From 02eb9cffe6dd72b58bbcd660588e79a504e4d738 Mon Sep 17 00:00:00 2001 From: Stephen Finucane Date: Fri, 16 Aug 2019 01:19:59 +0100 Subject: [PATCH] Remove 'nova-xvpvncproxy' This legacy service is no longer used and was deprecated during the Stein cycle [1]. It's time to say adios and remove them in their entirety. This is pretty straightforward, with the sole exception of schema for the 'remote-consoles' API, which has to continue supporting requests for type 'xvpvnc' even if we can't fulfil those requests now. [1] https://review.opendev.org/#/c/610076/ Part of blueprint remove-xvpvncproxy Depends-On: https://review.opendev.org/695853 Change-Id: I2f7f2379d0cd54e4d0a91008ddb44858cfc5a4cf Signed-off-by: Stephen Finucane --- api-guide/source/server_concepts.rst | 11 +- api-ref/source/parameters.yaml | 4 +- .../source/servers-action-remote-consoles.inc | 3 - api-ref/source/servers-remote-consoles.inc | 4 +- doc/source/_extra/.htaccess | 1 - doc/source/admin/remote-console-access.rst | 80 +------- doc/source/cli/index.rst | 11 -- doc/source/cli/nova-xvpvncproxy.rst | 54 ------ doc/source/conf.py | 1 - doc/source/install/get-started-compute.rst | 9 - doc/test/redirect-tests.txt | 1 - nova/cmd/xvpvncproxy.py | 42 ---- nova/compute/manager.py | 2 - nova/conf/__init__.py | 2 - nova/conf/vnc.py | 84 -------- nova/conf/xvp.py | 63 ------ nova/console/__init__.py | 9 +- nova/console/xvp.conf.template | 16 -- nova/console/xvp.py | 183 ------------------ nova/db/api.py | 10 - nova/db/sqlalchemy/api.py | 12 -- nova/db/sqlalchemy/models.py | 1 + nova/tests/unit/compute/test_compute.py | 14 -- nova/tests/unit/db/test_db_api.py | 3 - nova/tests/unit/fake_xvp_console_proxy.py | 52 ----- nova/vnc/__init__.py | 0 nova/vnc/xvp_proxy.py | 175 ----------------- ...ove-nova-xvpvncproxy-1c189cdff4b133e8.yaml | 15 ++ setup.cfg | 1 - 29 files changed, 33 insertions(+), 830 deletions(-) delete mode 100644 doc/source/cli/nova-xvpvncproxy.rst delete mode 100644 nova/cmd/xvpvncproxy.py delete mode 100644 nova/conf/xvp.py delete mode 100644 nova/console/xvp.conf.template delete mode 100644 nova/console/xvp.py delete mode 100644 nova/tests/unit/fake_xvp_console_proxy.py delete mode 100644 nova/vnc/__init__.py delete mode 100644 nova/vnc/xvp_proxy.py create mode 100644 releasenotes/notes/remove-nova-xvpvncproxy-1c189cdff4b133e8.yaml diff --git a/api-guide/source/server_concepts.rst b/api-guide/source/server_concepts.rst index 1d1a139c6dee..0c303ba7b30c 100644 --- a/api-guide/source/server_concepts.rst +++ b/api-guide/source/server_concepts.rst @@ -783,12 +783,11 @@ Server Consoles Server Consoles can also be supplied after server launched. There are several server console services available. First, users can get the console output from the specified server and can limit the lines of console text by setting -the length. Second, users can access multiple types of remote consoles. The -user can use novnc, xvpvnc, rdp-html5, spice-html5, serial, and webmks(start -from microversion 2.8) through either the OpenStack dashboard or the command -line. Refer to :nova-doc:`Configure remote console access -`. Specifically for Xenserver, it provides -the ability to create, delete, detail, list specified server vnc consoles. +the length. Secondly, users can access multiple types of remote consoles. The +user can use ``novnc``, ``rdp-html5``, ``spice-html5``, ``serial``, and +``webmks`` (starting from microversion 2.8) through either the OpenStack +dashboard or the command line. Refer to :nova-doc:`Configure remote console +access `. Server networks ~~~~~~~~~~~~~~~ diff --git a/api-ref/source/parameters.yaml b/api-ref/source/parameters.yaml index d21c3caf0045..337aa5ec9f5b 100644 --- a/api-ref/source/parameters.yaml +++ b/api-ref/source/parameters.yaml @@ -5284,7 +5284,7 @@ os-getVNCConsole: type: object os-getVNCConsole-type: description: | - The type of VNC console. The valid values are ``novnc`` and ``xvpvnc``. + The type of VNC console. The only valid value is ``novnc``. in: body required: true type: string @@ -5833,7 +5833,7 @@ remote_console_protocol: type: string remote_console_type: description: | - The type of remote console. The valid values are ``novnc``, ``xvpvnc``, + The type of remote console. The valid values are ``novnc``, ``rdp-html5``, ``spice-html5``, ``serial``, and ``webmks``. The type ``webmks`` is added since Microversion ``2.8``. in: body diff --git a/api-ref/source/servers-action-remote-consoles.inc b/api-ref/source/servers-action-remote-consoles.inc index 6e0b7fc9c713..582365c2fce4 100644 --- a/api-ref/source/servers-action-remote-consoles.inc +++ b/api-ref/source/servers-action-remote-consoles.inc @@ -175,9 +175,6 @@ Gets a VNC console for a server. Specify the ``os-getVNCConsole`` action in the request body. -The supported connection types are ``novnc``, ``xvpvnc``. Such as connect -with ``novnc``, set ``type`` parameter to ``novnc``. - Normal response codes: 200 Error response codes: badRequest(400), unauthorized(401), forbidden(403), itemNotFound(404), diff --git a/api-ref/source/servers-remote-consoles.inc b/api-ref/source/servers-remote-consoles.inc index 9aa11af822b9..c8515d3315bc 100644 --- a/api-ref/source/servers-remote-consoles.inc +++ b/api-ref/source/servers-remote-consoles.inc @@ -17,9 +17,7 @@ The API provides a unified request for creating a remote console. The user can get a URL to connect the console from this API. The URL includes the token which is used to get permission to access the console. Servers may support different console protocols. To return a remote console using a specific -protocol, such as RDP, set the ``protocol`` parameter to ``rdp``. For the same -protocol, there may be different connection types such as ``vnc protocol and -novnc type`` or ``vnc protocol and xvpvnc type``. +protocol, such as RDP, set the ``protocol`` parameter to ``rdp``. Normal response codes: 200 diff --git a/doc/source/_extra/.htaccess b/doc/source/_extra/.htaccess index 0d6ca883d2a0..07e56bb782a2 100644 --- a/doc/source/_extra/.htaccess +++ b/doc/source/_extra/.htaccess @@ -41,7 +41,6 @@ redirectmatch 301 ^/nova/([^/]+)/man/nova-scheduler.html$ /nova/$1/cli/nova-sche redirectmatch 301 ^/nova/([^/]+)/man/nova-serialproxy.html$ /nova/$1/cli/nova-serialproxy.html redirectmatch 301 ^/nova/([^/]+)/man/nova-spicehtml5proxy.html$ /nova/$1/cli/nova-spicehtml5proxy.html redirectmatch 301 ^/nova/([^/]+)/man/nova-status.html$ /nova/$1/cli/nova-status.html -redirectmatch 301 ^/nova/([^/]+)/man/nova-xvpvncproxy.html$ /nova/$1/cli/nova-xvpvncproxy.html redirectmatch 301 ^/nova/([^/]+)/notifications.html$ /nova/$1/reference/notifications.html redirectmatch 301 ^/nova/([^/]+)/placement.html$ /nova/$1/user/placement.html redirectmatch 301 ^/nova/([^/]+)/placement_dev.html$ /nova/$1/contributor/placement.html diff --git a/doc/source/admin/remote-console-access.rst b/doc/source/admin/remote-console-access.rst index 2df3bd6739a3..c59d0ce532f7 100644 --- a/doc/source/admin/remote-console-access.rst +++ b/doc/source/admin/remote-console-access.rst @@ -526,68 +526,6 @@ For example, to configure this via a ``nova.conf`` file: mksproxy_base_url = https://127.0.0.1:6090/ -XVP-based VNC console ---------------------- - -VNC is a graphical console with wide support among many hypervisors and -clients. Xen VNC Proxy (XVP) provides VNC support via a simple Java client. - -.. deprecated:: 19.0.0 - - :program:`nova-xvpvnxproxy` is deprecated since 19.0.0 (Stein) and will be - removed in an upcoming release. - -Configuration -~~~~~~~~~~~~~ - -To enable the XVP VNC console service, you must configure both the -:program:`nova-xvpvncproxy` service and the :program:`nova-compute` service. -Most options are defined in the :oslo.config:group:`vnc` group. - -The :program:`nova-xvpvncproxy` service accepts the following options. - -- :oslo.config:option:`daemon` -- :oslo.config:option:`ssl_only` -- :oslo.config:option:`source_is_ipv6` -- :oslo.config:option:`cert` -- :oslo.config:option:`key` -- :oslo.config:option:`web` -- :oslo.config:option:`vnc.xvpvncproxy_host` -- :oslo.config:option:`vnc.xvpvncproxy_port` - -For example, to configure this via a ``nova-xvpvncproxy.conf`` file: - -.. code-block:: ini - - [vnc] - xvpvncproxy_host = 0.0.0.0 - xvpvncproxy_port = 6081 - -The :program:`nova-compute` service requires the following options to configure -XVP-based VNC support. - -- :oslo.config:option:`vnc.enabled` -- :oslo.config:option:`vnc.xvpvncproxy_base_url` -- :oslo.config:option:`vnc.server_listen` -- :oslo.config:option:`vnc.server_proxyclient_address` -- :oslo.config:option:`vnc.keymap` - -For example, to configure this via a ``nova.conf`` file: - -.. code-block:: ini - - [vnc] - enabled = True - xvpvncproxy_base_url = http://IP_ADDRESS:6081/console - server_listen = 127.0.0.1 - server_proxyclient_address = 127.0.0.1 - keymap = en-us - -Replace ``IP_ADDRESS`` with the IP address from which the proxy is accessible -by the outside world. For example, this may be the management interface IP -address of the controller or the VIP. - - .. _about-nova-consoleauth: About ``nova-consoleauth`` @@ -602,13 +540,6 @@ outlined below could leverage. Token authentication was moved to the database in Frequently Asked Questions -------------------------- -- **Q: What is the difference between ``nova-xvpvncproxy`` and - ``nova-novncproxy``?** - - A: ``nova-xvpvncproxy``, which ships with OpenStack Compute, is a proxy that - supports a simple Java client. ``nova-novncproxy`` uses noVNC to provide VNC - support through a web browser. - - **Q: I want VNC support in the OpenStack dashboard. What services do I need?** @@ -634,7 +565,6 @@ Frequently Asked Questions # These flags help construct a connection data structure server_proxyclient_address=192.168.1.2 novncproxy_base_url=http://172.24.1.1:6080/vnc_auto.html - xvpvncproxy_base_url=http://172.24.1.1:6081/console # This is the address where the underlying vncserver (not the proxy) # will listen for connections. @@ -642,11 +572,11 @@ Frequently Asked Questions .. note:: - ``novncproxy_base_url`` and ``xvpvncproxy_base_url`` use a public IP; this - is the URL that is ultimately returned to clients, which generally do not - have access to your private network. Your PROXYSERVER must be able to - reach ``server_proxyclient_address``, because that is the address over - which the VNC connection is proxied. + ``novncproxy_base_url`` uses a public IP; this is the URL that is + ultimately returned to clients, which generally do not have access to your + private network. Your PROXYSERVER must be able to reach + ``server_proxyclient_address``, because that is the address over which the + VNC connection is proxied. - **Q: My noVNC does not work with recent versions of web browsers. Why?** diff --git a/doc/source/cli/index.rst b/doc/source/cli/index.rst index 431224019926..ed7fca2652f4 100644 --- a/doc/source/cli/index.rst +++ b/doc/source/cli/index.rst @@ -75,14 +75,3 @@ are documented for completeness and debugging if something goes wrong. :maxdepth: 1 nova-rootwrap - -Deprecated Services -------------------- - -The following services are deprecated in nova. They should not be used in new -deployments, but are documented for existing ones. - -.. toctree:: - :maxdepth: 1 - - nova-xvpvncproxy diff --git a/doc/source/cli/nova-xvpvncproxy.rst b/doc/source/cli/nova-xvpvncproxy.rst deleted file mode 100644 index 50d87976ace1..000000000000 --- a/doc/source/cli/nova-xvpvncproxy.rst +++ /dev/null @@ -1,54 +0,0 @@ -================ -nova-xvpvncproxy -================ - ----------------------------- -XVP VNC Console Proxy Server ----------------------------- - -:Author: openstack@lists.openstack.org -:Copyright: OpenStack Foundation -:Manual section: 1 -:Manual group: cloud computing - -Synopsis -======== - -:: - - nova-xvpvncproxy [options] - -Description -=========== - -:program:`nova-xvpvncproxy` is a server daemon that serves the Nova XVP VNC -Console Proxy service, which provides an XVP-based VNC Console Proxy for use -with the Xen hypervisor. - -.. deprecated:: 19.0.0 - - :program:`nova-xvpvnxproxy` is deprecated since 19.0.0 (Stein) and will be - removed in an upcoming release. - -Options -======= - -**General options** - -Files -===== - -* ``/etc/nova/nova.conf`` -* ``/etc/nova/policy.json`` -* ``/etc/nova/rootwrap.conf`` -* ``/etc/nova/rootwrap.d/`` - -See Also -======== - -* :nova-doc:`OpenStack Nova <>` - -Bugs -==== - -* Nova bugs are managed at `Launchpad `__ diff --git a/doc/source/conf.py b/doc/source/conf.py index 76e3091739ea..7a37e87a5073 100644 --- a/doc/source/conf.py +++ b/doc/source/conf.py @@ -93,7 +93,6 @@ _man_pages = [ ('nova-serialproxy', u'Cloud controller fabric'), ('nova-spicehtml5proxy', u'Cloud controller fabric'), ('nova-status', u'Cloud controller fabric'), - ('nova-xvpvncproxy', u'Cloud controller fabric'), ] man_pages = [ diff --git a/doc/source/install/get-started-compute.rst b/doc/source/install/get-started-compute.rst index 1b7441e63891..96751396ea60 100644 --- a/doc/source/install/get-started-compute.rst +++ b/doc/source/install/get-started-compute.rst @@ -61,15 +61,6 @@ OpenStack Compute consists of the following areas and their components: Provides a proxy for accessing running instances through a SPICE connection. Supports browser-based HTML5 client. -``nova-xvpvncproxy`` daemon - Provides a proxy for accessing running instances through a VNC connection. - Supports an OpenStack-specific Java client. - - .. deprecated:: 19.0.0 - - :program:`nova-xvpvnxproxy` is deprecated since 19.0.0 (Stein) and will be - removed in an upcoming release. - The queue A central hub for passing messages between daemons. Usually implemented with `RabbitMQ `__ but diff --git a/doc/test/redirect-tests.txt b/doc/test/redirect-tests.txt index 093b3e2f4422..283c9731e340 100644 --- a/doc/test/redirect-tests.txt +++ b/doc/test/redirect-tests.txt @@ -41,7 +41,6 @@ /nova/latest/man/nova-serialproxy.html 301 /nova/latest/cli/nova-serialproxy.html /nova/latest/man/nova-spicehtml5proxy.html 301 /nova/latest/cli/nova-spicehtml5proxy.html /nova/latest/man/nova-status.html 301 /nova/latest/cli/nova-status.html -/nova/latest/man/nova-xvpvncproxy.html 301 /nova/latest/cli/nova-xvpvncproxy.html /nova/latest/notifications.html 301 /nova/latest/reference/notifications.html /nova/latest/placement.html 301 /nova/latest/user/placement.html /nova/latest/placement_dev.html 301 /nova/latest/contributor/placement.html diff --git a/nova/cmd/xvpvncproxy.py b/nova/cmd/xvpvncproxy.py deleted file mode 100644 index b99a9af68822..000000000000 --- a/nova/cmd/xvpvncproxy.py +++ /dev/null @@ -1,42 +0,0 @@ -# Copyright (c) 2010 OpenStack Foundation -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"""XVP VNC Console Proxy Server.""" - -import sys - -from oslo_log import log as logging -from oslo_reports import guru_meditation_report as gmr -from oslo_reports import opts as gmr_opts - -import nova.conf -from nova import config -from nova import service -from nova import version -from nova.vnc import xvp_proxy - -CONF = nova.conf.CONF - - -def main(): - config.parse_args(sys.argv) - logging.setup(config.CONF, "nova") - gmr_opts.set_defaults(CONF) - - gmr.TextGuruMeditation.setup_autorun(version, conf=CONF) - - wsgi_server = xvp_proxy.get_wsgi_server() - service.serve(wsgi_server) - service.wait() diff --git a/nova/compute/manager.py b/nova/compute/manager.py index 1775073dcf64..d4f335ae78fb 100644 --- a/nova/compute/manager.py +++ b/nova/compute/manager.py @@ -6672,8 +6672,6 @@ class ComputeManager(manager.Manager): # For essex, novncproxy_base_url must include the full path # including the html file (like http://myhost/vnc_auto.html) access_url_base = CONF.vnc.novncproxy_base_url - elif console_type == 'xvpvnc': - access_url_base = CONF.vnc.xvpvncproxy_base_url else: raise exception.ConsoleTypeInvalid(console_type=console_type) diff --git a/nova/conf/__init__.py b/nova/conf/__init__.py index 7cf5b197067b..fc64ceccac3c 100644 --- a/nova/conf/__init__.py +++ b/nova/conf/__init__.py @@ -67,7 +67,6 @@ from nova.conf import vnc from nova.conf import workarounds from nova.conf import wsgi from nova.conf import xenserver -from nova.conf import xvp from nova.conf import zvm CONF = cfg.CONF @@ -119,7 +118,6 @@ vnc.register_opts(CONF) workarounds.register_opts(CONF) wsgi.register_opts(CONF) xenserver.register_opts(CONF) -xvp.register_opts(CONF) zvm.register_opts(CONF) remote_debug.register_cli_opts(CONF) diff --git a/nova/conf/vnc.py b/nova/conf/vnc.py index 4fc76744769b..d25c3e13ac61 100644 --- a/nova/conf/vnc.py +++ b/nova/conf/vnc.py @@ -115,90 +115,6 @@ Related options: * novncproxy_port """), - cfg.HostAddressOpt( - 'xvpvncproxy_host', - default='0.0.0.0', - deprecated_group='DEFAULT', - deprecated_for_removal=True, - deprecated_since='19.0.0', - deprecated_reason=""" -The ``nova-xvpvnxproxy`` service is deprecated and will be removed in an -upcoming release. -""", - help=""" -IP address or hostname that the XVP VNC console proxy should bind to. - -The VNC proxy is an OpenStack component that enables compute service -users to access their instances through VNC clients. Xen provides -the Xenserver VNC Proxy, or XVP, as an alternative to the -websocket-based noVNC proxy used by Libvirt. In contrast to noVNC, -XVP clients are Java-based. - -This option sets the private address to which the XVP VNC console proxy -service should bind to. - -Related options: - -* xvpvncproxy_port -* xvpvncproxy_base_url -"""), - - cfg.PortOpt( - 'xvpvncproxy_port', - default=6081, - deprecated_group='DEFAULT', - deprecated_for_removal=True, - deprecated_since='19.0.0', - deprecated_reason=""" -The ``nova-xvpvnxproxy`` service is deprecated and will be removed in an -upcoming release. -""", - help=""" -Port that the XVP VNC console proxy should bind to. - -The VNC proxy is an OpenStack component that enables compute service -users to access their instances through VNC clients. Xen provides -the Xenserver VNC Proxy, or XVP, as an alternative to the -websocket-based noVNC proxy used by Libvirt. In contrast to noVNC, -XVP clients are Java-based. - -This option sets the private port to which the XVP VNC console proxy -service should bind to. - -Related options: - -* xvpvncproxy_host -* xvpvncproxy_base_url -"""), - - cfg.URIOpt( - 'xvpvncproxy_base_url', - default='http://127.0.0.1:6081/console', - deprecated_group='DEFAULT', - deprecated_for_removal=True, - deprecated_since='19.0.0', - deprecated_reason=""" -The ``nova-xvpvnxproxy`` service is deprecated and will be removed in an -upcoming release. -""", - help=""" -Public URL address of XVP VNC console proxy. - -The VNC proxy is an OpenStack component that enables compute service -users to access their instances through VNC clients. Xen provides -the Xenserver VNC Proxy, or XVP, as an alternative to the -websocket-based noVNC proxy used by Libvirt. In contrast to noVNC, -XVP clients are Java-based. - -This option sets the public base URL to which client systems will -connect. XVP clients can use this address to connect to the XVP -instance and, by extension, the VNC sessions. - -Related options: - -* xvpvncproxy_host -* xvpvncproxy_port -"""), ] CLI_OPTS = [ diff --git a/nova/conf/xvp.py b/nova/conf/xvp.py deleted file mode 100644 index fe83484ce265..000000000000 --- a/nova/conf/xvp.py +++ /dev/null @@ -1,63 +0,0 @@ -# Copyright 2016 OpenStack Foundation -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -from oslo_config import cfg - -from nova.conf import paths - -xvp_group = cfg.OptGroup( - 'xvp', - title='XVP options', - help=""" -Configuration options for XVP. - -xvp (Xen VNC Proxy) is a proxy server providing password-protected VNC-based -access to the consoles of virtual machines hosted on Citrix XenServer. -""" -) - -xvp_opts = [ - cfg.StrOpt('console_xvp_conf_template', - default=paths.basedir_def('nova/console/xvp.conf.template'), - deprecated_group='DEFAULT', - help='XVP conf template'), - cfg.StrOpt('console_xvp_conf', - default='/etc/xvp.conf', - deprecated_group='DEFAULT', - help='Generated XVP conf file'), - cfg.StrOpt('console_xvp_pid', - default='/var/run/xvp.pid', - deprecated_group='DEFAULT', - help='XVP master process pid file'), - cfg.StrOpt('console_xvp_log', - default='/var/log/xvp.log', - deprecated_group='DEFAULT', - help='XVP log file'), - cfg.PortOpt('console_xvp_multiplex_port', - default=5900, - deprecated_group='DEFAULT', - help='Port for XVP to multiplex VNC connections on'), - ] - - -def register_opts(conf): - conf.register_group(xvp_group) - conf.register_opts(xvp_opts, group=xvp_group) - - -def list_opts(): - return { - xvp_group: xvp_opts - } diff --git a/nova/console/__init__.py b/nova/console/__init__.py index 2f9cc4d00812..c5961e052cf2 100644 --- a/nova/console/__init__.py +++ b/nova/console/__init__.py @@ -11,12 +11,11 @@ # under the License. """ -:mod:`nova.console` -- Console Proxy to set up VM console access - (i.e. with xvp) -===================================================== +:mod:`nova.console` -- Wrappers around console proxies +====================================================== .. automodule:: nova.console :platform: Unix - :synopsis: Wrapper around console proxies such as xvp to set up - multitenant VM console access + :synopsis: Wrapper around console proxies such as noVNC to set up + multi-tenant VM console access. """ diff --git a/nova/console/xvp.conf.template b/nova/console/xvp.conf.template deleted file mode 100644 index d0f27223d941..000000000000 --- a/nova/console/xvp.conf.template +++ /dev/null @@ -1,16 +0,0 @@ -# One time password use with time window -OTP ALLOW IPCHECK HTTP 60 -{% if multiplex_port %} -MULTIPLEX {{ multiplex_port }} -{% endif %} - -{% for pool in pools %} -POOL {{ pool.address }} - DOMAIN {{ pool.address }} - MANAGER root {{ pool.password }} - HOST {{ pool.address }} - VM - dummy 0123456789ABCDEF - {% for console in pool.console %} - VM {% if multiplex_port %}-{% else %}{{ console.port }} # {{ console.instance_name }} {{ console.password|pass_encode }}{% endif %} - {% endfor %} -{% endfor %} diff --git a/nova/console/xvp.py b/nova/console/xvp.py deleted file mode 100644 index 4d926dcae250..000000000000 --- a/nova/console/xvp.py +++ /dev/null @@ -1,183 +0,0 @@ -# Copyright (c) 2010 OpenStack Foundation -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -"""XVP (Xenserver VNC Proxy) driver.""" - -import os -import signal - -import jinja2 -from oslo_concurrency import processutils -from oslo_log import log as logging -from oslo_utils import excutils - -import nova.conf -from nova import context -from nova.db import api as db -from nova.i18n import _ - - -CONF = nova.conf.CONF -LOG = logging.getLogger(__name__) - - -class XVPConsoleProxy(object): - """Sets up XVP config, and manages XVP daemon.""" - - def __init__(self): - self.xvpconf_template = open(CONF.xvp.console_xvp_conf_template).read() - self.host = CONF.host # default, set by manager. - super(XVPConsoleProxy, self).__init__() - - @property - def console_type(self): - return 'vnc+xvp' - - def get_port(self, context): - """Get available port for consoles that need one.""" - # TODO(mdragon): implement port selection for non multiplex ports, - # we are not using that, but someone else may want - # it. - return CONF.xvp.console_xvp_multiplex_port - - def setup_console(self, context, console): - """Sets up actual proxies.""" - self._rebuild_xvp_conf(context.elevated()) - - def teardown_console(self, context, console): - """Tears down actual proxies.""" - self._rebuild_xvp_conf(context.elevated()) - - def init_host(self): - """Start up any config'ed consoles on start.""" - ctxt = context.get_admin_context() - self._rebuild_xvp_conf(ctxt) - - def fix_pool_password(self, password): - """Trim password to length, and encode.""" - return self._xvp_encrypt(password, is_pool_password=True) - - def fix_console_password(self, password): - """Trim password to length, and encode.""" - return self._xvp_encrypt(password) - - def _rebuild_xvp_conf(self, context): - LOG.debug('Rebuilding xvp conf') - pools = [pool for pool in - db.console_pool_get_all_by_host_type(context, self.host, - self.console_type) - if pool['consoles']] - if not pools: - LOG.debug('No console pools!') - self._xvp_stop() - return - conf_data = {'multiplex_port': CONF.xvp.console_xvp_multiplex_port, - 'pools': pools} - tmpl_path, tmpl_file = os.path.split(CONF.injected_network_template) - env = jinja2.Environment( # nosec - loader=jinja2.FileSystemLoader(tmpl_path)) # nosec - env.filters['pass_encode'] = self.fix_console_password - template = env.get_template(tmpl_file) - self._write_conf(template.render(conf_data)) - self._xvp_restart() - - def _write_conf(self, config): - try: - LOG.debug('Re-wrote %s', CONF.xvp.console_xvp_conf) - with open(CONF.xvp.console_xvp_conf, 'w') as cfile: - cfile.write(config) - except IOError: - with excutils.save_and_reraise_exception(): - LOG.exception("Failed to write configuration file") - - def _xvp_stop(self): - LOG.debug('Stopping xvp') - pid = self._xvp_pid() - if not pid: - return - try: - os.kill(pid, signal.SIGTERM) - except OSError: - # if it's already not running, no problem. - pass - - def _xvp_start(self): - if self._xvp_check_running(): - return - LOG.debug('Starting xvp') - try: - processutils.execute('xvp', - '-p', CONF.xvp.console_xvp_pid, - '-c', CONF.xvp.console_xvp_conf, - '-l', CONF.xvp.console_xvp_log) - except processutils.ProcessExecutionError as err: - LOG.error('Error starting xvp: %s', err) - - def _xvp_restart(self): - LOG.debug('Restarting xvp') - if not self._xvp_check_running(): - LOG.debug('xvp not running...') - self._xvp_start() - else: - pid = self._xvp_pid() - os.kill(pid, signal.SIGUSR1) - - def _xvp_pid(self): - try: - with open(CONF.xvp.console_xvp_pid, 'r') as pidfile: - pid = int(pidfile.read()) - except IOError: - return None - except ValueError: - return None - return pid - - def _xvp_check_running(self): - pid = self._xvp_pid() - if not pid: - return False - try: - os.kill(pid, 0) - except OSError: - return False - return True - - def _xvp_encrypt(self, password, is_pool_password=False): - """Call xvp to obfuscate passwords for config file. - - Args: - - password: the password to encode, max 8 char for vm passwords, - and 16 chars for pool passwords. passwords will - be trimmed to max len before encoding. - - is_pool_password: True if this is the XenServer api password - False if it's a VM console password - (xvp uses different keys and max lengths for pool passwords) - - Note that xvp's obfuscation should not be considered 'real' encryption. - It simply DES encrypts the passwords with static keys plainly viewable - in the xvp source code. - - """ - maxlen = 8 - flag = '-e' - if is_pool_password: - maxlen = 16 - flag = '-x' - # xvp will blow up on passwords that are too long (mdragon) - password = password[:maxlen] - out, err = processutils.execute('xvp', flag, process_input=password) - if err: - raise processutils.ProcessExecutionError(_("Failed to run xvp.")) - return out.strip() diff --git a/nova/db/api.py b/nova/db/api.py index d448cb0911a7..4f3c8e99821b 100644 --- a/nova/db/api.py +++ b/nova/db/api.py @@ -1398,16 +1398,6 @@ def project_get_networks(context, project_id, associate=True): ################## -def console_pool_get_all_by_host_type(context, host, console_type): - """Fetch all pools for given proxy host and type.""" - return IMPL.console_pool_get_all_by_host_type(context, - host, - console_type) - - -################## - - def pci_device_get_by_addr(context, node_id, dev_addr): """Get PCI device by address.""" return IMPL.pci_device_get_by_addr(context, node_id, dev_addr) diff --git a/nova/db/sqlalchemy/api.py b/nova/db/sqlalchemy/api.py index fc66425ab1b0..9411f622f543 100644 --- a/nova/db/sqlalchemy/api.py +++ b/nova/db/sqlalchemy/api.py @@ -4461,18 +4461,6 @@ def migration_migrate_to_uuid(context, count): return done, done -################## - - -@pick_context_manager_reader -def console_pool_get_all_by_host_type(context, host, console_type): - return model_query(context, models.ConsolePool, read_deleted="no").\ - filter_by(host=host).\ - filter_by(console_type=console_type).\ - options(joinedload('consoles')).\ - all() - - ######################## # User-provided metadata diff --git a/nova/db/sqlalchemy/models.py b/nova/db/sqlalchemy/models.py index 579adce231f3..c6f43ef7637b 100644 --- a/nova/db/sqlalchemy/models.py +++ b/nova/db/sqlalchemy/models.py @@ -985,6 +985,7 @@ class DNSDomain(BASE, NovaBase, models.SoftDeleteMixin): project_id = Column(String(255)) +# TODO(stephenfin): Remove in V or later class ConsolePool(BASE, NovaBase, models.SoftDeleteMixin): """Represents pool of consoles on the same physical node.""" __tablename__ = 'console_pools' diff --git a/nova/tests/unit/compute/test_compute.py b/nova/tests/unit/compute/test_compute.py index fab17e92ded2..3fbdbdaa2ce9 100644 --- a/nova/tests/unit/compute/test_compute.py +++ b/nova/tests/unit/compute/test_compute.py @@ -3882,20 +3882,6 @@ class ComputeTestCase(BaseTestCase, context=self.context, instance=instance, port="wrongport", console_type="spice-html5")) - def test_xvpvnc_vnc_console(self): - # Make sure we can a vnc console for an instance. - self.flags(enabled=True, group='vnc') - self.flags(enabled=False, group='spice') - - instance = self._create_fake_instance_obj() - self.compute.build_and_run_instance(self.context, - instance, {}, {}, {}, block_device_mapping=[]) - - console = self.compute.get_vnc_console(self.context, 'xvpvnc', - instance=instance) - self.assertTrue(console) - self.compute.terminate_instance(self.context, instance, []) - def test_invalid_vnc_console_type(self): # Raise useful error if console type is an unrecognised string. self.flags(enabled=True, group='vnc') diff --git a/nova/tests/unit/db/test_db_api.py b/nova/tests/unit/db/test_db_api.py index 45f25b171a66..db41157e1e4f 100644 --- a/nova/tests/unit/db/test_db_api.py +++ b/nova/tests/unit/db/test_db_api.py @@ -8192,9 +8192,6 @@ class ArchiveTestCase(test.TestCase, ModelsObjectComparatorMixin): self.dns_domains = models.DNSDomain.__table__ self.shadow_dns_domains = sqlalchemyutils.get_table( self.engine, "shadow_dns_domains") - self.console_pools = models.ConsolePool.__table__ - self.shadow_console_pools = sqlalchemyutils.get_table( - self.engine, "shadow_console_pools") self.instances = models.Instance.__table__ self.shadow_instances = sqlalchemyutils.get_table( self.engine, "shadow_instances") diff --git a/nova/tests/unit/fake_xvp_console_proxy.py b/nova/tests/unit/fake_xvp_console_proxy.py deleted file mode 100644 index c2dd8443740e..000000000000 --- a/nova/tests/unit/fake_xvp_console_proxy.py +++ /dev/null @@ -1,52 +0,0 @@ -# Copyright (c) 2010 OpenStack Foundation -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -"""Fake ConsoleProxy driver for tests.""" - - -class FakeConsoleProxy(object): - """Fake ConsoleProxy driver.""" - - @property - def console_type(self): - return 'fake' - - def setup_console(self, context, console): - """Sets up actual proxies.""" - pass - - def teardown_console(self, context, console): - """Tears down actual proxies.""" - pass - - def init_host(self): - """Start up any config'ed consoles on start.""" - pass - - def generate_password(self, length=8): - """Returns random console password.""" - return 'fakepass' - - def get_port(self, context): - """Get available port for consoles that need one.""" - return 5999 - - def fix_pool_password(self, password): - """Trim password to length, and any other messaging.""" - return password - - def fix_console_password(self, password): - """Trim password to length, and any other messaging.""" - return password diff --git a/nova/vnc/__init__.py b/nova/vnc/__init__.py deleted file mode 100644 index e69de29bb2d1..000000000000 diff --git a/nova/vnc/xvp_proxy.py b/nova/vnc/xvp_proxy.py deleted file mode 100644 index ed1b0496854a..000000000000 --- a/nova/vnc/xvp_proxy.py +++ /dev/null @@ -1,175 +0,0 @@ -#!/usr/bin/env python -# Copyright (c) 2012 OpenStack Foundation -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); -# you may not use this file except in compliance with the License. -# You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, -# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. -# See the License for the specific language governing permissions and -# limitations under the License. - -"""Eventlet WSGI Services to proxy VNC for XCP protocol.""" - -import socket - -import eventlet -import eventlet.green -import eventlet.greenio -import eventlet.wsgi -from oslo_log import log as logging -import webob - -import nova.conf -from nova import context -from nova import exception -from nova import objects -from nova import utils -from nova import version -from nova import wsgi - - -LOG = logging.getLogger(__name__) -CONF = nova.conf.CONF - - -class XCPVNCProxy(object): - """Class to use the xvp auth protocol to proxy instance vnc consoles.""" - - def one_way_proxy(self, source, dest): - """Proxy tcp connection from source to dest.""" - while True: - try: - d = source.recv(32384) - except Exception: - d = None - - # If recv fails, send a write shutdown the other direction - if d is None or len(d) == 0: - dest.shutdown(socket.SHUT_WR) - break - # If send fails, terminate proxy in both directions - try: - # sendall raises an exception on write error, unlike send - dest.sendall(d) - except Exception: - source.close() - dest.close() - break - - def handshake(self, req, connect_info, sockets): - """Execute hypervisor-specific vnc auth handshaking (if needed).""" - host = connect_info.host - port = connect_info.port - - server = eventlet.connect((host, port)) - - # Handshake as necessary - if 'internal_access_path' in connect_info: - path = connect_info.internal_access_path - server.sendall('CONNECT %s HTTP/1.1\r\n\r\n' % path) - - data = "" - while True: - b = server.recv(1) - if b: - data += b - if data.find("\r\n\r\n") != -1: - if not data.split("\r\n")[0].find("200"): - LOG.info("Error in handshake format: %s", data) - return - break - - if not b or len(data) > 4096: - LOG.info("Error in handshake: %s", data) - return - - client = req.environ['eventlet.input'].get_socket() - client.sendall("HTTP/1.1 200 OK\r\n\r\n") - sockets['client'] = client - sockets['server'] = server - - def proxy_connection(self, req, connect_info, start_response): - """Spawn bi-directional vnc proxy.""" - sockets = {} - t0 = utils.spawn(self.handshake, req, connect_info, sockets) - t0.wait() - - if not sockets.get('client') or not sockets.get('server'): - LOG.info("Invalid request: %s", req) - start_response('400 Invalid Request', - [('content-type', 'text/html')]) - return "Invalid Request" - - client = sockets['client'] - server = sockets['server'] - - t1 = utils.spawn(self.one_way_proxy, client, server) - t2 = utils.spawn(self.one_way_proxy, server, client) - t1.wait() - t2.wait() - - # Make sure our sockets are closed - server.close() - client.close() - - def __call__(self, environ, start_response): - try: - req = webob.Request(environ) - LOG.info("Request: %s", req) - token = req.params.get('token') - if not token: - LOG.info("Request made with missing token: %s", req) - start_response('400 Invalid Request', - [('content-type', 'text/html')]) - return "Invalid Request" - - ctxt = context.get_admin_context() - - try: - connect_info = objects.ConsoleAuthToken.validate(ctxt, token) - except exception.InvalidToken: - LOG.info("Request made with invalid token: %s", req) - start_response('401 Not Authorized', - [('content-type', 'text/html')]) - return "Not Authorized" - - return self.proxy_connection(req, connect_info, start_response) - except Exception as e: - LOG.info("Unexpected error: %s", e) - - -class SafeHttpProtocol(eventlet.wsgi.HttpProtocol): - """HttpProtocol wrapper to suppress IOErrors. - - The proxy code above always shuts down client connections, so we catch - the IOError that raises when the SocketServer tries to flush the - connection. - """ - def finish(self): - try: - eventlet.green.BaseHTTPServer.BaseHTTPRequestHandler.finish(self) - except IOError: - pass - eventlet.greenio.shutdown_safe(self.connection) - self.connection.close() - - -def get_wsgi_server(): - LOG.info("Starting nova-xvpvncproxy node (version %s)", - version.version_string_with_package()) - - LOG.warning('The nova-xvpvncproxy service is deprecated as it is Xen ' - 'specific and has effectively been replaced by noVNC ' - 'and the nova-novncproxy service.') - - return wsgi.Server("XCP VNC Proxy", - XCPVNCProxy(), - protocol=SafeHttpProtocol, - host=CONF.vnc.xvpvncproxy_host, - port=CONF.vnc.xvpvncproxy_port) diff --git a/releasenotes/notes/remove-nova-xvpvncproxy-1c189cdff4b133e8.yaml b/releasenotes/notes/remove-nova-xvpvncproxy-1c189cdff4b133e8.yaml new file mode 100644 index 000000000000..6a8b4d0584c7 --- /dev/null +++ b/releasenotes/notes/remove-nova-xvpvncproxy-1c189cdff4b133e8.yaml @@ -0,0 +1,15 @@ +--- +upgrade: + - | + The ``nova-xvpvncproxy`` service has been deprecated since the 19.0.0 Stein + release and has now been removed. The following configuration options have + also been removed: + + * ``[vnc] xvpvncproxy_base_url`` + * ``[vnc] xvpvncproxy_host`` + * ``[vnc] xvpvncproxy_port`` + * ``[xvp] console_xvp_conf_template`` + * ``[xvp] console_xvp_conf`` + * ``[xvp] console_xvp_log`` + * ``[xvp] console_xvp_multiplex_port`` + * ``[xvp] console_xvp_pid`` diff --git a/setup.cfg b/setup.cfg index 57fae21945f8..afc8b5d1d8b5 100644 --- a/setup.cfg +++ b/setup.cfg @@ -76,7 +76,6 @@ console_scripts = nova-serialproxy = nova.cmd.serialproxy:main nova-spicehtml5proxy = nova.cmd.spicehtml5proxy:main nova-status = nova.cmd.status:main - nova-xvpvncproxy = nova.cmd.xvpvncproxy:main wsgi_scripts = nova-api-wsgi = nova.api.openstack.compute.wsgi:init_application