1 | # This is a sample Omni config file |
---|
2 | # It tells Omni how to talk to various Clearinghouses. |
---|
3 | # And by extension, which Experimenter credentials to use. |
---|
4 | |
---|
5 | # Omni looks for this file in 4 locations, using the first found |
---|
6 | # 1) The location given by the -c command line arg - as a full path |
---|
7 | # 2) The -c command line arg as a file relative to ~/.gcf |
---|
8 | # 3) omni_config in the current directory |
---|
9 | # 4) ~/.gcf/omni_config |
---|
10 | |
---|
11 | # Any given instance of omni makes calls to a framework |
---|
12 | # (e.g., SFA, ProtoGENI, etc..) to create slices, get slice |
---|
13 | # credentials, and to find a list of authorized aggregates. |
---|
14 | # This file specifies the control frameworks that you are |
---|
15 | # a member of and the users that you want to be able to login |
---|
16 | # to your allocated resources (e.g., virtual machines) |
---|
17 | |
---|
18 | |
---|
19 | [omni] |
---|
20 | # The default control framework for omni to use. |
---|
21 | # Override on the commandline with -f argument. |
---|
22 | # This should be the name of a section that you define below |
---|
23 | # Note you could have multiple instances of the same type |
---|
24 | # configured, EG for different MyPLC instances. |
---|
25 | default_cf = my_gcf |
---|
26 | |
---|
27 | # The slice_users argument in "CreateSliver". It uploads |
---|
28 | # names and public ssh keys to allocated resources for login. |
---|
29 | # Details on users should be defined in sections below |
---|
30 | # users = Alice, Bob |
---|
31 | |
---|
32 | |
---|
33 | # Omni will by default contact every Aggregate Manager listed |
---|
34 | # by your control framework's registry/clearinghouse. If you would |
---|
35 | # like to provide a specific list of aggregates to contact, do so |
---|
36 | # here in a comma delimited list of of urls. |
---|
37 | # e.g., a PL in Princeton AM, a PG in Utah AM, a test GCF AM, and |
---|
38 | # an OpenFlow/Expedient AM in the GPO lab would be: |
---|
39 | # aggregates = http://www.planet-lab.org:12347/, \ |
---|
40 | # https://www.emulab.net/protogeni/xmlrpc/am, \ |
---|
41 | # http://myplc2.gpolab.bbn.com:8001/, \ |
---|
42 | # https://masada.gpolab.bbn.com:443/openflow/gapi/ |
---|
43 | |
---|
44 | # ================================== |
---|
45 | # Configure Control Frameworks here |
---|
46 | |
---|
47 | # At least one framework section (sfa/pg/gcf) needs to be filled out |
---|
48 | # and pointed to by default_cf |
---|
49 | |
---|
50 | |
---|
51 | [my_sfa] |
---|
52 | # Most of these fields can be found in an SFI configuration |
---|
53 | # See: http://svn.planet-lab.org/wiki/SFAConfigurationGuide#ConfiguringSFITools |
---|
54 | |
---|
55 | # The framework type (either sfa, pg, or gcf) |
---|
56 | type=sfa |
---|
57 | |
---|
58 | # HRN of your MyPLC or PLC (e.g., plc.princeton) site |
---|
59 | # Available in the Issuer CN of your user cert in some form |
---|
60 | authority=plc.bbn |
---|
61 | |
---|
62 | # Your planetlab username |
---|
63 | user=plc.bbn.jkarlin |
---|
64 | |
---|
65 | # Your PL certificate (omni will offer to download it here if needed) |
---|
66 | cert=~/.gcf/jkarlin.gid |
---|
67 | |
---|
68 | # Your planetlab private key |
---|
69 | key=~/.gcf/id_rsa_planetlab |
---|
70 | |
---|
71 | # URLs of your PL registry and slice manager |
---|
72 | # Be sure these are reachable |
---|
73 | registry=http://www.planet-lab.org:12345 |
---|
74 | slicemgr=http://www.planet-lab.org:12347 |
---|
75 | |
---|
76 | |
---|
77 | |
---|
78 | |
---|
79 | [my_gcf] |
---|
80 | type=gcf |
---|
81 | |
---|
82 | # Authority part of the control frameworks URN |
---|
83 | authority=geni:gpo:gcf |
---|
84 | |
---|
85 | # Where the gcf-ch server is listening |
---|
86 | ch=https://localhost:8000 |
---|
87 | |
---|
88 | cert=~/.gcf/alice-cert.pem |
---|
89 | key=~/.gcf/alice-key.pem |
---|
90 | |
---|
91 | |
---|
92 | |
---|
93 | [my_pg] |
---|
94 | type=pg |
---|
95 | # For debugging |
---|
96 | verbose=false |
---|
97 | # The address of the PG clearinghouse. Here we use tha main CH in Utah, |
---|
98 | # with authority name: emulab.net |
---|
99 | ch=https://www.emulab.net:443/protogeni/xmlrpc/ch |
---|
100 | |
---|
101 | # The address of the PG slice authority. Here for comparison we show |
---|
102 | # using a different slice authority for the PG authority |
---|
103 | # pgeni.gpolab.bbn.com |
---|
104 | sa=https://boss.pgeni.gpolab.bbn.com:443/protogeni/xmlrpc/sa |
---|
105 | |
---|
106 | # When you log in to PG you can download your cert and key in 1 file. |
---|
107 | # That combined .pem file can be used as both cert and key here. |
---|
108 | cert=~/.gcf/encrypted.pem |
---|
109 | key=~/.gcf/pgcert.pem |
---|
110 | |
---|
111 | |
---|
112 | # =================================== |
---|
113 | # Define users here. |
---|
114 | |
---|
115 | # Per above, these are the users of the slices, to tell |
---|
116 | # aggregates who care who will be logging in and how. |
---|
117 | # See the CreateSliver API call. |
---|
118 | |
---|
119 | |
---|
120 | |
---|
121 | [Alice] |
---|
122 | # The URN given to Alice by her control framework |
---|
123 | # EG run openssl x509 -in [user cert file] -text and |
---|
124 | # look at the Subject Alternative Name URI. |
---|
125 | # Take the bit after "URI:" and before the comma. |
---|
126 | urn=urn:publicid:IDN+geni.net:gpo:gcf+user+alice |
---|
127 | |
---|
128 | # The SSH public keys to install for Alice to allow |
---|
129 | # Alice to log in to the allocated resource. |
---|
130 | # Comma delimited list of SSH public key file names. |
---|
131 | # Note that these could be keys for a list of collaborators, |
---|
132 | # all of whom will get to log in to the same account. |
---|
133 | keys=~/.gcf/alice.pub, ~/.gcf/alice2.pub |
---|
134 | |
---|
135 | |
---|
136 | [Bob] |
---|
137 | urn=urn:publicid:IDN+plc.bbn+user+bob |
---|
138 | keys=~/.gcf/bob.pub |
---|