diff --git a/hooks/nova_cc_context.py b/hooks/nova_cc_context.py index 0e31839c..2c178447 100644 --- a/hooks/nova_cc_context.py +++ b/hooks/nova_cc_context.py @@ -1,3 +1,5 @@ +import os + from charmhelpers.core.hookenv import ( config, relation_ids, @@ -329,4 +331,22 @@ class InstanceConsoleContext(context.OSContextGenerator): servers = [] ctxt['memcached_servers'] = ','.join(servers) + + # Configure nova-novncproxy https if nova-api is using https. + if https(): + cn = resolve_address(endpoint_type=INTERNAL) + if cn: + cert_filename = 'cert_{}'.format(cn) + key_filename = 'key_{}'.format(cn) + else: + cert_filename = 'cert' + key_filename = 'key' + + ssl_dir = '/etc/apache2/ssl/nova' + cert = os.path.join(ssl_dir, cert_filename) + key = os.path.join(ssl_dir, key_filename) + if os.path.exists(cert) and os.path.exists(key): + ctxt['ssl_cert'] = cert + ctxt['ssl_key'] = key + return ctxt diff --git a/templates/icehouse/nova.conf b/templates/icehouse/nova.conf index 9a43285d..a447e478 100644 --- a/templates/icehouse/nova.conf +++ b/templates/icehouse/nova.conf @@ -42,6 +42,8 @@ my_ip = {{ host_ip }} memcached_servers = {{ memcached_servers }} {% endif %} +{% include "parts/novnc" %} + {% if keystone_ec2_url -%} keystone_ec2_url = {{ keystone_ec2_url }} {% endif -%} diff --git a/templates/juno/nova.conf b/templates/juno/nova.conf index 274d5360..ef27c6d6 100644 --- a/templates/juno/nova.conf +++ b/templates/juno/nova.conf @@ -42,6 +42,8 @@ my_ip = {{ host_ip }} memcached_servers = {{ memcached_servers }} {% endif %} +{% include "parts/novnc" %} + {% if keystone_ec2_url -%} keystone_ec2_url = {{ keystone_ec2_url }} {% endif -%} diff --git a/templates/kilo/nova.conf b/templates/kilo/nova.conf index efa9e1ff..c8979e39 100644 --- a/templates/kilo/nova.conf +++ b/templates/kilo/nova.conf @@ -41,6 +41,8 @@ my_ip = {{ host_ip }} memcached_servers = {{ memcached_servers }} {% endif %} +{% include "parts/novnc" %} + {% if keystone_ec2_url -%} keystone_ec2_url = {{ keystone_ec2_url }} {% endif -%} diff --git a/templates/parts/novnc b/templates/parts/novnc new file mode 100644 index 00000000..fc3d6336 --- /dev/null +++ b/templates/parts/novnc @@ -0,0 +1,9 @@ +{%- if ssl_only -%} +ssl_only=true +{% endif -%} +{% if ssl_cert -%} +cert={{ ssl_cert }} +{% endif -%} +{% if ssl_key -%} +key={{ ssl_key }} +{% endif %} diff --git a/unit_tests/test_nova_cc_contexts.py b/unit_tests/test_nova_cc_contexts.py index fdd63334..3905aa6a 100644 --- a/unit_tests/test_nova_cc_contexts.py +++ b/unit_tests/test_nova_cc_contexts.py @@ -47,6 +47,8 @@ class NovaComputeContextTests(CharmTestCase): self.config.side_effect = self.test_config.get self.log.side_effect = fake_log + @mock.patch.object(context, 'resolve_address', + lambda *args, **kwargs: None) @mock.patch.object(utils, 'os_release') @mock.patch('charmhelpers.contrib.network.ip.log') def test_instance_console_context_without_memcache(self, os_release, log_): @@ -57,6 +59,8 @@ class NovaComputeContextTests(CharmTestCase): self.assertEqual({'memcached_servers': ''}, instance_console()) + @mock.patch.object(context, 'resolve_address', + lambda *args, **kwargs: None) @mock.patch.object(utils, 'os_release') @mock.patch('charmhelpers.contrib.network.ip.log') def test_instance_console_context_with_memcache(self, os_release, log_): @@ -64,6 +68,8 @@ class NovaComputeContextTests(CharmTestCase): '127.0.1.1', '127.0.1.1') + @mock.patch.object(context, 'resolve_address', + lambda *args, **kwargs: None) @mock.patch.object(utils, 'os_release') @mock.patch('charmhelpers.contrib.network.ip.log') def test_instance_console_context_with_memcache_ipv6(self, os_release,