ADD
~~~
-| **add** [--readd] [-s *secondary\_ip*] [-g *nodegroup*]
-| [--master-capable=``yes|no``] [--vm-capable=``yes|no``]
-| [--node-parameters *ndparams*]
+| **add** [\--readd] [{-s|\--secondary-ip} *secondary\_ip*]
+| [{-g|\--node-group} *nodegroup*]
+| [\--master-capable=``yes|no``] [\--vm-capable=``yes|no``]
+| [\--node-parameters *ndparams*]
+| [\--disk-state *diskstate*]
+| [\--hypervisor-state *hvstate*]
| {*nodename*}
Adds the given node to the cluster.
forcibly join the specified host the cluster, not paying attention
to its current status (it could be already in a cluster, etc.)
-The ``-s`` is used in dual-home clusters and specifies the new node's
-IP in the secondary network. See the discussion in **gnt-cluster**(8)
-for more information.
+The ``-s (--secondary-ip)`` is used in dual-home clusters and
+specifies the new node's IP in the secondary network. See the
+discussion in **gnt-cluster**\(8) for more information.
In case you're readding a node after hardware failure, you can use
the ``--readd`` parameter. In this case, you don't need to pass the
drained and offline flags of the node will be cleared before
re-adding it.
-The ``--force-join`` option is to proceed with adding a node even if it already
-appears to belong to another cluster. This is used during cluster merging, for
-example.
+The ``-g (--node-group)`` option is used to add the new node into a
+specific node group, specified by UUID or name. If only one node group
+exists you can skip this option, otherwise it's mandatory.
-The ``-g`` is used to add the new node into a specific node group,
-specified by UUID or name. If only one node group exists you can
-skip this option, otherwise it's mandatory.
+The ``vm_capable``, ``master_capable``, ``ndparams``, ``diskstate`` and
+``hvstate`` options are described in **ganeti**\(7), and are used to set
+the properties of the new node.
-The ``vm_capable``, ``master_capable`` and ``ndparams`` options are
-described in **ganeti**(7), and are used to set the properties of the
-new node.
+The command performs some operations that change the state of the master
+and the new node, like copying certificates and starting the node daemon
+on the new node, or updating ``/etc/hosts`` on the master node. If the
+command fails at a later stage, it doesn't undo such changes. This
+should not be a problem, as a successful run of ``gnt-node add`` will
+bring everything back in sync.
+
+If the node was previously part of another cluster and still has daemons
+running, the ``node-cleanup`` tool can be run on the machine to be added
+to clean remains of the previous cluster from the node.
Example::
# gnt-node add -g group2 -s 192.0.2.9 node9.group2.example.com
-ADD-TAGS
-~~~~~~~~
-
-**add-tags** [--from *file*] {*nodename*} {*tag*...}
-
-Add tags to the given node. If any of the tags contains invalid
-characters, the entire operation will abort.
-
-If the ``--from`` option is given, the list of tags will be
-extended with the contents of that file (each line becomes a tag).
-In this case, there is not need to pass tags on the command line
-(if you do, both sources will be used). A file name of - will be
-interpreted as stdin.
-
EVACUATE
~~~~~~~~
-**evacuate** [-f] [--early-release] [--iallocator *NAME* \|
---new-secondary *destination\_node*] {*node*...}
+| **evacuate** [-f] [\--early-release] [\--submit]
+| [{-I|\--iallocator} *NAME* \| {-n|\--new-secondary} *destination\_node*]
+| [{-p|\--primary-only} \| {-s|\--secondary-only} ]
+| {*node*}
-This command will move all secondary instances away from the given
-node(s). It works only for instances having a drbd disk template.
+This command will move instances away from the given node. If
+``--primary-only`` is given, only primary instances are evacuated, with
+``--secondary-only`` only secondaries. If neither is given, all
+instances are evacuated. It works only for instances having a drbd disk
+template.
The new location for the instances can be specified in two ways:
-- as a single node for all instances, via the ``--new-secondary``
+- as a single node for all instances, via the ``-n (--new-secondary)``
option
-- or via the ``--iallocator`` option, giving a script name as
- parameter, so each instance will be in turn placed on the (per the
- script) optimal node
-
+- or via the ``-I (--iallocator)`` option, giving a script name as
+ parameter (or ``.`` to use the default allocator), so each instance
+ will be in turn placed on the (per the script) optimal node
The ``--early-release`` changes the code so that the old storage on
node being evacuated is removed early (before the resync is
node is known to be fine (thus we won't need the old storage for
potential recovery).
+Note that this command is equivalent to using per-instance commands for
+each affected instance individually:
+
+- ``--primary-only`` is equivalent to ``gnt-instance
+ failover/migration`` for non-DRBD instances, but for DRBD instances
+ it's different, and usually is a slow process (it will change the
+ primary to another node while keeping the secondary, this requiring
+ data copies, whereas failover/migrate will only toggle the
+ primary/secondary roles, a fast process)
+- ``--secondary-only`` is equivalent to ``gnt-instance replace-disks``
+ in the secondary node change mode (only valid for DRBD instances)
+- when neither of the above is done a combination of the two cases is run
+
+See **ganeti**\(7) for a description of ``--submit`` and other common
+options.
+
Example::
- # gnt-node evacuate -I dumb node3.example.com
+ # gnt-node evacuate -I hail node3.example.com
FAILOVER
~~~~~~~~
-**failover** [-f] [--ignore-consistency] {*node*}
+**failover** [-f] [\--ignore-consistency] {*node*}
This command will fail over all instances having the given node as
primary to their secondary nodes. This works only for instances having
~~~~
| **list**
-| [--no-headers] [--separator=*SEPARATOR*]
-| [--units=*UNITS*] [-v] [-o *[+]FIELD,...*]
+| [\--no-headers] [\--separator=*SEPARATOR*]
+| [\--units=*UNITS*] [-v] [{-o|\--output} *[+]FIELD,...*]
+| [\--filter]
| [node...]
Lists the nodes in the cluster.
give inconsistent results for the free disk/memory.
The ``-v`` option activates verbose mode, which changes the display of
-special field states (see **ganeti(7)**).
+special field states (see **ganeti**\(7)).
-The ``-o`` option takes a comma-separated list of output fields.
-The available fields and their meaning are:
+The ``-o (--output)`` option takes a comma-separated list of output
+fields. The available fields and their meaning are:
@QUERY_FIELDS_NODE@
If the value of the option starts with the character ``+``, the new
-fields will be added to the default list. This allows to quickly
+fields will be added to the default list. This allows one to quickly
see the default list plus a few other fields, instead of retyping
the entire list of fields.
-Note that some of this fields are known from the configuration of
-the cluster (e.g. name, pinst, sinst, pip, sip and thus the master
-does not need to contact the node for this data (making the listing
-fast if only fields from this set are selected), whereas the other
-fields are "live" fields and we need to make a query to the cluster
-nodes.
-
-Depending on the virtualization type and implementation details,
-the mtotal, mnode and mfree may have slighly varying meanings. For
-example, some solutions share the node memory with the pool of
-memory used for instances (KVM), whereas others have separate
+Note that some of these fields are known from the configuration of the
+cluster (e.g. ``name``, ``pinst``, ``sinst``, ``pip``, ``sip``) and thus
+the master does not need to contact the node for this data (making the
+listing fast if only fields from this set are selected), whereas the
+other fields are "live" fields and require a query to the cluster nodes.
+
+Depending on the virtualization type and implementation details, the
+``mtotal``, ``mnode`` and ``mfree`` fields may have slightly varying
+meanings. For example, some solutions share the node memory with the
+pool of memory used for instances (KVM), whereas others have separate
memory for the node and for the instances (Xen).
+If exactly one argument is given and it appears to be a query filter
+(see **ganeti**\(7)), the query result is filtered accordingly. For
+ambiguous cases (e.g. a single field name as a filter) the ``--filter``
+(``-F``) option forces the argument to be treated as a filter (e.g.
+``gnt-node list -F master_candidate``).
+
If no node names are given, then all nodes are queried. Otherwise,
only the given nodes will be listed.
+LIST-DRBD
+~~~~~~~~~
+
+**list-drbd** [\--no-headers] [\--separator=*SEPARATOR*] node
+
+Lists the mapping of DRBD minors for a given node. This outputs a static
+list of fields (it doesn't accept the ``--output`` option), as follows:
+
+``Node``
+ The (full) name of the node we are querying
+``Minor``
+ The DRBD minor
+``Instance``
+ The instance the DRBD minor belongs to
+``Disk``
+ The disk index that the DRBD minor belongs to
+``Role``
+ Either ``primary`` or ``secondary``, denoting the role of the node for
+ the instance (note: this is not the live status of the DRBD device,
+ but the configuration value)
+``PeerNode``
+ The node that the minor is connected to on the other end
+
+This command can be used as a reverse lookup (from node and minor) to a
+given instance, which can be useful when debugging DRBD issues.
+
+Note that this command queries Ganeti via **ganeti-confd**\(8), so
+it won't be available if support for ``confd`` has not been enabled at
+build time; furthermore, in Ganeti 2.6 this is only available via the
+Haskell version of confd (again selected at build time).
+
LIST-FIELDS
~~~~~~~~~~~
Lists available fields for nodes.
-LIST-TAGS
-~~~~~~~~~
-
-**list-tags** {*nodename*}
-
-List the tags of the given node.
-
MIGRATE
~~~~~~~
-**migrate** [-f] [--non-live] [--migration-mode=live\|non-live]
-{*node*}
+| **migrate** [-f] [\--non-live] [\--migration-mode=live\|non-live]
+| [\--ignore-ipolicy] [\--submit] {*node*}
This command will migrate all instances having the given node as
primary to their secondary nodes. This works only for instances
having a drbd disk template.
As for the **gnt-instance migrate** command, the options
-``--no-live`` and ``--migration-mode`` can be given to influence
-the migration type.
+``--no-live``, ``--migration-mode`` and ``--no-runtime-changes``
+can be given to influence the migration type.
+
+If ``--ignore-ipolicy`` is given any instance policy violations
+occurring during this operation are ignored.
+
+See **ganeti**\(7) for a description of ``--submit`` and other common
+options.
Example::
MODIFY
~~~~~~
-| **modify** [-f] [--submit]
-| [--master-candidate=``yes|no``] [--drained=``yes|no``] [--offline=``yes|no``]
-| [--master-capable=``yes|no``] [--vm-capable=``yes|no``] [--auto-promote]
-| [-s *secondary_ip*]
-| [--node-parameters *ndparams*]
-| [--node-powered=``yes|no``]
+| **modify** [-f] [\--submit]
+| [{-C|\--master-candidate} ``yes|no``]
+| [{-D|\--drained} ``yes|no``] [{-O|\--offline} ``yes|no``]
+| [\--master-capable=``yes|no``] [\--vm-capable=``yes|no``] [\--auto-promote]
+| [{-s|\--secondary-ip} *secondary_ip*]
+| [\--node-parameters *ndparams*]
+| [\--node-powered=``yes|no``]
+| [\--hypervisor-state *hvstate*]
+| [\--disk-state *diskstate*]
| {*node*}
This command changes the role of the node. Each options takes
either a literal yes or no, and only one option should be given as
yes. The meaning of the roles and flags are described in the
-manpage **ganeti**(7).
+manpage **ganeti**\(7).
-``--node-powered`` can be used to modify state-of-record if it doesn't reflect
-the reality anymore.
+The option ``--node-powered`` can be used to modify state-of-record if
+it doesn't reflect the reality anymore.
In case a node is demoted from the master candidate role, the
operation will be refused unless you pass the ``--auto-promote``
# gnt-node modify --offline=yes node1.example.com
-The ``-s`` can be used to change the node's secondary ip. No drbd
-instances can be running on the node, while this operation is
-taking place.
+The ``-s (--secondary-ip)`` option can be used to change the node's
+secondary ip. No drbd instances can be running on the node, while this
+operation is taking place. Remember that the secondary ip must be
+reachable from the master secondary ip, when being changed, so be sure
+that the node has the new IP already configured and active. In order to
+convert a cluster from single homed to multi-homed or vice versa
+``--force`` is needed as well, and the target node for the first change
+must be the master.
+
+See **ganeti**\(7) for a description of ``--submit`` and other common
+options.
Example (setting the node back to online and master candidate)::
# gnt-node remove node5.example.com
-REMOVE-TAGS
-~~~~~~~~~~~
-
-**remove-tags** [--from *file*] {*nodename*} {*tag*...}
-
-Remove tags from the given node. If any of the tags are not
-existing on the node, the entire operation will abort.
-
-If the ``--from`` option is given, the list of tags to be removed will
-be extended with the contents of that file (each line becomes a tag).
-In this case, there is not need to pass tags on the command line (if
-you do, tags from both sources will be removed). A file name of - will
-be interpreted as stdin.
-
VOLUMES
~~~~~~~
-| **volumes** [--no-headers] [--human-readable]
-| [--separator=*SEPARATOR*] [--output=*FIELDS*]
+| **volumes** [\--no-headers] [\--human-readable]
+| [\--separator=*SEPARATOR*] [{-o|\--output} *FIELDS*]
| [*node*...]
Lists all logical volumes and their physical disks from the node(s)
parsing by scripts. In both cases, the ``--units`` option can be
used to enforce a given output unit.
-The ``-o`` option takes a comma-separated list of output fields.
-The available fields and their meaning are:
+The ``-o (--output)`` option takes a comma-separated list of output
+fields. The available fields and their meaning are:
node
the node name on which the volume exists
LIST-STORAGE
~~~~~~~~~~~~
-| **list-storage** [--no-headers] [--human-readable]
-| [--separator=*SEPARATOR*] [--storage-type=*STORAGE\_TYPE*]
-| [--output=*FIELDS*]
+| **list-storage** [\--no-headers] [\--human-readable]
+| [\--separator=*SEPARATOR*] [\--storage-type=*STORAGE\_TYPE*]
+| [{-o|\--output} *FIELDS*]
| [*node*...]
Lists the available storage units and their details for the given
The ``--storage-type`` option can be used to choose a storage unit
type. Possible choices are lvm-pv, lvm-vg or file.
-The ``-o`` option takes a comma-separated list of output fields.
-The available fields and their meaning are:
+The ``-o (--output)`` option takes a comma-separated list of output
+fields. The available fields and their meaning are:
node
the node name on which the volume exists
MODIFY-STORAGE
~~~~~~~~~~~~~~
-**modify-storage** [``--allocatable=yes|no``]
-{*node*} {*storage-type*} {*volume-name*}
+| **modify-storage** [\--allocatable={yes|no}] [\--submit]
+| {*node*} {*storage-type*} {*volume-name*}
Modifies storage volumes on a node. Only LVM physical volumes can
be modified at the moment. They have a storage type of "lvm-pv".
REPAIR-STORAGE
~~~~~~~~~~~~~~
-**repair-storage** [--ignore-consistency] {*node*} {*storage-type*}
-{*volume-name*}
+| **repair-storage** [\--ignore-consistency] ]\--submit]
+| {*node*} {*storage-type*} {*volume-name*}
Repairs a storage volume on a node. Only LVM volume groups can be
repaired at this time. They have the storage type "lvm-vg".
-On LVM volume groups, **repair-storage** runs "vgreduce
---removemissing".
+On LVM volume groups, **repair-storage** runs ``vgreduce
+--removemissing``.
POWERCYCLE
~~~~~~~~~~
-**powercycle** [``--yes``] [``--force``] {*node*}
+**powercycle** [\--yes] [\--force] [\--submit] {*node*}
-This commands (tries to) forcefully reboot a node. It is a command
-that can be used if the node environemnt is broken, such that the
-admin can no longer login over ssh, but the Ganeti node daemon is
+This command (tries to) forcefully reboot a node. It is a command
+that can be used if the node environment is broken, such that the
+admin can no longer login over SSH, but the Ganeti node daemon is
still working.
Note that this command is not guaranteed to work; it depends on the
hypervisor how effective is the reboot attempt. For Linux, this
-command require that the kernel option CONFIG\_MAGIC\_SYSRQ is
+command requires the kernel option ``CONFIG_MAGIC_SYSRQ`` to be
enabled.
The ``--yes`` option can be used to skip confirmation, while the
``--force`` option is needed if the target node is the master
node.
+See **ganeti**\(7) for a description of ``--submit`` and other common
+options.
+
POWER
~~~~~
**power** [``--force``] [``--ignore-status``] [``--all``]
[``--power-delay``] on|off|cycle|status [*nodes*]
-This commands calls out to out-of-band management to change the power
-state of given node. With ``status`` you get the power status as
-reported by the out-of-band management script.
+This command calls out to out-of-band management to change the power
+state of given node. With ``status`` you get the power status as reported
+by the out-of-band management script.
+
+Note that this command will only work if the out-of-band functionality
+is configured and enabled on the cluster. If this is not the case,
+please use the **powercycle** command above.
Using ``--force`` you skip the confirmation to do the operation.
Currently this only has effect on ``off`` and ``cycle``. On those two
**health** [*nodes*]
-This commands calls out to out-pf-band management to ask for the health status
+This command calls out to out-of-band management to ask for the health status
of all or given nodes. The health contains the node name and then the items
element with their status in a ``item=status`` manner. Where ``item`` is script
specific and ``status`` can be one of ``OK``, ``WARNING``, ``CRITICAL`` or
``UNKNOWN``. Items with status ``WARNING`` or ``CRITICAL`` are logged and
annotated in the command line output.
+
+
+RESTRICTED-COMMAND
+~~~~~~~~~~~~~~~~~~
+
+| **restricted-command** [-M] [\--sync]
+| { -g *group* *command* | *command* *nodes*... }
+
+Executes a restricted command on the specified nodes. Restricted commands are
+not arbitrary, but must reside in
+``@SYSCONFDIR@/ganeti/restricted-commands`` on a node, either as a regular
+file or as a symlink. The directory must be owned by root and not be
+world- or group-writable. If a command fails verification or otherwise
+fails to start, the node daemon log must be consulted for more detailed
+information.
+
+Example for running a command on two nodes::
+
+ # gnt-node restricted-command mycommand \
+ node1.example.com node2.example.com
+
+The ``-g`` option can be used to run a command only on a specific node
+group, e.g.::
+
+ # gnt-node restricted-command -g default mycommand
+
+The ``-M`` option can be used to prepend the node name to all command
+output lines. ``--sync`` forces the opcode to acquire the node lock(s)
+in exclusive mode.
+
+Tags
+~~~~
+
+ADD-TAGS
+^^^^^^^^
+
+**add-tags** [\--from *file*] {*nodename*} {*tag*...}
+
+Add tags to the given node. If any of the tags contains invalid
+characters, the entire operation will abort.
+
+If the ``--from`` option is given, the list of tags will be
+extended with the contents of that file (each line becomes a tag).
+In this case, there is not need to pass tags on the command line
+(if you do, both sources will be used). A file name of - will be
+interpreted as stdin.
+
+LIST-TAGS
+^^^^^^^^^
+
+**list-tags** {*nodename*}
+
+List the tags of the given node.
+
+REMOVE-TAGS
+^^^^^^^^^^^
+
+**remove-tags** [\--from *file*] {*nodename*} {*tag*...}
+
+Remove tags from the given node. If any of the tags are not
+existing on the node, the entire operation will abort.
+
+If the ``--from`` option is given, the list of tags to be removed will
+be extended with the contents of that file (each line becomes a tag).
+In this case, there is not need to pass tags on the command line (if
+you do, tags from both sources will be removed). A file name of - will
+be interpreted as stdin.
+
+.. vim: set textwidth=72 :
+.. Local Variables:
+.. mode: rst
+.. fill-column: 72
+.. End: