 258
#
# Additional Windows7-related variables. See:
#     http://users.emulab.net/trac/emulab/wiki/WindowsImageCreation
# for details.
#
WINDOWS_ORGNAME="Some Organization"
WINDOWS_OWNER="Some Owner"
WINDOWS_TIMEZONE="Mountain Standard Time"
WINDOWS_KEY_7PRO_X86=""

259 260 261 262 263 264
#
# Enable an NS verification path using a clean version of NS.
# There is no reason to disable this unless NS won't build on your ops node.
#
NSVERIFY=1

265 266 267 268 269 270 271 272 273 274
#
# Turn this on to disable exporting NFS filesystems to nodes.
# User home directories on all nodes will be local and unsynchronized in
# this case.  There will also be no access to a central /proj, /group or
# /share either.
#
NOSHAREDFS=0

#
# Set to one if you are using an NFS server that has an "exports race".
275 276 277 278 279 280 281 282 283 284 285 286 287
# FreeBSDs before 10.x have this condition. There is currently one workaround
# and one fix for this, both apply to the new NFS implementation and only
# in 9.x and 10.x as far as I know:
#
#  * The -S (suspend) option to mountd, integrated into 10.x (and 9.x
#    as of 11/2012), is a workaround that allows suspension of the NFS
#    server while the exports are changed.
#
#  * The new nfse (http://nfse.sourceforge.net/) atomic exports framework
#    for FreeBSD 10.
#
# Since we currently only support FreeBSD 8.x fileservers, we default this
# to one. Set it to zero if you are using one of the above.
288 289 290
#
NFSRACY=1

291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309
#
# Set to one if using the new DBI Perl interface to mysql. This should be
# set to one on all new installations involving FreeBSD 8.x and above.
# The packages associated with the emulab-boss-4.0 and beyond meta port
# install the necessary package for DBI support.
#
# Only set this to zero for old installations (emulab-boss-3.1 and before).
#
TBUSEDBI=1

#
# If set to one, this will serve tarballs, RPMs and blobs to be served
# from the web server on ops (aka, "fs" or "users") rather than from boss.
# This is more efficient since the tarballs/RPMs/blobs are stored on ops.
# This can be set to one for all emulab-stable and emulab-devel releases
# after 12/24/12.
#
SPEWFROMOPS=1

310 311 312 313 314 315 316 317 318 319 320 321
#
# Set the type of the console on nodes. This is used when customizing
# the MFSes at Emulab setup time and for customizing the image loaded
# on a node at experiment setup time.
#
# "sio"	 use the "com1" serial port
# "sio2" use the "com2" serial port
# "vga"  use the VGA device
# "null" don't use a console
#
NODECONSOLE="sio"

322
#
323 324 325
# Set this if you are running:
#	- Perl 5.8
#	- Perl 5.10 with SelfLoader version 1.18 or greater
326
#	- Perl 5.12 or beyond
327
# As of Jan 2011, this should include all Emulab installs (we apply a patch
328
# to Perl 5.10 and 5.12 to update the SelfLoader (patches/SelfLoader.patch).
329 330
# This enables serious runtime performance improvements.
#
331
SELFLOADER_DATA="__DATA__"
332

333 334
#
# Virtual node network configuration (if you don't want virtual nodes,
335
# just leave this as is).
336 337 338 339 340 341 342 343 344 345
#
# Needs at least a /16 network.  For a /16 the layout of an IP is:
#	X.Y.<pnode>.<vnode>
# where <pnode> is the physical host node and <vnode> is the virtual
# node on that host.  Both are between 1 and 254.  If you have more than
# 254 physical nodes then the assignment code will increment Y, meaning
# that you had better have larger than a /16 network.  If you are using
# the default 172.16/12, then you can have up to 16 * 254 physical hosts.
# If you want more than 254 vnodes per pnode, you are screwed.
#
346 347
# ********* DO NOT CHANGE THESE UNLESS YOU ASK UTAH FIRST! *********
#
348 349 350 351 352 353
VIRTNODE_NETWORK=172.16.0.0
VIRTNODE_NETMASK=255.240.0.0
# XXX compat
JAILIPBASE=$VIRTNODE_NETWORK
JAILIPMASK=$VIRTNODE_NETMASK

354
#
355 356 357 358 359
# Dynamic public addresses for virtual nodes.  Leave as "none" if you don't
# have public IP addresses to spare, otherwise define to an otherwise
# unused block of addresses that will be given out to virtual nodes asking
# for routable control net interfaces (instead of the VIRTNODE_NETWORK
# block they'd otherwise get).
360
#
361 362 363
VPUBADDR_BASE=none
VPUBADDR_BITLEN=none

364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382
#
# Selective disable of a couple of features.
#
# DISABLE_NAMED_SETUP	If you are not running a name server on your boss.
#			This will prevent you from using the virtual node
#			names (e.g., node1.eid.pid.<your-domain>).
#
# DISABLE_EXPORTS_SETUP	Prevent dynamic configuration of the exports file
#			on your "fs" node.  You will need to use this if
#			your fs node is not running FreeBSD or is otherwise
#			not under your control.  If you set this option, you
#			will need to ensure that ALL your Emulab filesystems
#			(e.g., /proj, /users) are exported to ALL your nodes.
#			This has obvious security implications and YOU REALLY
#			SHOULD NOT DO THIS. 
#
DISABLE_NAMED_SETUP=0
DISABLE_EXPORTS_SETUP=0

383 384 385 386 387 388 389 390 391 392 393 394 395 396 397
#
# Frisbee address/port parameters (and yes meant to spell it that way).
#
# FRISEBEEMCASTADDR	Starting multicast address to use. Each frisbeed
# 			download server instance gets a unique address.
# FRISEBEEMCASTPORT	Starting port for download and upload servers.
#			Each server gets a unique port number.
# FRISEBEENUMPORTS	When non-zero, limits the range of ports used for
# 			download/upload to MCASTPORT to MCASTPORT+NUMPORTS-1.
#			When zero, any port can be used.
#
FRISEBEEMCASTADDR="234.5.6"
FRISEBEEMCASTPORT=3564
FRISEBEENUMPORTS=0

398 399 400 401 402 403 404 405
#
# Some switches do not support the stack MIB. This means snmpit cannot
# set the port/duplex during swapin, so you are stuck at a particular
# bandwidth, and have to change them from the console. Set to 1 if
# your switch has no stack MIB.
#
NOSTACKMIB=0

406 407 408 409 410 411 412 413 414 415
#
# Only supported on the Mother Ship (emulab.net) right now.
#
WIKISUPPORT=0
BUGDBSUPPORT=0
MAILMANSUPPORT=0
CVSSUPPORT=0
CHATSUPPORT=0
NFSTRACESUPPORT=0
OPSDBSUPPORT=0
416 417 418 419 420

#
# Deprecated and should always be zero.
#
ARCHIVESUPPORT=0
421 422 423 424 425
SFSSUPPORT=0
PELABSUPPORT=0
PLABSUPPORT=0
PLAB_ROOTBALL="plabroot-18.tar.bz2"

426 427 428 429 430 431
#
# You shouldn't have to change anything below this point
#

TBADMINGROUP=tbadmin
TBDBNAME=tbdb
432
IPBASE=10
433 434
DELAYCAPACITY=2
DISABLE_NSE=1
435 436 437 438

# Sometimes the main page is down in a directory on WWWHOST
# No trailing '/'!
#WWW=www.example.emulab.net/emulab-www