default=constants.SYSLOG_USAGE,
choices=["no", "yes", "only"])
+ family = ssconf.SimpleStore().GetPrimaryIPFamily()
+ # family will default to AF_INET if there is no ssconf file (e.g. when
+ # upgrading a cluster from 2.2 -> 2.3. This is intended, as Ganeti clusters
+ # <= 2.2 can not be AF_INET6
if daemon_name in constants.DAEMONS_PORTS:
default_bind_address = constants.IP4_ADDRESS_ANY
- family = ssconf.SimpleStore().GetPrimaryIPFamily()
- # family will default to AF_INET if there is no ssconf file (e.g. when
- # upgrading a cluster from 2.2 -> 2.3. This is intended, as Ganeti clusters
- # <= 2.2 can not be AF_INET6
if family == netutils.IP6Address.family:
default_bind_address = constants.IP6_ADDRESS_ANY
help=("Bind address (default: '%s')" %
default_bind_address),
default=default_bind_address, metavar="ADDRESS")
+ optionparser.add_option("-i", "--interface", dest="bind_interface",
+ help=("Bind interface"), metavar="INTERFACE")
if default_ssl_key is not None and default_ssl_cert is not None:
optionparser.add_option("--no-ssl", dest="ssl",
options, args = optionparser.parse_args()
+ if getattr(options, "bind_interface", None) is not None:
+ if options.bind_address != default_bind_address:
+ msg = ("Can't specify both, bind address (%s) and bind interface (%s)" %
+ (options.bind_address, options.bind_interface))
+ print >> sys.stderr, msg
+ sys.exit(constants.EXIT_FAILURE)
+ interface_ip_addresses = \
+ netutils.GetInterfaceIpAddresses(options.bind_interface)
+ if family == netutils.IP6Address.family:
+ if_addresses = interface_ip_addresses[constants.IP6_VERSION]
+ else:
+ if_addresses = interface_ip_addresses[constants.IP4_VERSION]
+ if len(if_addresses) < 1:
+ msg = "Failed to find IP for interface %s" % options.bind_interace
+ print >> sys.stderr, msg
+ sys.exit(constants.EXIT_FAILURE)
+ options.bind_address = if_addresses[0]
+
if getattr(options, "ssl", False):
ssl_paths = {
"certificate": options.ssl_cert,
Synopsis
--------
-**ganeti-noded** [-f] [-d] [-p *PORT*] [-b *ADDRESS*]
+**ganeti-noded** [-f] [-d] [-p *PORT*] [-b *ADDRESS*] [-i *INTERFACE*]
[--no-mlock] [--syslog] [--no-ssl] [-K *SSL_KEY_FILE*] [-C *SSL_CERT_FILE*]
DESCRIPTION
interfaces, by default. The port can be overridden by an entry in the
services database (usually ``/etc/services``) or by passing the ``-p``
option. The ``-b`` option can be used to specify the address to bind
-to (defaults to ``0.0.0.0``).
+to (defaults to ``0.0.0.0``); alternatively, the ``-i`` option can be
+used to specify the interface to bind do.
Ganeti noded communication is protected via SSL, with a key
generated at cluster init time. This can be disabled with the
Synopsis
--------
-| **ganeti-rapi** [-d] [-f] [-p *PORT] [-b *ADDRESS*]
+| **ganeti-rapi** [-d] [-f] [-p *PORT] [-b *ADDRESS*] [-i *INTERFACE*]
| [\--no-ssl] [-K *SSL_KEY_FILE*] [-C *SSL_CERT_FILE*]
| [\--require-authentication]
system services database, or if not defined, to port 5080 by default.
The port can be overridded by passing the ``-p`` option. The ``-b``
option can be used to specify the address to bind to (defaults to
-``0.0.0.0``).
+``0.0.0.0``); alternatively, the ``-i`` option can be used to specify
+the interface to bind do.
See the *Ganeti remote API* documentation for further information.