1 | [DEFAULT] |
---|
2 | # The home directory of the access controller |
---|
3 | base: /usr/local/etc/fedd/access |
---|
4 | |
---|
5 | [globals] |
---|
6 | # Access controller identity |
---|
7 | cert_file: %(base)s/fedd.pem |
---|
8 | |
---|
9 | # Services as for the experiment controller |
---|
10 | services: 23231 |
---|
11 | |
---|
12 | [access] |
---|
13 | |
---|
14 | # syslog level |
---|
15 | log_level: debug |
---|
16 | |
---|
17 | # File that holds internal state between access controller boots |
---|
18 | access_state: %(base)s/deter_access.state |
---|
19 | |
---|
20 | # The file that maps from ABAC credentials to local user and project name. |
---|
21 | # Generated by tools, but human readable. |
---|
22 | accessdb: %(base)s/deter_abac_map |
---|
23 | |
---|
24 | # Directory where certificates identifying particular allocations are created |
---|
25 | certdir: %(base)s/certs |
---|
26 | |
---|
27 | # The ssh identity used to move software into experiments. Federated users |
---|
28 | # must allow this key access to their DETER accounts. |
---|
29 | ssh_privkey_file: %(base)s/fedd_rsa |
---|
30 | ssh_pubkey_file: %(base)s/fedd_rsa.pub |
---|
31 | |
---|
32 | # Same as the experiment controller values |
---|
33 | # create_debug: true |
---|
34 | #leave_tmpfiles: true |
---|
35 | |
---|
36 | # This is the correct value for an Emulab or DETER testbed |
---|
37 | type: local_emulab |
---|
38 | |
---|
39 | # ABAC configuration and directories |
---|
40 | auth_type: abac |
---|
41 | auth_dir: %(base)s/abac |
---|
42 | |
---|
43 | # URI at which to access the Emulab XMLRPC interface. Generally only the boss |
---|
44 | # node's DNS name needs to be |
---|
45 | boss: https://boss.isi.deterlab.net:3069/usr/testbed |
---|
46 | ops: users.isi.deterlab.net |
---|
47 | |
---|
48 | # Image to be loaded on portal nodes. Some version of FreeBSD is best. Modern |
---|
49 | # Lunixes also work. |
---|
50 | portal_image: FBSD7-STD |
---|
51 | |
---|
52 | # If the portals connect through a NAT, Uncomment this line and set the |
---|
53 | # parameter to either the DNS name of the externally routable address or the IP |
---|
54 | # address of that NAT. This is used to establish routing between portal nodes. |
---|
55 | # Portals behind a NAT will initiate all commmunications - so two NATted |
---|
56 | # portals cannot talk. |
---|
57 | # nat_portal: nat.isi.deterlab.net |
---|
58 | |
---|
59 | # Configurable federation setup commands. For the standard fedkit on a DETER, |
---|
60 | # these are correct. |
---|
61 | portal_startcommand: sudo -H /usr/bin/perl -I/usr/local/federation/lib /usr/local/federation/bin/combo.pl --use_file >& /tmp/bridge.log |
---|
62 | node_startcommand: sudo -H /usr/bin/perl -I/usr/local/federation/lib /usr/local/federation/bin/federate.pl >& /tmp/federate |
---|
63 | |
---|
64 | |
---|
65 | # DNS domain of the testbed |
---|
66 | domain: .isi.deterlab.net |
---|
67 | |
---|
68 | # Analogous to the experiment controller |
---|
69 | federation_software: /usr %(base)s/fedkit.tgz |
---|
70 | |
---|