Merge "VNC Graphical console"
This commit is contained in:
commit
ad3533cee7
325
specs/approved/vnc-graphical-console.rst
Normal file
325
specs/approved/vnc-graphical-console.rst
Normal file
@ -0,0 +1,325 @@
|
|||||||
|
..
|
||||||
|
This work is licensed under a Creative Commons Attribution 3.0 Unported
|
||||||
|
License.
|
||||||
|
|
||||||
|
http://creativecommons.org/licenses/by/3.0/legalcode
|
||||||
|
|
||||||
|
=====================
|
||||||
|
VNC Graphical console
|
||||||
|
=====================
|
||||||
|
|
||||||
|
https://bugs.launchpad.net/ironic/+bug/1567629
|
||||||
|
|
||||||
|
In addition to a serial console, allow ironic nodes to be accessed through a
|
||||||
|
graphical console. This proposal presents the work required to create a new
|
||||||
|
driver interface for accessing graphical console of a node.
|
||||||
|
|
||||||
|
|
||||||
|
Problem description
|
||||||
|
===================
|
||||||
|
|
||||||
|
End users often have to troubleshoot their instances because they might have
|
||||||
|
broken their boot configuration or locked themselves out with a firewall.
|
||||||
|
Keyboard-Video-Mouse (KVM) access is often required for troubleshooting these
|
||||||
|
types of issues as serial access is not always available or correctly
|
||||||
|
configured. Also, KVM provides a better user experience as compared to serial
|
||||||
|
console.
|
||||||
|
|
||||||
|
Currently, ironic does not expose a node's KVM capabilities. As such, admin
|
||||||
|
users and deployers have to find alternatives to provide KVM access to their
|
||||||
|
users. Also, Horizon's VNC console is not supported for the ironic nodes
|
||||||
|
provisioned by Nova.
|
||||||
|
|
||||||
|
|
||||||
|
Proposed change
|
||||||
|
===============
|
||||||
|
|
||||||
|
* A new interface ``GraphicalConsoleInterface`` will be added. This interface
|
||||||
|
will essentially have the same class API as current ``ConsoleInterface``
|
||||||
|
interface (with ``start_console``, ``stop_console`` and ``get_console``
|
||||||
|
methods), but it will be possible to enable/disable/configure it
|
||||||
|
independently from serial console access.
|
||||||
|
As with other ironic driver interfaces and hardware types, operators
|
||||||
|
are free to choose which implementation of a graphical console access to use
|
||||||
|
by setting it to the one enabled and supported by corresponding hardware type
|
||||||
|
implementations.
|
||||||
|
The new interface will have following methods::
|
||||||
|
|
||||||
|
class GraphicalConsoleInterface(BaseInterface):
|
||||||
|
"""Interface for graphical console-related actions."""
|
||||||
|
interface_type = "graphical_console"
|
||||||
|
|
||||||
|
@abc.abstractmethod
|
||||||
|
def start_console(self, task):
|
||||||
|
"""Start a remote graphical console for the task's node.
|
||||||
|
|
||||||
|
This method should not raise an exception if console already started.
|
||||||
|
|
||||||
|
:param task: a TaskManager instance containing the node to act on.
|
||||||
|
"""
|
||||||
|
|
||||||
|
@abc.abstractmethod
|
||||||
|
def stop_console(self, task):
|
||||||
|
"""Stop the remote graphical console session for the task's node.
|
||||||
|
|
||||||
|
:param task: a TaskManager instance containing the node to act on.
|
||||||
|
"""
|
||||||
|
|
||||||
|
@abc.abstractmethod
|
||||||
|
def get_console(self, task):
|
||||||
|
"""Get connection information about the graphical console.
|
||||||
|
|
||||||
|
This method should return the necessary information for the
|
||||||
|
client to access the graphical console.
|
||||||
|
|
||||||
|
:param task: a TaskManager instance containing the node to act on.
|
||||||
|
:returns: the graphical console connection information.
|
||||||
|
"""
|
||||||
|
|
||||||
|
* The following new hardware interface implementations of
|
||||||
|
``GraphicalConsoleInterface`` will be created.
|
||||||
|
|
||||||
|
+ ``ipmitool-vnc`` - For accessing graphical console using VNC.
|
||||||
|
+ ``no-graphical-console`` - For no graphical console.
|
||||||
|
+ ``fake`` - For accessing fake graphical console used for testing.
|
||||||
|
|
||||||
|
* New config options will be introduced for this interface which are as
|
||||||
|
follows:
|
||||||
|
|
||||||
|
+ ``[DEFAULT]enabled_graphical_console_interfaces`` - This config option
|
||||||
|
represents the list of enabled graphical console interfaces in ironic.
|
||||||
|
The default value is ``['no-graphical-console']``.
|
||||||
|
|
||||||
|
+ ``[DEFAULT]default_graphical_console_interface`` - This config option
|
||||||
|
represents the default graphical console interface to be used with various
|
||||||
|
drivers. The default value will be ``no-graphical-console``.
|
||||||
|
|
||||||
|
* Two new fields will be added to the Node object:
|
||||||
|
|
||||||
|
+ ``graphical_console_interface`` - This field represents the supported
|
||||||
|
graphical console interface for the node.
|
||||||
|
|
||||||
|
+ ``graphical_console_enabled`` - This field will a Boolean value that will
|
||||||
|
represent the state of console. It will be set to True via request to start
|
||||||
|
the graphical console.
|
||||||
|
|
||||||
|
* While a node unprovisioning, Ironic will stop all the graphical connections
|
||||||
|
to the node.
|
||||||
|
|
||||||
|
Alternatives
|
||||||
|
------------
|
||||||
|
|
||||||
|
* Accept this limitation and only offer a serial console.
|
||||||
|
|
||||||
|
* Use out-of-band KVM access provided by administrator without Ironic support.
|
||||||
|
|
||||||
|
* Generalize and formalize concept of a ``console`` interface,
|
||||||
|
and allow to have arbitrary number of console interfaces
|
||||||
|
(from those declared as supported by a hardware type) to be active and
|
||||||
|
enabled for a particular node.
|
||||||
|
|
||||||
|
Data model impact
|
||||||
|
-----------------
|
||||||
|
|
||||||
|
- A new node field ``graphical_console_enabled``, during upgrade/conversion
|
||||||
|
will be populated from ``default_graphical_console_interface`` config option
|
||||||
|
(``no-graphical-console`` by default).
|
||||||
|
- new node field ``graphical_console_interface`` will be added.
|
||||||
|
|
||||||
|
State Machine Impact
|
||||||
|
--------------------
|
||||||
|
|
||||||
|
None.
|
||||||
|
|
||||||
|
|
||||||
|
REST API impact
|
||||||
|
---------------
|
||||||
|
|
||||||
|
* Add a new optional ``console_type`` parameter to
|
||||||
|
``GET /v1/nodes/{node_ident}/states/console`` and
|
||||||
|
``PUT /v1/nodes/{node_ident}/states/console`` APIs. This
|
||||||
|
parameter defines which type of console the Ironic users want to access.
|
||||||
|
The default value will be ``serial``. The possible values are as follows:
|
||||||
|
|
||||||
|
+ ``serial`` - For accessing the serial console.
|
||||||
|
+ ``graphical`` - For accessing the graphical console.
|
||||||
|
|
||||||
|
This parameter will be included in the query string.
|
||||||
|
|
||||||
|
Example::
|
||||||
|
|
||||||
|
GET /v1/nodes/{node_ident}/states/console?console_type=graphical
|
||||||
|
|
||||||
|
The response would be same as the console interface. A new 400 HTTP response
|
||||||
|
will be returned if user provides a invalid ``console_type``.
|
||||||
|
|
||||||
|
The API microversion will need to be bumped.
|
||||||
|
|
||||||
|
|
||||||
|
Client (CLI) impact
|
||||||
|
-------------------
|
||||||
|
|
||||||
|
* A new option ``--type`` will be added to OSC command
|
||||||
|
``openstack baremetal node console enable`` and
|
||||||
|
``openstack baremetal node console disable``.
|
||||||
|
|
||||||
|
* A new option ``--type`` will be added to OSC command
|
||||||
|
``openstack baremetal node console show``.
|
||||||
|
|
||||||
|
|
||||||
|
RPC API impact
|
||||||
|
--------------
|
||||||
|
|
||||||
|
* Add a new ``console_type`` parameter to ``get_console_information``
|
||||||
|
|
||||||
|
* Add a new ``console_type`` parameter to ``set_console_mode``
|
||||||
|
|
||||||
|
The RPC API microversion will need to be bumped.
|
||||||
|
|
||||||
|
|
||||||
|
Driver API impact
|
||||||
|
-----------------
|
||||||
|
|
||||||
|
* The new ``GraphicalConsoleInterface`` will be included in the standardized
|
||||||
|
interfaces group. It is not a mandatory interface.
|
||||||
|
|
||||||
|
Nova driver impact
|
||||||
|
------------------
|
||||||
|
|
||||||
|
Nova impacts are fully described in the VNC console support for Ironic
|
||||||
|
driver [#]_ blueprint in Nova.
|
||||||
|
|
||||||
|
Essentially, the Ironic virt driver will have to implement ``get_vnc_console``
|
||||||
|
and call Ironic's get/set-console-mode with the ``graphical`` type.
|
||||||
|
|
||||||
|
As per policy in Nova, changes cannot land until ironic and python-ironicclient
|
||||||
|
changes have landed. The changes on the Nova side are fairly straightforward.
|
||||||
|
|
||||||
|
|
||||||
|
Ramdisk impact
|
||||||
|
--------------
|
||||||
|
|
||||||
|
None.
|
||||||
|
|
||||||
|
|
||||||
|
Security impact
|
||||||
|
---------------
|
||||||
|
|
||||||
|
* The VNC connection to the nodes are secured by a token generated while
|
||||||
|
creating the console in Nova.
|
||||||
|
|
||||||
|
* With standalone Ironic deployment, this will return a URL and a user
|
||||||
|
could directly connect with it. The connection to the baremetal node
|
||||||
|
will not be secure.
|
||||||
|
|
||||||
|
Other end user impact
|
||||||
|
---------------------
|
||||||
|
|
||||||
|
* The number of maximum connections per console, specifically VNC consoles is
|
||||||
|
implementation specific. Some servers are capable of multiple connections and
|
||||||
|
others aren't.
|
||||||
|
|
||||||
|
|
||||||
|
Scalability impact
|
||||||
|
------------------
|
||||||
|
|
||||||
|
* As mentioned in the last section, the number of connections varies based on
|
||||||
|
the hardware.
|
||||||
|
|
||||||
|
* TODO(mkrai): Update the number of connections a conductor can handle to
|
||||||
|
address Ruby's comment on PS7.
|
||||||
|
|
||||||
|
|
||||||
|
Performance Impact
|
||||||
|
------------------
|
||||||
|
|
||||||
|
None.
|
||||||
|
|
||||||
|
|
||||||
|
Other deployer impact
|
||||||
|
---------------------
|
||||||
|
|
||||||
|
* Adds ``enabled_graphical_console_interfaces`` config option.
|
||||||
|
|
||||||
|
* Adds ``default_graphical_console_interface`` config option.
|
||||||
|
|
||||||
|
Developer impact
|
||||||
|
----------------
|
||||||
|
|
||||||
|
Driver developers can now offer multiple console interfaces rather than
|
||||||
|
sticking to a single one. This actually maps much better to the reality
|
||||||
|
of servers often offering a Serial-on-LAN access along with a
|
||||||
|
Keyboard-Video-Mouse access.
|
||||||
|
|
||||||
|
|
||||||
|
Implementation
|
||||||
|
==============
|
||||||
|
|
||||||
|
Assignee(s)
|
||||||
|
-----------
|
||||||
|
|
||||||
|
Primary assignee:
|
||||||
|
* mkrai
|
||||||
|
|
||||||
|
Other contributors:
|
||||||
|
* anupn
|
||||||
|
|
||||||
|
Work Items
|
||||||
|
----------
|
||||||
|
|
||||||
|
* Introduce ``ipmitool.IPMIVNCConsole(BaseInterface)``
|
||||||
|
|
||||||
|
* Add ``console_type`` support to the console REST API.
|
||||||
|
|
||||||
|
* Add ``console_type`` support to the RPC methods.
|
||||||
|
|
||||||
|
* Add ``console_type`` support to the OSC plugin.
|
||||||
|
|
||||||
|
* Add graphical console support to VirtualBMC
|
||||||
|
|
||||||
|
* Implement basic enable-disable + connect testing within devstack
|
||||||
|
|
||||||
|
* Update documents to explain how graphical console can be used
|
||||||
|
|
||||||
|
|
||||||
|
Dependencies
|
||||||
|
============
|
||||||
|
|
||||||
|
None.
|
||||||
|
|
||||||
|
|
||||||
|
Testing
|
||||||
|
=======
|
||||||
|
|
||||||
|
* Unit tests
|
||||||
|
|
||||||
|
* CI testing of ``ipmitool.IPMIVNCConsole`` with a basic enable-disable
|
||||||
|
connect test.
|
||||||
|
|
||||||
|
* Add support for graphical console support in virtual BMC for gate test.
|
||||||
|
|
||||||
|
|
||||||
|
Upgrades and Backwards Compatibility
|
||||||
|
====================================
|
||||||
|
|
||||||
|
Proper compatibility with Nova will be ensured. A newer Nova will continue to
|
||||||
|
behave as it currently does when running with an older ironic. A newer ironic
|
||||||
|
will expose features that Nova will simply not use.
|
||||||
|
|
||||||
|
Backwards compatibility within ironic is assured through RPC versions.
|
||||||
|
Additional care is taken to ensure out-of-tree drivers are still compatible
|
||||||
|
because the code will specifically handle drivers not switched to the new
|
||||||
|
hardware types. Specific tests covering this part will be added. Finally,
|
||||||
|
compatibility with older API clients is assured through REST API microversions.
|
||||||
|
|
||||||
|
|
||||||
|
Documentation Impact
|
||||||
|
====================
|
||||||
|
|
||||||
|
* Documentation will be updated.
|
||||||
|
|
||||||
|
|
||||||
|
References
|
||||||
|
==========
|
||||||
|
|
||||||
|
.. [#] https://blueprints.launchpad.net/nova/+spec/ironic-vnc-console
|
1
specs/not-implemented/vnc-graphical-console.rst
Symbolic link
1
specs/not-implemented/vnc-graphical-console.rst
Symbolic link
@ -0,0 +1 @@
|
|||||||
|
../approved/vnc-graphical-console.rst
|
Loading…
Reference in New Issue
Block a user