openstack/nova
Code Issues Proposed changes
fda1715744
nova/doc/source/cli/nova-novncproxy.rst
Stephen Finucane b5edc294a1 docs: Add man pages for 'nova-policy' 
I don't actually grok what this does that 'oslopolicy-checker' couldn't
do, so perhaps we can deprecate this in the future. For now though,
simply document the thing. While we're here, we make some additional
related changes:

- Remove references to the 'policy.yaml' file for services that don't
  use policy (i.e. everything except the API services and, due to a bug,
  the nova-compute service).
- Update remaining references to the 'policy.yaml' file to include the
  'policy.d/' directory
- Update the help text for the '--api-name' and '--target' options of
  the 'nova-policy policy check' command to correct tense and better
  explain their purpose.

Also, yes, 'nova-policy policy check' is dumb. Don't blame me :)

Change-Id: I913b0de9ec40a615da7bf9981852edef4a88fecb
Signed-off-by: Stephen Finucane <stephenfin@redhat.com>
Related-bug: #1675486
2021-04-19 10:47:17 +01:00

96 lines
2.8 KiB
ReStructuredText
Raw Blame History

===============
nova-novncproxy
===============
.. program:: nova-novncproxy
Synopsis
========
::
nova-novncproxy [<options>...]
Description
===========
:program:`nova-novncproxy` is a server daemon that serves the Nova noVNC
Websocket Proxy service, which provides a websocket proxy that is compatible
with OpenStack Nova noVNC consoles.
Options
=======
.. rubric:: General options
.. include:: opts/common.rst
.. rubric:: Websockify options
.. include:: opts/websockify.rst
.. rubric:: VNC options
.. option:: --vnc-auth_schemes VNC_AUTH_SCHEMES
The authentication schemes to use with the compute node. Control what RFB
authentication schemes are permitted for connections between the proxy and
the compute host. If multiple schemes are enabled, the first matching
scheme will be used, thus the strongest schemes should be listed first.
.. option:: --vnc-novncproxy_host VNC_NOVNCPROXY_HOST
IP address that the noVNC console proxy should bind to. The VNC proxy is an
OpenStack component that enables compute service users to access their
instances through VNC clients. noVNC provides VNC support through a
websocket-based client. This option sets the private address to which the
noVNC console proxy service should bind to.
.. option:: --vnc-novncproxy_port VNC_NOVNCPROXY_PORT
Port that the noVNC console proxy should bind to. The VNC proxy is an
OpenStack component that enables compute service users to access their
instances through VNC clients. noVNC provides VNC support through a
websocket-based client. This option sets the private port to which the
noVNC console proxy service should bind to.
.. option:: --vnc-vencrypt_ca_certs VNC_VENCRYPT_CA_CERTS
The path to the CA certificate PEM file The fully qualified path to a PEM
file containing one or more x509 certificates for the certificate
authorities used by the compute node VNC server.
.. option:: --vnc-vencrypt_client_cert VNC_VENCRYPT_CLIENT_CERT
The path to the client key file (for x509) The fully qualified path to a
PEM file containing the x509 certificate which the VNC proxy server
presents to the compute node during VNC authentication.
.. option:: --vnc-vencrypt_client_key VNC_VENCRYPT_CLIENT_KEY
The path to the client certificate PEM file (for x509) The fully qualified
path to a PEM file containing the private key which the VNC proxy server
presents to the compute node during VNC authentication.
.. rubric:: Debugger options
.. include:: opts/debugger.rst
Files
=====
* ``/etc/nova/nova.conf``
* ``/etc/nova/rootwrap.conf``
* ``/etc/nova/rootwrap.d/``
See Also
========
:doc:`nova-serialproxy(1) <nova-serialproxy>`,
:doc:`nova-spicehtml5proxy(1) <nova-spicehtml5proxy>`
Bugs
====
* Nova bugs are managed at `Launchpad <https://bugs.launchpad.net/nova>`__
View Git Blame Copy Permalink