Revision 5e12acfe doc/rapi.rst
| b/doc/rapi.rst | ||
|---|---|---|
| 24 | 24 |
``/var/lib/ganeti/rapi/users``) on startup. Changes to the file will be |
| 25 | 25 |
read automatically. |
| 26 | 26 |
|
| 27 |
Each line consists of two or three fields separated by whitespace. The |
|
| 28 |
first two fields are for username and password. The third field is |
|
| 29 |
optional and can be used to specify per-user options. Currently, |
|
| 30 |
``write`` is the only option supported and enables the user to execute |
|
| 31 |
operations modifying the cluster. Lines starting with the hash sign |
|
| 32 |
(``#``) are treated as comments. |
|
| 27 |
Lines starting with the hash sign (``#``) are treated as comments. Each |
|
| 28 |
line consists of two or three fields separated by whitespace. The first |
|
| 29 |
two fields are for username and password. The third field is optional |
|
| 30 |
and can be used to specify per-user options (separated by comma without |
|
| 31 |
spaces). Available options: |
|
| 32 |
|
|
| 33 |
.. pyassert:: |
|
| 34 |
|
|
| 35 |
rapi.RAPI_ACCESS_ALL == set([ |
|
| 36 |
rapi.RAPI_ACCESS_WRITE, |
|
| 37 |
rapi.RAPI_ACCESS_READ, |
|
| 38 |
]) |
|
| 39 |
|
|
| 40 |
:pyeval:`rapi.RAPI_ACCESS_WRITE` |
|
| 41 |
Enables the user to execute operations modifying the cluster. Implies |
|
| 42 |
:pyeval:`rapi.RAPI_ACCESS_READ` access. |
|
| 43 |
:pyeval:`rapi.RAPI_ACCESS_READ` |
|
| 44 |
Allow access to operations querying for information. |
|
| 33 | 45 |
|
| 34 | 46 |
Passwords can either be written in clear text or as a hash. Clear text |
| 35 | 47 |
passwords may not start with an opening brace (``{``) or they must be
|
| ... | ... | |
| 51 | 63 |
# Hashed password for Jessica |
| 52 | 64 |
jessica {HA1}7046452df2cbb530877058712cf17bd4 write
|
| 53 | 65 |
|
| 66 |
# Monitoring can query for values |
|
| 67 |
monitoring {HA1}ec018ffe72b8e75bb4d508ed5b6d079c query
|
|
| 68 |
|
|
| 69 |
# A user who can query and write |
|
| 70 |
superuser {HA1}ec018ffe72b8e75bb4d508ed5b6d079c query,write
|
|
| 71 |
|
|
| 54 | 72 |
|
| 55 | 73 |
.. [#pwhash] Using the MD5 hash of username, realm and password is |
| 56 | 74 |
described in :rfc:`2617` ("HTTP Authentication"), sections 3.2.2.2
|
| ... | ... | |
| 1121 | 1139 |
|
| 1122 | 1140 |
Request information for connecting to instance's console. |
| 1123 | 1141 |
|
| 1124 |
Supports the following commands: ``GET``. |
|
| 1142 |
.. pyassert:: |
|
| 1143 |
|
|
| 1144 |
not (hasattr(rlib2.R_2_instances_name_console, "PUT") or |
|
| 1145 |
hasattr(rlib2.R_2_instances_name_console, "POST") or |
|
| 1146 |
hasattr(rlib2.R_2_instances_name_console, "DELETE")) |
|
| 1147 |
|
|
| 1148 |
Supports the following commands: ``GET``. Requires authentication with |
|
| 1149 |
one of the following options: |
|
| 1150 |
:pyeval:`utils.CommaJoin(rlib2.R_2_instances_name_console.GET_ACCESS)`. |
|
| 1125 | 1151 |
|
| 1126 | 1152 |
``GET`` |
| 1127 | 1153 |
~~~~~~~ |
| ... | ... | |
| 1640 | 1666 |
:pyeval:`utils.CommaJoin(constants.QR_VIA_RAPI)`. See the :doc:`query2 |
| 1641 | 1667 |
design document <design-query2>` for more details. |
| 1642 | 1668 |
|
| 1643 |
Supports the following commands: ``GET``, ``PUT``. |
|
| 1669 |
.. pyassert:: |
|
| 1670 |
|
|
| 1671 |
(rlib2.R_2_query.GET_ACCESS == rlib2.R_2_query.PUT_ACCESS and |
|
| 1672 |
not (hasattr(rlib2.R_2_query, "POST") or |
|
| 1673 |
hasattr(rlib2.R_2_query, "DELETE"))) |
|
| 1674 |
|
|
| 1675 |
Supports the following commands: ``GET``, ``PUT``. Requires |
|
| 1676 |
authentication with one of the following options: |
|
| 1677 |
:pyeval:`utils.CommaJoin(rlib2.R_2_query.GET_ACCESS)`. |
|
| 1644 | 1678 |
|
| 1645 | 1679 |
``GET`` |
| 1646 | 1680 |
~~~~~~~ |
Also available in: Unified diff