move setting of novncproxy_base_url
The fixes introduced in order to resolve https://bugs.launchpad.net/nova/+bug/1409142 (CVE-2015-0259) make novncproxy_base_url relevant on hosts running the nova-novncproxy service, whereas previously it was only used by nova-compute to construct VNC console urls. This change moves the setting of the novncproxy_base_url option out of compute.pp and into nova::vncproxy_common, where it can be used both by compute.pp and vncproxy.pp. Change-Id: I7af4cf8257f2bdbc7d3cc57930fd6371571db531
This commit is contained in:
parent
2aa85630db
commit
28268ad9c7
@ -42,7 +42,7 @@
|
||||
#
|
||||
# [*vncproxy_path*]
|
||||
# (optional) The path at the end of the uri for communication with the VNC proxy server
|
||||
# Defaults to './vnc_auto.html'
|
||||
# Defaults to '/vnc_auto.html'
|
||||
#
|
||||
# [*vnc_keymap*]
|
||||
# (optional) The keymap to use with VNC (ls -alh /usr/share/qemu/keymaps to list available keymaps)
|
||||
@ -142,13 +142,7 @@ class nova::compute (
|
||||
}
|
||||
|
||||
if ($vnc_enabled) {
|
||||
if ($vncproxy_host) {
|
||||
$vncproxy_base_url = "${vncproxy_protocol}://${vncproxy_host}:${vncproxy_port}${vncproxy_path}"
|
||||
# config for vnc proxy
|
||||
nova_config {
|
||||
'DEFAULT/novncproxy_base_url': value => $vncproxy_base_url;
|
||||
}
|
||||
}
|
||||
include ::nova::vncproxy::common
|
||||
}
|
||||
|
||||
nova_config {
|
||||
|
@ -24,18 +24,27 @@
|
||||
# (optional) The state of the nova-novncproxy package
|
||||
# Defaults to 'present'
|
||||
#
|
||||
# [*vncproxy_protocol*]
|
||||
# (optional) The protocol to communicate with the VNC proxy server
|
||||
# Defaults to 'http'
|
||||
#
|
||||
# [*vncproxy_path*]
|
||||
# (optional) The path at the end of the uri for communication with the VNC
|
||||
# proxy server
|
||||
# Defaults to '/vnc_auto.html'
|
||||
#
|
||||
class nova::vncproxy(
|
||||
$enabled = false,
|
||||
$manage_service = true,
|
||||
$vncproxy_protocol = 'http',
|
||||
$host = '0.0.0.0',
|
||||
$port = '6080',
|
||||
$vncproxy_path = '/vnc_auto.html',
|
||||
$ensure_package = 'present'
|
||||
) {
|
||||
|
||||
include ::nova::params
|
||||
|
||||
# TODO make this work on Fedora
|
||||
|
||||
# See http://nova.openstack.org/runnova/vncconsole.html for more details.
|
||||
|
||||
nova_config {
|
||||
@ -43,6 +52,8 @@ class nova::vncproxy(
|
||||
'DEFAULT/novncproxy_port': value => $port;
|
||||
}
|
||||
|
||||
include ::nova::vncproxy::common
|
||||
|
||||
if ! defined(Package['python-numpy']) {
|
||||
package { 'python-numpy':
|
||||
ensure => present,
|
||||
|
54
manifests/vncproxy/common.pp
Normal file
54
manifests/vncproxy/common.pp
Normal file
@ -0,0 +1,54 @@
|
||||
# == Class: nova::vncproxy::common
|
||||
#
|
||||
# [*vncproxy_host*]
|
||||
# (optional) The host of the VNC proxy server
|
||||
# Defaults to false
|
||||
#
|
||||
# [*vncproxy_protocol*]
|
||||
# (optional) The protocol to communicate with the VNC proxy server
|
||||
# Defaults to 'http'
|
||||
#
|
||||
# [*vncproxy_port*]
|
||||
# (optional) The port to communicate with the VNC proxy server
|
||||
# Defaults to '6080'
|
||||
#
|
||||
# [*vncproxy_path*]
|
||||
# (optional) The path at the end of the uri for communication with the VNC proxy server
|
||||
# Defaults to '/vnc_auto.html'
|
||||
#
|
||||
class nova::vncproxy::common (
|
||||
$vncproxy_host = undef,
|
||||
$vncproxy_protocol = undef,
|
||||
$vncproxy_port = undef,
|
||||
$vncproxy_path = undef,
|
||||
) {
|
||||
|
||||
$vncproxy_host_real = pick(
|
||||
$vncproxy_host,
|
||||
$::nova::compute::vncproxy_host,
|
||||
$::nova::vncproxy::host,
|
||||
false)
|
||||
$vncproxy_protocol_real = pick(
|
||||
$vncproxy_protocol,
|
||||
$::nova::compute::vncproxy_protocol,
|
||||
$::nova::vncproxy::vncproxy_protocol,
|
||||
'http')
|
||||
$vncproxy_port_real = pick(
|
||||
$vncproxy_port,
|
||||
$::nova::compute::vncproxy_port,
|
||||
$::nova::vncproxy::port,
|
||||
6080)
|
||||
$vncproxy_path_real = pick(
|
||||
$vncproxy_path,
|
||||
$::nova::compute::vncproxy_path,
|
||||
$::nova::vncproxy::vncproxy_path,
|
||||
'/vnc_auto.html')
|
||||
|
||||
if ($vncproxy_host_real) {
|
||||
$vncproxy_base_url = "${vncproxy_protocol_real}://${vncproxy_host_real}:${vncproxy_port_real}${vncproxy_path_real}"
|
||||
# config for vnc proxy
|
||||
nova_config {
|
||||
'DEFAULT/novncproxy_base_url': value => $vncproxy_base_url;
|
||||
}
|
||||
}
|
||||
}
|
@ -22,6 +22,7 @@ describe 'nova::vncproxy' do
|
||||
|
||||
it { is_expected.to contain_nova_config('DEFAULT/novncproxy_host').with(:value => '0.0.0.0') }
|
||||
it { is_expected.to contain_nova_config('DEFAULT/novncproxy_port').with(:value => '6080') }
|
||||
it { is_expected.to contain_nova_config('DEFAULT/novncproxy_base_url').with(:value => 'http://0.0.0.0:6080/vnc_auto.html') }
|
||||
|
||||
it { is_expected.to contain_package('nova-vncproxy').with(
|
||||
:name => 'nova-novncproxy',
|
||||
|
Loading…
x
Reference in New Issue
Block a user