Allow vncproxy to work with ssl enabled

Right now our vncproxy settings are hard-coded to http and the
non-ssl port.  This change adds a vncproxy entry to the endpoint
map and uses those values to configure the proxy correctly on
compute nodes.  This is sufficient to get it working in my
environment with ssl enabled.

Change-Id: I9d69b088eef4700959b33c7e0eb44932949d7b71
changes/54/268354/2
Ben Nemec 7 years ago
parent bdfdce52ad
commit dd7602ad82
  1. 3
      environments/enable-tls.yaml
  2. 28
      network/endpoints/endpoint_map.yaml
  3. 6
      puppet/compute.yaml

@ -33,6 +33,9 @@ parameter_defaults:
NovaEC2Admin: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'}
NovaEC2Internal: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'}
NovaEC2Public: {protocol: 'https', port: '13773', host: 'CLOUDNAME'}
NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'}
SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'}

@ -74,6 +74,9 @@ parameters:
NovaEC2Admin: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'}
NovaEC2Internal: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'}
NovaEC2Public: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'}
NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
NovaVNCProxyPublic: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'}
SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
SwiftPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'}
@ -364,6 +367,28 @@ resources:
CloudName: {get_param: CloudName}
UriSuffix: '/services/Admin'
NovaVNCProxyInternal:
type: OS::TripleO::Endpoint
properties:
EndpointName: NovaVNCProxyInternal
EndpointMap: { get_param: EndpointMap }
IP: {get_param: NovaApiVirtualIP}
CloudName: {get_param: CloudName}
NovaVNCProxyPublic:
type: OS::TripleO::Endpoint
properties:
EndpointName: NovaVNCProxyPublic
EndpointMap: { get_param: EndpointMap }
IP: {get_param: PublicVirtualIP}
CloudName: {get_param: CloudName}
NovaVNCProxyAdmin:
type: OS::TripleO::Endpoint
properties:
EndpointName: NovaVNCProxyAdmin
EndpointMap: { get_param: EndpointMap }
IP: {get_param: NovaApiVirtualIP}
CloudName: {get_param: CloudName}
SwiftInternal:
type: OS::TripleO::Endpoint
properties:
@ -473,6 +498,9 @@ outputs:
NovaEC2Internal: {get_attr: [ NovaEC2Internal, endpoint] }
NovaEC2Public: {get_attr: [ NovaEC2Public, endpoint] }
NovaEC2Admin: {get_attr: [ NovaEC2Admin, endpoint] }
NovaVNCProxyInternal: {get_attr: [ NovaVNCProxyInternal, endpoint] }
NovaVNCProxyPublic: {get_attr: [ NovaVNCProxyPublic, endpoint] }
NovaVNCProxyAdmin: {get_attr: [ NovaVNCProxyAdmin, endpoint] }
SwiftInternal: {get_attr: [ SwiftInternal, endpoint] }
SwiftPublic: {get_attr: [ SwiftPublic, endpoint] }
SwiftAdmin: {get_attr: [ SwiftAdmin, endpoint] }

@ -463,6 +463,9 @@ resources:
rbd_persistent_storage: {get_input: cinder_enable_rbd_backend}
nova_password: {get_input: nova_password}
nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address}
nova::vncproxy::common::vncproxy_protocol: {get_input: nova_vncproxy_protocol}
nova::vncproxy::common::vncproxy_host: {get_input: nova_vncproxy_host}
nova::vncproxy::common::vncproxy_port: {get_input: nova_vncproxy_port}
nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge}
nova::network::neutron::security_group_api: {get_input: nova_security_group_api}
ceilometer::debug: {get_input: debug}
@ -533,6 +536,9 @@ resources:
nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend}
cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend}
nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]}
nova_vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]}
nova_vncproxy_host: {get_param: [EndpointMap, NovaVNCProxyPublic, host]}
nova_vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]}
nova_ovs_bridge: {get_param: NovaOVSBridge}
nova_security_group_api: {get_param: NovaSecurityGroupAPI}
ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}

Loading…
Cancel
Save