Revision f52cb680

b/man/ganeti-rapi.rst
1
ganeti-rapi(8) Ganeti | Version @GANETI_VERSION@
2
================================================
3

  
4
Name
5
----
6

  
7
ganeti-rapi - Ganeti remote API daemon
8

  
9
Synopsis
10
--------
11

  
12
**ganeti-rapi** [-d] [-f] [--no-ssl] [-K *SSL_KEY_FILE*] [-C
13
*SSL_CERT_FILE*]
14

  
15
DESCRIPTION
16
-----------
17

  
18
**ganeti-rapi** is the daemon providing a remote API for Ganeti
19
clusters.
20

  
21
It is automatically started on the master node, and by default it
22
uses SSL encryption. This can be disabled by passing the
23
``--no-ssl`` option, or alternatively the certificate used can be
24
changed via the ``-C`` option and the key via the ``-K`` option.
25

  
26
The daemon will listen to the "ganeti-rapi" tcp port, as listed in the
27
system services database, or if not defined, to port 5080 by default.
28

  
29
See the *Ganeti remote API* documentation for further information.
30

  
31
Requests are logged to ``@LOCALSTATEDIR@/log/ganeti/rapi-daemon.log``,
32
in the same format as for the node and master daemon.
33

  
34
ACCESS CONTROLS
35
---------------
36

  
37
All query operations are allowed without authentication. Only the
38
modification operations require authentication, in the form of basic
39
authentication.
40

  
41
The users and their rights are defined in a file named rapi_users,
42
located in the ``@LOCALSTATEDIR@/lib/ganeti`` directory. The users
43
should be listed one per line, in the following format::
44

  
45
    username password options
46

  
47
Currently the *options* field should equal the string ``write`` in
48
order to actually give write permission for the given users. Example::
49

  
50
    rclient   secret    write
51
    guest     testpw
52

  
53
The first user (*rclient*) has read-write rights, whereas the second
54
user (*guest*) only has read (query) rights, and as such is no
55
different than not using authentication at all.
56

  
57
More details (including on how to use hashed passwords) can be found
58
in the Ganeti documentation.

Also available in: Unified diff