forked from GENI-NSF/geni-tools
-
Notifications
You must be signed in to change notification settings - Fork 0
/
omni_config.sample
237 lines (183 loc) · 7.94 KB
/
omni_config.sample
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
# This is a sample Omni config file
# It tells Omni how to talk to various Clearinghouses.
# And by extension, which Experimenter credentials to use.
# Omni looks for this file in 4 locations, using the first found
# 1) The location given by the -c command line arg - as a full path
# 2) The -c command line arg as a file relative to ~/.gcf
# 3) omni_config in the current directory
# 4) ~/.gcf/omni_config
# Any given instance of omni makes calls to a framework
# (e.g., SFA, ProtoGENI, etc..) to create slices, get slice
# credentials, and to find a list of authorized aggregates.
# This file specifies the control frameworks that you are
# a member of and the users that you want to be able to login
# to your allocated resources (e.g., virtual machines)
[omni_defaults]
# This section is for updating Omni defaults without updating Omni.
# Values in agg_nick_cache take precedence over values in the
# user's omni_config.
# URL for the SCS server
# May be over-ridden using the commandline option --scsURL
# scs_url=https://geni-scs.net.internet2.edu:8443/geni/xmlrpc
# Default initial sliver expiration times
# done by aggregate type / category
# Numbers are in days
# def_sliver_expiration_utah = 5 # PG Utah and Utah DDC, not Utah IG
# def_sliver_expiration_ig = 90
# def_sliver_expiration_eg = 14
# def_sliver_expiration_gram = 7
# Specify the latest version of Omni released, and a message
# Expected format is "#,Message" EG: "2.8,Omni 2.8 was release 2/1/2015". No commas in the message.
# If a newer version is available, Omni will log a message at INFO level.
# latest_omni_version=2.7,Omni 2.7 was released 1/14/2014. See http://trac.gpolab.bbn.com/gcf
[omni]
# The default control framework for omni to use.
# Override on the commandline with -f argument.
# This should be the name of a section that you define below
# Note you could have multiple instances of the same type
# configured, EG for different MyPLC instances.
default_cf = my_gcf
# The slice_users argument in "CreateSliver". It uploads
# names and public ssh keys to allocated resources for login.
# Details on users should be defined in sections below
# users = Alice, Bob
# Over-ride the commandline setting of --useSliceMembers to force it True
# to force using slice members defined at a chapi style framework CH
# when creating accounts and installing SSH keys.
# Can also specify False to force ignoring those users.
# useslicemembers = True
# Over-ride the commandline setting of --ignoreConfigUsers to force it True
# ignoreconfigusers = True
# Omni will by default contact every Aggregate Manager listed
# by your control framework's registry/clearinghouse. If you would
# like to provide a specific list of aggregates to contact, do so
# here in a comma delimited list of of urls or nicknames defined later.
# e.g., a PL in Princeton AM, a PG in Utah AM, a test GCF AM, and
# an OpenFlow/Expedient AM in the GPO lab would be:
# aggregates = http://www.planet-lab.org:12347/, \
# https://www.emulab.net:12369/protogeni/xmlrpc/am, \
# http://myplc2.gpolab.bbn.com:8001/, \
# https://masada.gpolab.bbn.com:443/openflow/gapi/
# You can also tell Omni a single aggregate URL to contact, with the -a
# argument. In addition, rather than remembering the URL, you can define a
# nickname for the aggregate here. This is completely optional.
#------AM nicknames
# Omni defines a standard set of aggregate nicknames. These are retrieved periodically
# from http://trac.gpolab.bbn.com/gcf/raw-attachment/wiki/Omni/agg_nick_cache
# Put your custom aggregate nicknames here.
# To see all available nicknames try: omni.py nicknames
#
# Format :
# Nickname=URN, URL
# URN is optional
[aggregate_nicknames]
# boston=urn:publicid:IDN+instageni.gpolab.bbn.com+authority+cm,https://boss.instageni.gpolab.bbn.com:12369/protogeni/xmlrpc/am/2.0
#------RSpec nicknames
# When you call
# omni.py createsliver myslice myrspec
# omni will try to read 'myrspec' by interpreting it in the following order:
# 1. a URL or a file on the local filesystem
# 2. a nickname specified in the omni_config
# 3. a file in a location (file or url) defined as:
# <default_rspec_server>/<rspec_nickname>.<default_rspec_extension>
[rspec_nicknames]
# Format :
# Nickname= [location of RSpec file]
# myawesometopology = ~/.gcf/rspecs/myrspecfile.rspec
hellogeni = http://www.gpolab.bbn.com/experiment-support/HelloGENI/hellogeni.rspec
default_rspec_location = http://www.gpolab.bbn.com/experiment-support
default_rspec_extension = rspec
# ==================================
# Configure Control Frameworks here
# At least one framework section (sfa/pg/gcf/pgch/chapi) needs to be filled out
# and pointed to by default_cf
[my_sfa]
# Most of these fields can be found in an SFI configuration
# See: http://svn.planet-lab.org/wiki/SFAConfigurationGuide#ConfiguringSFITools
# The framework type (either sfa, pg, gcf, or chapi)
type=sfa
# HRN of your MyPLC or PLC (e.g., plc.princeton) site
# Available in the Issuer CN of your user cert in some form
authority=plc.bbn
# Your planetlab username
user=plc.bbn.jkarlin
# Your PL certificate (omni will offer to download it here if needed)
cert=~/.gcf/jkarlin.gid
# Your planetlab private key
key=~/.gcf/id_rsa_planetlab
# URLs of your PL registry and slice manager
# Be sure these are reachable
registry=http://www.planet-lab.org:12345
slicemgr=http://www.planet-lab.org:12347
[my_chapi]
# For use with the Uniform Federation API
type=chapi
# Authority part of the control framework's URN
authority=ch.geni.net
# Where the CH API server's Clearinghouse service is listening.
# This will be used to find the MA and SA
ch=https://ch.geni.net:8444/CH
# Optionally you may explicitly specify where the MA and SA are
# running, in which case the Clearinghouse service is not used
# to find them
ma=https://ch.geni.net/MA
sa=https://ch.geni.net/SA
cert=~/.gcf/alice-cert.pem
key=~/.gcf/alice-key.pem
# For debugging
verbose=false
# Some chapi Clearinghouses do not use projects
# Uncomment this line for such servers (such as emulab.net)
#useprojects=false
# Some chapi Clearinghouses require you supply a credential in calls
# Uncomment this line for such servers (such as emulab.net)
#needcred=true
# Does this Clearinghouse speak the Common Federation API v2?
# Default is false, so use v1
#speakv2=true
# You can specify the default project that you work in
# and avoid specifying it on the commandline
# default_project=MyProjectName
[my_gcf]
type=gcf
# Authority part of the control frameworks URN
authority=geni:gpo:gcf
# Where the gcf-ch server is listening
ch=https://localhost:8000
cert=~/.gcf/alice-cert.pem
key=~/.gcf/alice-key.pem
[my_pg]
type=pg
# For debugging
verbose=false
# The address of the PG clearinghouse. Here we use tha main CH in Utah,
# with authority name: emulab.net
ch=https://www.emulab.net:12369/protogeni/xmlrpc/ch
# The address of the PG slice authority. Here for comparison we show
# using a different slice authority for the PG authority
# www.uky.emulab.net
sa=https://www.uky.emulab.net:12369/protogeni/xmlrpc/sa
# When you log in to PG you can download your cert and key in 1 file.
# That combined .pem file can be used as both cert and key here.
cert=~/.gcf/encrypted.pem
key=~/.gcf/pgcert.pem
# ===================================
# Define users here.
# Per above, these are the users of the slices, to tell
# aggregates who care who will be logging in and how.
# See the CreateSliver API call.
[Alice]
# The URN given to Alice by her control framework
# EG run openssl x509 -in [user cert file] -text and
# look at the Subject Alternative Name URI.
# Take the bit after "URI:" and before the comma.
urn=urn:publicid:IDN+geni.net:gpo:gcf+user+alice
# The SSH public keys to install for Alice to allow
# Alice to log in to the allocated resource.
# Comma delimited list of SSH public key file names.
# Note that these could be keys for a list of collaborators,
# all of whom will get to log in to the same account.
keys=~/.gcf/alice.pub, ~/.gcf/alice2.pub
[Bob]
urn=urn:publicid:IDN+plc.bbn+user+bob
keys=~/.gcf/bob.pub