Make nova-novncproxy usable in a public cloud.
This refactors the nova-novncproxy configuration in TripleO
so that it can be used in a cloud where the compute hosts
don't each have to be assigned a public IP. With the
new configuration the nova-novncproxy is configured
to run on the nova-api (controller) node which
typically will have a public IP assigned to it.
Specific changes include:
-move novnc element to nova-novncproxy
-move all the nova-novncproxy stuff out of nova-kvm into
the new nova-novncproxy element
-configures Fedora iptables rules to support noVNC
connections on 6080
-Adds a new nova.public_ip parameter which is used
to construct the novncproxy_base_url. This may be
returned directly to cloud users via
'nova get-vnc-console' or consumed by Horizon.
-Set vncserver_proxyclient_address to the real
local(internal) IP address for the compute host.
Previously we used 127.0.0.1 which won't work
unless nova-novncproxy runs on the Nova compute host.
To do this we use {{local-ipv4}} which should always
be the Heat provided local management IP address
for the compute host.
Change-Id: I18cdc36248749390f0ab1e2c454741dbf2736e7f
Closes-bug: #1309510
This commit is contained in:
Dan Prince
parent
063074e0e1
commit
1f9c1f7385
@ -1,2 +1,3 @@
|
|||||||
iptables
|
iptables
|
||||||
nova
|
nova
|
||||||
|
nova-novncproxy
|
||||||
|
|||||||
@ -1,2 +1 @@
|
|||||||
nova
|
nova
|
||||||
novnc
|
|
||||||
|
|||||||
@ -2,8 +2,6 @@
|
|||||||
|
|
||||||
set -eux
|
set -eux
|
||||||
|
|
||||||
install-packages openstack-nova-novncproxy
|
|
||||||
|
|
||||||
if ! getent group libvirtd; then
|
if ! getent group libvirtd; then
|
||||||
groupadd libvirtd
|
groupadd libvirtd
|
||||||
fi
|
fi
|
||||||
|
|||||||
@ -11,9 +11,6 @@ fi
|
|||||||
|
|
||||||
usermod -a -G libvirtd nova
|
usermod -a -G libvirtd nova
|
||||||
|
|
||||||
os-svc-daemon -i "$NOVA_VENV_DIR" nova-novncproxy nova nova-novncproxy "--config-dir /etc/nova"
|
|
||||||
os-svc-enable -n nova-novncproxy
|
|
||||||
|
|
||||||
# On Fedora configure polkit to allow nova to use libvirt
|
# On Fedora configure polkit to allow nova to use libvirt
|
||||||
if [ -e /etc/polkit-1/rules.d ] ; then
|
if [ -e /etc/polkit-1/rules.d ] ; then
|
||||||
cat - <<-EOF > /etc/polkit-1/rules.d/50-nova.rules
|
cat - <<-EOF > /etc/polkit-1/rules.d/50-nova.rules
|
||||||
|
|||||||
8
elements/nova-novncproxy/README.md
Normal file
8
elements/nova-novncproxy/README.md
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
Install nova-novncproxy along with the necessary components from noVNC.
|
||||||
|
|
||||||
|
Configuration (via the nova element)
|
||||||
|
-------------
|
||||||
|
|
||||||
|
When using VNC be sure to set nova.public_ip (providated via the nova element).
|
||||||
|
This is used to specify the novncproxy_base_url for external proxy connections
|
||||||
|
and is typically configured on controller nodes.
|
||||||
1
elements/nova-novncproxy/element-deps
Normal file
1
elements/nova-novncproxy/element-deps
Normal file
@ -0,0 +1 @@
|
|||||||
|
nova
|
||||||
@ -2,4 +2,6 @@
|
|||||||
|
|
||||||
set -eux
|
set -eux
|
||||||
|
|
||||||
|
install-packages openstack-nova-novncproxy
|
||||||
|
|
||||||
install-packages novnc
|
install-packages novnc
|
||||||
@ -1,6 +1,8 @@
|
|||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
set -ex
|
set -ex
|
||||||
|
|
||||||
|
os-svc-daemon -i "$NOVA_VENV_DIR" nova-novncproxy nova nova-novncproxy "--config-dir /etc/nova"
|
||||||
|
|
||||||
# nova-novncproxy looks in /usr/share/novnc by default
|
# nova-novncproxy looks in /usr/share/novnc by default
|
||||||
install -d -m 0755 -o root -g root /usr/share/novnc
|
install -d -m 0755 -o root -g root /usr/share/novnc
|
||||||
install -m 0644 -o root -g root /opt/stack/novnc/favicon.ico /usr/share/novnc
|
install -m 0644 -o root -g root /opt/stack/novnc/favicon.ico /usr/share/novnc
|
||||||
@ -0,0 +1,5 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
set -eux
|
||||||
|
|
||||||
|
os-svc-enable -n nova-novncproxy
|
||||||
|
os-svc-restart -n nova-novncproxy
|
||||||
@ -0,0 +1,5 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
# open default port for nova-novncproxy connections
|
||||||
|
add-rule INPUT -p tcp -m multiport --dports 6080 -j ACCEPT
|
||||||
@ -32,3 +32,6 @@ nova:
|
|||||||
e.g. 'linux-ext4=mkfs -t ext4 -F -L %(fs_label)s %(target)s'
|
e.g. 'linux-ext4=mkfs -t ext4 -F -L %(fs_label)s %(target)s'
|
||||||
compute_manager: "ironic.nova.compute.manager.ClusterComputeManager"
|
compute_manager: "ironic.nova.compute.manager.ClusterComputeManager"
|
||||||
- set to override the compute manager class used by Nova-Compute.
|
- set to override the compute manager class used by Nova-Compute.
|
||||||
|
public_ip:
|
||||||
|
- public IP address (if any) assigned to this node. Used for VNC proxy
|
||||||
|
connections so this is typically only required on controller nodes.
|
||||||
|
|||||||
@ -47,10 +47,12 @@ keystone_ec2_url=http://{{keystone.host}}:5000/v2.0/ec2tokens
|
|||||||
# Imaging service
|
# Imaging service
|
||||||
glance_api_servers={{glance.host}}:9292
|
glance_api_servers={{glance.host}}:9292
|
||||||
|
|
||||||
# Vnc configuration
|
# VNC configuration
|
||||||
novncproxy_base_url=http://{{nova.host}}:6080/vnc_auto.html
|
{{#nova.public_ip}}
|
||||||
|
novncproxy_base_url=http://{{nova.public_ip}}:6080/vnc_auto.html
|
||||||
|
{{/nova.public_ip}}
|
||||||
novncproxy_port=6080
|
novncproxy_port=6080
|
||||||
vncserver_proxyclient_address=127.0.0.1
|
vncserver_proxyclient_address={{local-ipv4}}
|
||||||
vncserver_listen=0.0.0.0
|
vncserver_listen=0.0.0.0
|
||||||
|
|
||||||
# Networking #
|
# Networking #
|
||||||
|
|||||||
@ -1 +0,0 @@
|
|||||||
Installs the necessary components from noVNC to satisfy nova-novncproxy.
|
|
||||||
@ -1 +0,0 @@
|
|||||||
source-repositories
|
|
||||||
Loading…
Reference in New Issue
Block a user