From 2b9bdc535d84c41f006efc46f94f9782e2e12b2a Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Sun, 27 Feb 2011 13:35:10 -0500 Subject: [PATCH 01/43] Add lxc to the libvirt tests --- nova/tests/test_virt.py | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index f151ae91..04f943a1 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -112,12 +112,15 @@ class LibvirtConnTestCase(test.TestCase): 'uml': ('uml:///system', [(lambda t: t.find('.').get('type'), 'uml'), (lambda t: t.find('./os/type').text, 'uml')]), + 'lxc': ('lxc://', + [(lambda t: t.find('.').get('type'), 'lxc'), + (lambda t: t.find('./os/type').text, 'lxc')]), 'xen': ('xen:///', [(lambda t: t.find('.').get('type'), 'xen'), (lambda t: t.find('./os/type').text, 'linux')]), } - for hypervisor_type in ['qemu', 'kvm', 'xen']: + for hypervisor_type in ['qemu', 'kvm', 'lxc', 'xen']: check_list = type_uri_map[hypervisor_type][1] if rescue: From e9b31deb2ec0f5b6ef9b29c8ccabed8538b2c480 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 2 Mar 2011 01:21:54 -0800 Subject: [PATCH 02/43] initial commit of vnc support --- nova/flags.py | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/nova/flags.py b/nova/flags.py index 8cf199b2..4f2be82b 100644 --- a/nova/flags.py +++ b/nova/flags.py @@ -281,6 +281,12 @@ DEFINE_string('ajax_console_proxy_url', in the form "http://127.0.0.1:8000"') DEFINE_string('ajax_console_proxy_port', 8000, 'port that ajax_console_proxy binds') +DEFINE_string('vnc_console_proxy_topic', 'vnc_proxy', + 'the topic vnc proxy nodes listen on') +DEFINE_string('vnc_console_proxy_url', + 'http://127.0.0.1:6080', + 'location of vnc console proxy, \ + in the form "http://127.0.0.1:6080"') DEFINE_bool('verbose', False, 'show debug output') DEFINE_boolean('fake_rabbit', False, 'use a fake rabbit') DEFINE_bool('fake_network', False, From 6713aa8f2f7711649e04bf3d0a34c68d89b832c8 Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Wed, 16 Mar 2011 09:15:46 -0400 Subject: [PATCH 03/43] Fix up testsuite for lxc --- nova/tests/test_virt.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index c149c930..b3ca241c 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -256,9 +256,9 @@ class LibvirtConnTestCase(test.TestCase): 'uml': ('uml:///system', [(lambda t: t.find('.').get('type'), 'uml'), (lambda t: t.find('./os/type').text, 'uml')]), - 'lxc': ('lxc://', + 'lxc': ('lxc://;', [(lambda t: t.find('.').get('type'), 'lxc'), - (lambda t: t.find('./os/type').text, 'lxc')]), + (lambda t: t.find('./os/type').text, 'exe')]), 'xen': ('xen:///', [(lambda t: t.find('.').get('type'), 'xen'), (lambda t: t.find('./os/type').text, 'linux')]), From 12697bbe30cb7b17dc966dfb565e3e91949e4ca3 Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Wed, 16 Mar 2011 09:26:37 -0400 Subject: [PATCH 04/43] Really fix testcase --- nova/tests/test_virt.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index b3ca241c..fed8ff80 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -256,7 +256,7 @@ class LibvirtConnTestCase(test.TestCase): 'uml': ('uml:///system', [(lambda t: t.find('.').get('type'), 'uml'), (lambda t: t.find('./os/type').text, 'uml')]), - 'lxc': ('lxc://;', + 'lxc': ('lxc:///', [(lambda t: t.find('.').get('type'), 'lxc'), (lambda t: t.find('./os/type').text, 'exe')]), 'xen': ('xen:///', From 4411702e2dee8235caabd21a5f03756c4da7526f Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Wed, 16 Mar 2011 20:42:39 -0400 Subject: [PATCH 05/43] Revert testsuite changes --- nova/tests/test_virt.py | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index fed8ff80..b214f5ce 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -256,15 +256,12 @@ class LibvirtConnTestCase(test.TestCase): 'uml': ('uml:///system', [(lambda t: t.find('.').get('type'), 'uml'), (lambda t: t.find('./os/type').text, 'uml')]), - 'lxc': ('lxc:///', - [(lambda t: t.find('.').get('type'), 'lxc'), - (lambda t: t.find('./os/type').text, 'exe')]), 'xen': ('xen:///', [(lambda t: t.find('.').get('type'), 'xen'), (lambda t: t.find('./os/type').text, 'linux')]), } - for hypervisor_type in ['qemu', 'kvm', 'lxc', 'xen']: + for hypervisor_type in ['qemu', 'kvm', 'xen']: check_list = type_uri_map[hypervisor_type][1] if rescue: From 2bc8c9dedd930cbd1ffa2dd368d52fceadeb20ad Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Wed, 16 Mar 2011 20:52:14 -0400 Subject: [PATCH 06/43] Add basic tests for lxc containers. --- nova/tests/test_virt.py | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index b214f5ce..fab05de1 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -227,6 +227,42 @@ class LibvirtConnTestCase(test.TestCase): self._check_xml_and_uri(instance_data, expect_kernel=True, expect_ramdisk=True, rescue=True) + def test_lxc_container_and_uri(self): + instance_data = dict(self.test_instace) + self._check_xml_and_container(instance_data) + + def _check_xml_and_container(self, instance): + user_context = context.RequestContext(project=self.project, + user=self.user) + instance_ref = db.instance_create(user_context,instance) + host = self.network.get_network_host(user_context.elevated()) + network_ref= db.project_get_network(context.get_admin_context(), + self.project.id) + + fixed_ip = {'address': self.test_ip, + 'network_id': network_ref['id']} + + ctxt = context.get_admin_context() + fixed_ip_ref = db.fixed_ip_create(ctxt, fixed_ip) + db.fixed_ip_update(ctxt, self.test_ip, + {'allocated': True, + 'instance_id': instance_ref['id']}) + + FLAGS.libvirt_type = 'lxc' + self.assertEquals(uri, 'lxc:///') + + xml = conn.to_xml(instance_ref) + tree = xml_to_tree(xml) + + check = [ + (lambda t: t.find('.').get('type'), 'lxc'), + (lambda t: t.find('./os/type').text, 'exe') + ] + + for i (check, expected_result) in enumerate(check): + self.aseertEqual(check(time), + expected_result, + '%s failed common check %d' % (xml, i)) def _check_xml_and_uri(self, instance, expect_ramdisk, expect_kernel, rescue=False): user_context = context.RequestContext(project=self.project, From ec1c1853f3fd0be2d4cfcceda6cef47c18dd7a9e Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Thu, 17 Mar 2011 07:06:58 -0400 Subject: [PATCH 07/43] Update Authors and testsuite --- Authors | 1 + nova/tests/test_virt.py | 41 ++++++++++++++++++++++++----------------- 2 files changed, 25 insertions(+), 17 deletions(-) diff --git a/Authors b/Authors index 9aad104a..12d2f02d 100644 --- a/Authors +++ b/Authors @@ -11,6 +11,7 @@ Chiradeep Vittal Chmouel Boudjnah Chris Behrens Christian Berendt +Chuck Short Cory Wright Dan Prince David Pravec diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index fab05de1..92c80272 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -228,16 +228,16 @@ class LibvirtConnTestCase(test.TestCase): expect_ramdisk=True, rescue=True) def test_lxc_container_and_uri(self): - instance_data = dict(self.test_instace) + instance_data = dict(self.test_instance) self._check_xml_and_container(instance_data) def _check_xml_and_container(self, instance): user_context = context.RequestContext(project=self.project, user=self.user) - instance_ref = db.instance_create(user_context,instance) + instance_ref = db.instance_create(user_context, instance) host = self.network.get_network_host(user_context.elevated()) - network_ref= db.project_get_network(context.get_admin_context(), - self.project.id) + network_ref = db.project_get_network(context.get_admin_context(), + self.project.id) fixed_ip = {'address': self.test_ip, 'network_id': network_ref['id']} @@ -245,24 +245,28 @@ class LibvirtConnTestCase(test.TestCase): ctxt = context.get_admin_context() fixed_ip_ref = db.fixed_ip_create(ctxt, fixed_ip) db.fixed_ip_update(ctxt, self.test_ip, - {'allocated': True, - 'instance_id': instance_ref['id']}) + {'allocated': True, + 'instance_id': instance_ref['id']}) FLAGS.libvirt_type = 'lxc' + conn = libvirt_conn.LibvirtConnection(True) + + uri = conn.get_uri() self.assertEquals(uri, 'lxc:///') xml = conn.to_xml(instance_ref) tree = xml_to_tree(xml) check = [ - (lambda t: t.find('.').get('type'), 'lxc'), - (lambda t: t.find('./os/type').text, 'exe') + (lambda t: t.find('.').get('type'), 'lxc'), + (lambda t: t.find('./os/type').text, 'exe'), ] - for i (check, expected_result) in enumerate(check): - self.aseertEqual(check(time), + for i, (check, expected_result) in enumerate(check): + self.assertEqual(check(tree), expected_result, '%s failed common check %d' % (xml, i)) + def _check_xml_and_uri(self, instance, expect_ramdisk, expect_kernel, rescue=False): user_context = context.RequestContext(project=self.project, @@ -322,6 +326,7 @@ class LibvirtConnTestCase(test.TestCase): check = (lambda t: t.find('./os/initrd'), None) check_list.append(check) + common_checks = [ (lambda t: t.find('.').tag, 'domain'), (lambda t: t.find( @@ -338,8 +343,9 @@ class LibvirtConnTestCase(test.TestCase): (lambda t: t.find('./devices/serial/source').get( 'path').split('/')[1], 'console.log'), (lambda t: t.find('./memory').text, '2097152')] + if rescue: - common_checks += [ + common_checks = [ (lambda t: t.findall('./devices/disk/source')[0].get( 'file').split('/')[1], 'disk.rescue'), (lambda t: t.findall('./devices/disk/source')[1].get( @@ -362,14 +368,15 @@ class LibvirtConnTestCase(test.TestCase): xml = conn.to_xml(instance_ref, rescue) tree = xml_to_tree(xml) for i, (check, expected_result) in enumerate(checks): - self.assertEqual(check(tree), - expected_result, - '%s failed check %d' % (xml, i)) + self.assertEqual(check(tree), + expected_result, + '%s failed check %d' % (xml, i)) + for i, (check, expected_result) in enumerate(common_checks): - self.assertEqual(check(tree), - expected_result, - '%s failed common check %d' % (xml, i)) + self.assertEqual(check(tree), + expected_result, + '%s failed common check %d' % (xml, i)) # This test is supposed to make sure we don't # override a specifically set uri From aa9e518f3d406e036fab207d4a620484b1155c5e Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Thu, 17 Mar 2011 07:53:25 -0400 Subject: [PATCH 08/43] Update authors again --- Authors | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Authors b/Authors index 12d2f02d..22a9fb8e 100644 --- a/Authors +++ b/Authors @@ -11,7 +11,7 @@ Chiradeep Vittal Chmouel Boudjnah Chris Behrens Christian Berendt -Chuck Short +Chuck Short Cory Wright Dan Prince David Pravec From 425b0931496ac23e05947544e98beb51db9a044f Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Thu, 17 Mar 2011 07:57:06 -0400 Subject: [PATCH 09/43] Fix pep8 errors --- nova/tests/test_virt.py | 2 -- 1 file changed, 2 deletions(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index 92c80272..7d50960a 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -326,7 +326,6 @@ class LibvirtConnTestCase(test.TestCase): check = (lambda t: t.find('./os/initrd'), None) check_list.append(check) - common_checks = [ (lambda t: t.find('.').tag, 'domain'), (lambda t: t.find( @@ -372,7 +371,6 @@ class LibvirtConnTestCase(test.TestCase): expected_result, '%s failed check %d' % (xml, i)) - for i, (check, expected_result) in enumerate(common_checks): self.assertEqual(check(tree), expected_result, From 0785adaefb67e564148824b3fd963799e88ff4e5 Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Thu, 17 Mar 2011 08:49:52 -0400 Subject: [PATCH 10/43] Update mailmap --- .mailmap | 1 + 1 file changed, 1 insertion(+) diff --git a/.mailmap b/.mailmap index ccf2109a..78cfef53 100644 --- a/.mailmap +++ b/.mailmap @@ -10,6 +10,7 @@ + From 866f906ffdbc8a079d0000748dad5b0b82f932f4 Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Thu, 17 Mar 2011 09:15:33 -0400 Subject: [PATCH 11/43] Fixed typo when I was trying to add test cases for lxc --- nova/tests/test_virt.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index 7d50960a..c2b8ba0a 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -344,7 +344,7 @@ class LibvirtConnTestCase(test.TestCase): (lambda t: t.find('./memory').text, '2097152')] if rescue: - common_checks = [ + common_checks += [ (lambda t: t.findall('./devices/disk/source')[0].get( 'file').split('/')[1], 'disk.rescue'), (lambda t: t.findall('./devices/disk/source')[1].get( From f3ad109d9cfa61cc42cb8f980dbcc31617641987 Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Thu, 17 Mar 2011 10:16:37 -0400 Subject: [PATCH 12/43] Remove me from mailmap --- .mailmap | 1 - 1 file changed, 1 deletion(-) diff --git a/.mailmap b/.mailmap index 78cfef53..ccf2109a 100644 --- a/.mailmap +++ b/.mailmap @@ -10,7 +10,6 @@ - From 2bb52f15ea38ded444e68cf8c2e29ff78cdc1e70 Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Thu, 17 Mar 2011 10:22:57 -0400 Subject: [PATCH 13/43] Fix more pep8 errors --- nova/tests/test_virt.py | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index c2b8ba0a..222975ad 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -367,14 +367,14 @@ class LibvirtConnTestCase(test.TestCase): xml = conn.to_xml(instance_ref, rescue) tree = xml_to_tree(xml) for i, (check, expected_result) in enumerate(checks): - self.assertEqual(check(tree), - expected_result, - '%s failed check %d' % (xml, i)) + self.assertEqual(check(tree), + expected_result, + '%s failed check %d' % (xml, i)) for i, (check, expected_result) in enumerate(common_checks): - self.assertEqual(check(tree), - expected_result, - '%s failed common check %d' % (xml, i)) + self.assertEqual(check(tree), + expected_result, + '%s failed common check %d' % (xml, i)) # This test is supposed to make sure we don't # override a specifically set uri From cf7e3e90fbea69d13acf79d39f03a1a283486bf7 Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Thu, 17 Mar 2011 10:41:55 -0400 Subject: [PATCH 14/43] Fix up tests --- nova/tests/test_virt.py | 13 ++++++------- 1 file changed, 6 insertions(+), 7 deletions(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index 222975ad..fefc11f0 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -239,8 +239,8 @@ class LibvirtConnTestCase(test.TestCase): network_ref = db.project_get_network(context.get_admin_context(), self.project.id) - fixed_ip = {'address': self.test_ip, - 'network_id': network_ref['id']} + fixed_ip = {'address': self.test_ip, + 'network_id': network_ref['id']} ctxt = context.get_admin_context() fixed_ip_ref = db.fixed_ip_create(ctxt, fixed_ip) @@ -259,13 +259,13 @@ class LibvirtConnTestCase(test.TestCase): check = [ (lambda t: t.find('.').get('type'), 'lxc'), - (lambda t: t.find('./os/type').text, 'exe'), + (lambda t: t.find('./os/type').text, 'exe') ] for i, (check, expected_result) in enumerate(check): - self.assertEqual(check(tree), - expected_result, - '%s failed common check %d' % (xml, i)) + self.assertEqual(check(tree), + expected_result, + '%s failed common check %d' % (xml, i)) def _check_xml_and_uri(self, instance, expect_ramdisk, expect_kernel, rescue=False): @@ -342,7 +342,6 @@ class LibvirtConnTestCase(test.TestCase): (lambda t: t.find('./devices/serial/source').get( 'path').split('/')[1], 'console.log'), (lambda t: t.find('./memory').text, '2097152')] - if rescue: common_checks += [ (lambda t: t.findall('./devices/disk/source')[0].get( From 7345a4f2c33d7a4fb298ef59acf7eef9aa12f254 Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Thu, 17 Mar 2011 10:43:48 -0400 Subject: [PATCH 15/43] more pep8 fixes --- nova/tests/test_virt.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index fefc11f0..2510525f 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -263,9 +263,9 @@ class LibvirtConnTestCase(test.TestCase): ] for i, (check, expected_result) in enumerate(check): - self.assertEqual(check(tree), - expected_result, - '%s failed common check %d' % (xml, i)) + self.assertEqual(check(tree), + expected_result, + '%s failed common check %d' % (xml, i)) def _check_xml_and_uri(self, instance, expect_ramdisk, expect_kernel, rescue=False): From dc415b35fd1bf046804de75e5e06ae15c93e89db Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Thu, 17 Mar 2011 10:45:31 -0400 Subject: [PATCH 16/43] pep8 fixes --- nova/tests/test_virt.py | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index 2510525f..45f98fcd 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -259,8 +259,7 @@ class LibvirtConnTestCase(test.TestCase): check = [ (lambda t: t.find('.').get('type'), 'lxc'), - (lambda t: t.find('./os/type').text, 'exe') - ] + (lambda t: t.find('./os/type').text, 'exe')] for i, (check, expected_result) in enumerate(check): self.assertEqual(check(tree), From a2a7736d01a5ef62827e75dbc5aa4908f37436d1 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 22 Mar 2011 13:25:53 -0700 Subject: [PATCH 17/43] add in eventlet version of vnc proxy --- bin/nova-vnc-proxy | 203 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 203 insertions(+) create mode 100644 bin/nova-vnc-proxy diff --git a/bin/nova-vnc-proxy b/bin/nova-vnc-proxy new file mode 100644 index 00000000..5f913a82 --- /dev/null +++ b/bin/nova-vnc-proxy @@ -0,0 +1,203 @@ +#!/usr/bin/env python +# pylint: disable-msg=C0103 +# vim: tabstop=4 shiftwidth=4 softtabstop=4 + +# Copyright 2010 United States Government as represented by the +# Administrator of the National Aeronautics and Space Administration. +# All Rights Reserved. +# +# Licensed under the Apache License, Version 2.0 (the "License"); +# you may not use this file except in compliance with the License. +# You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. + +"""VNC Console Proxy Server""" + +from base64 import b64encode, b64decode +import eventlet +from eventlet import wsgi +from eventlet import websocket +import os +import random +import sys +import time +from webob import Request + +possible_topdir = os.path.normpath(os.path.join(os.path.abspath(sys.argv[0]), + os.pardir, + os.pardir)) +if os.path.exists(os.path.join(possible_topdir, 'nova', '__init__.py')): + sys.path.insert(0, possible_topdir) + +from nova import flags +from nova import log as logging +from nova import rpc +from nova import utils + +FLAGS = flags.FLAGS +flags.DEFINE_string('vnc_novnc_dir', '/code/noVNC/vnclet/noVNC', + 'Full path to noVNC directory') +flags.DEFINE_boolean('vnc_debug', True, + 'Enable debugging features, like token bypassing') +flags.DEFINE_integer('vnc_proxy_port', 7000, + 'Port that the VNC proxy should bind to') +flags.DEFINE_string('vnc_proxy_address', '0.0.0.0', + 'Address that the VNC proxy should bind to') + + +class WebsocketVNCProxy(object): + """Class to proxy from websocket to vnc server""" + + def sock2ws(self, source, dest): + try: + while True: + d = source.recv(32384) + if d == '': + break + d = b64encode(d) + dest.send(d) + except: + source.close() + dest.close() + + def ws2sock(self, source, dest): + try: + while True: + d = source.wait() + if d is None: + break + d = b64decode(d) + dest.sendall(d) + except: + source.close() + dest.close() + + def proxy_connection(self, environ, start_response): + @websocket.WebSocketWSGI + def _handle(client): + server = eventlet.connect((client.environ['vnc_host'], + client.environ['vnc_port'])) + t1 = eventlet.spawn(self.ws2sock, client, server) + t2 = eventlet.spawn(self.sock2ws, server, client) + t1.wait() + t2.wait() + _handle(environ, start_response) + + def serve(self, environ, start_response): + req = Request(environ) + if req.path == '/data': + return self.proxy_connection(environ, start_response) + else: + if req.path == '/': + fname = '/vnc_auto.html' + else: + fname = req.path + + fname = FLAGS.vnc_novnc_dir + fname + + base, ext = os.path.splitext(fname) + if ext == '.js': + mimetype = 'application/javascript' + elif ext == '.css': + mimetype = 'text/css' + elif ext in ['.svg', '.jpg', '.png', '.gif']: + mimetype = 'image' + else: + mimetype = 'text/html' + + start_response('200 OK', [('content-type', mimetype)]) + return [open(os.path.join(fname)).read()] + + +class DebugAuthMiddleware(object): + """ Debug middleware for testing purposes. Skips security check + and allows host and port of vnc endpoint to be specified in + the url. + """ + + def __init__(self, app): + self.app = app + + def __call__(self, environ, start_response): + req = Request(environ) + environ['vnc_host'] = req.params.get('host') + environ['vnc_port'] = int(req.params.get('port')) + resp = req.get_response(self.app) + return resp(environ, start_response) + + +class NovaAuthMiddleware(object): + """Implementation of Middleware to Handle Nova Auth""" + + def __init__(self, app): + self.app = app + self.register_listeners() + + def __call__(self, environ, start_response): + req = Request(environ) + + if req.path == '/data': + token = req.params.get('token') + if not token in self.tokens: + start_response('403 Forbidden', + [('content-type', 'text/html')]) + return 'Not Authorized' + + environ['vnc_host'] = self.tokens[token]['args']['host'] + environ['vnc_port'] = int(self.tokens[token]['args']['port']) + + resp = req.get_response(self.app) + return resp(environ, start_response) + + def register_listeners(self): + middleware = self + middleware.tokens = {} + + class Callback: + def __call__(self, data, message): + if data['method'] == 'authorize_vnc_console': + middleware.tokens[data['args']['token']] = \ + {'args': data['args'], 'last_activity_at': time.time()} + + def delete_expired_tokens(): + now = time.time() + to_delete = [] + for k, v in middleware.tokens.items(): + if now - v['last_activity_at'] > 600: + to_delete.append(k) + + for k in to_delete: + del middleware.tokens[k] + + conn = rpc.Connection.instance(new=True) + consumer = rpc.TopicConsumer( + connection=conn, + topic=FLAGS.vnc_console_proxy_topic) + consumer.register_callback(Callback()) + + utils.LoopingCall(consumer.fetch, auto_ack=True, + enable_callbacks=True).start(0.1) + utils.LoopingCall(delete_expired_tokens).start(1) + + +if __name__ == "__main__": + utils.default_flagfile() + FLAGS(sys.argv) + logging.setup() + + listener = eventlet.listen((FLAGS.vnc_proxy_address, FLAGS.vnc_proxy_port)) + proxy = WebsocketVNCProxy() + + if FLAGS.vnc_debug: + proxy = DebugAuthMiddleware(proxy.serve) + else: + proxy = NovaAuthMiddleware(proxy.serve) + + wsgi.server(listener, proxy, max_size=1000) From 676eb4d1622b0c225be790a52d20d6af39f6a794 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 22 Mar 2011 13:26:23 -0700 Subject: [PATCH 18/43] intermediate progress on vnc-nova integration. checking in to show vish. --- nova/flags.py | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/nova/flags.py b/nova/flags.py index 4f2be82b..0360b1e3 100644 --- a/nova/flags.py +++ b/nova/flags.py @@ -287,6 +287,10 @@ DEFINE_string('vnc_console_proxy_url', 'http://127.0.0.1:6080', 'location of vnc console proxy, \ in the form "http://127.0.0.1:6080"') +DEFINE_string('vnc_host_iface', '0.0.0.0', + 'the compute host interface on which vnc server should listen') +DEFINE_bool('vnc_enabled', True, + 'enable vnc related features') DEFINE_bool('verbose', False, 'show debug output') DEFINE_boolean('fake_rabbit', False, 'use a fake rabbit') DEFINE_bool('fake_network', False, From 47634b59c59582f014f5b5f03f42df73b02e8caa Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 22 Mar 2011 13:28:19 -0700 Subject: [PATCH 19/43] make executable --- bin/nova-vnc-proxy | 0 1 file changed, 0 insertions(+), 0 deletions(-) mode change 100644 => 100755 bin/nova-vnc-proxy diff --git a/bin/nova-vnc-proxy b/bin/nova-vnc-proxy old mode 100644 new mode 100755 From 04eedd71c538f90cf804309a3f3a617ad3cc4f5e Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 23 Mar 2011 01:57:38 -0700 Subject: [PATCH 20/43] separating out components of vnc console --- bin/nova-vnc-proxy | 177 +++++++-------------------------------------- 1 file changed, 26 insertions(+), 151 deletions(-) diff --git a/bin/nova-vnc-proxy b/bin/nova-vnc-proxy index 5f913a82..52e96609 100755 --- a/bin/nova-vnc-proxy +++ b/bin/nova-vnc-proxy @@ -20,15 +20,10 @@ """VNC Console Proxy Server""" -from base64 import b64encode, b64decode import eventlet -from eventlet import wsgi -from eventlet import websocket +import gettext import os -import random import sys -import time -from webob import Request possible_topdir = os.path.normpath(os.path.join(os.path.abspath(sys.argv[0]), os.pardir, @@ -36,168 +31,48 @@ possible_topdir = os.path.normpath(os.path.join(os.path.abspath(sys.argv[0]), if os.path.exists(os.path.join(possible_topdir, 'nova', '__init__.py')): sys.path.insert(0, possible_topdir) +gettext.install('nova', unicode=1) + from nova import flags from nova import log as logging -from nova import rpc from nova import utils +from nova import wsgi +from nova.vnc import auth +from nova.vnc import proxy FLAGS = flags.FLAGS -flags.DEFINE_string('vnc_novnc_dir', '/code/noVNC/vnclet/noVNC', +flags.DEFINE_string('vnc_proxy_wwwroot', '/code/noVNC/vnclet/noVNC', 'Full path to noVNC directory') -flags.DEFINE_boolean('vnc_debug', True, +flags.DEFINE_boolean('vnc_debug', False, 'Enable debugging features, like token bypassing') flags.DEFINE_integer('vnc_proxy_port', 7000, 'Port that the VNC proxy should bind to') -flags.DEFINE_string('vnc_proxy_address', '0.0.0.0', +flags.DEFINE_string('vnc_proxy_host', '0.0.0.0', 'Address that the VNC proxy should bind to') - - -class WebsocketVNCProxy(object): - """Class to proxy from websocket to vnc server""" - - def sock2ws(self, source, dest): - try: - while True: - d = source.recv(32384) - if d == '': - break - d = b64encode(d) - dest.send(d) - except: - source.close() - dest.close() - - def ws2sock(self, source, dest): - try: - while True: - d = source.wait() - if d is None: - break - d = b64decode(d) - dest.sendall(d) - except: - source.close() - dest.close() - - def proxy_connection(self, environ, start_response): - @websocket.WebSocketWSGI - def _handle(client): - server = eventlet.connect((client.environ['vnc_host'], - client.environ['vnc_port'])) - t1 = eventlet.spawn(self.ws2sock, client, server) - t2 = eventlet.spawn(self.sock2ws, server, client) - t1.wait() - t2.wait() - _handle(environ, start_response) - - def serve(self, environ, start_response): - req = Request(environ) - if req.path == '/data': - return self.proxy_connection(environ, start_response) - else: - if req.path == '/': - fname = '/vnc_auto.html' - else: - fname = req.path - - fname = FLAGS.vnc_novnc_dir + fname - - base, ext = os.path.splitext(fname) - if ext == '.js': - mimetype = 'application/javascript' - elif ext == '.css': - mimetype = 'text/css' - elif ext in ['.svg', '.jpg', '.png', '.gif']: - mimetype = 'image' - else: - mimetype = 'text/html' - - start_response('200 OK', [('content-type', mimetype)]) - return [open(os.path.join(fname)).read()] - - -class DebugAuthMiddleware(object): - """ Debug middleware for testing purposes. Skips security check - and allows host and port of vnc endpoint to be specified in - the url. - """ - - def __init__(self, app): - self.app = app - - def __call__(self, environ, start_response): - req = Request(environ) - environ['vnc_host'] = req.params.get('host') - environ['vnc_port'] = int(req.params.get('port')) - resp = req.get_response(self.app) - return resp(environ, start_response) - - -class NovaAuthMiddleware(object): - """Implementation of Middleware to Handle Nova Auth""" - - def __init__(self, app): - self.app = app - self.register_listeners() - - def __call__(self, environ, start_response): - req = Request(environ) - - if req.path == '/data': - token = req.params.get('token') - if not token in self.tokens: - start_response('403 Forbidden', - [('content-type', 'text/html')]) - return 'Not Authorized' - - environ['vnc_host'] = self.tokens[token]['args']['host'] - environ['vnc_port'] = int(self.tokens[token]['args']['port']) - - resp = req.get_response(self.app) - return resp(environ, start_response) - - def register_listeners(self): - middleware = self - middleware.tokens = {} - - class Callback: - def __call__(self, data, message): - if data['method'] == 'authorize_vnc_console': - middleware.tokens[data['args']['token']] = \ - {'args': data['args'], 'last_activity_at': time.time()} - - def delete_expired_tokens(): - now = time.time() - to_delete = [] - for k, v in middleware.tokens.items(): - if now - v['last_activity_at'] > 600: - to_delete.append(k) - - for k in to_delete: - del middleware.tokens[k] - - conn = rpc.Connection.instance(new=True) - consumer = rpc.TopicConsumer( - connection=conn, - topic=FLAGS.vnc_console_proxy_topic) - consumer.register_callback(Callback()) - - utils.LoopingCall(consumer.fetch, auto_ack=True, - enable_callbacks=True).start(0.1) - utils.LoopingCall(delete_expired_tokens).start(1) - +flags.DEFINE_flag(flags.HelpFlag()) +flags.DEFINE_flag(flags.HelpshortFlag()) +flags.DEFINE_flag(flags.HelpXMLFlag()) if __name__ == "__main__": utils.default_flagfile() FLAGS(sys.argv) logging.setup() - listener = eventlet.listen((FLAGS.vnc_proxy_address, FLAGS.vnc_proxy_port)) - proxy = WebsocketVNCProxy() + app = proxy.WebsocketVNCProxy(FLAGS.vnc_proxy_wwwroot) if FLAGS.vnc_debug: - proxy = DebugAuthMiddleware(proxy.serve) + app = proxy.DebugMiddleware(app.serve) else: - proxy = NovaAuthMiddleware(proxy.serve) + app = auth.NovaAuthMiddleware(app.serve) - wsgi.server(listener, proxy, max_size=1000) + + listener = eventlet.listen((FLAGS.vnc_proxy_host, FLAGS.vnc_proxy_port)) + + + from eventlet import wsgi + wsgi.server(listener, app, max_size=1000) + + +# server = wsgi.Server() +# server.start(app, FLAGS.vnc_proxy_port, host=FLAGS.vnc_proxy_host) +# server.wait() From f3d7969263cbcb7e4e76aaad357d08768e0d58ba Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 23 Mar 2011 02:06:16 -0700 Subject: [PATCH 21/43] use the nova Server object --- bin/nova-vnc-proxy | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) diff --git a/bin/nova-vnc-proxy b/bin/nova-vnc-proxy index 52e96609..5891652c 100755 --- a/bin/nova-vnc-proxy +++ b/bin/nova-vnc-proxy @@ -61,18 +61,10 @@ if __name__ == "__main__": app = proxy.WebsocketVNCProxy(FLAGS.vnc_proxy_wwwroot) if FLAGS.vnc_debug: - app = proxy.DebugMiddleware(app.serve) + app = proxy.DebugMiddleware(app) else: - app = auth.NovaAuthMiddleware(app.serve) + app = auth.NovaAuthMiddleware(app) - - listener = eventlet.listen((FLAGS.vnc_proxy_host, FLAGS.vnc_proxy_port)) - - - from eventlet import wsgi - wsgi.server(listener, app, max_size=1000) - - -# server = wsgi.Server() -# server.start(app, FLAGS.vnc_proxy_port, host=FLAGS.vnc_proxy_host) -# server.wait() + server = wsgi.Server() + server.start(app, FLAGS.vnc_proxy_port, host=FLAGS.vnc_proxy_host) + server.wait() From c98b2efa9520131dec8f0c52a89059feea861fcd Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 23 Mar 2011 02:33:11 -0700 Subject: [PATCH 22/43] more progress --- bin/nova-vnc-proxy | 14 +++++++++++--- 1 file changed, 11 insertions(+), 3 deletions(-) diff --git a/bin/nova-vnc-proxy b/bin/nova-vnc-proxy index 5891652c..838c871d 100755 --- a/bin/nova-vnc-proxy +++ b/bin/nova-vnc-proxy @@ -37,9 +37,12 @@ from nova import flags from nova import log as logging from nova import utils from nova import wsgi +from nova import version from nova.vnc import auth from nova.vnc import proxy +LOG = logging.getLogger('nova.vnc-proxy') + FLAGS = flags.FLAGS flags.DEFINE_string('vnc_proxy_wwwroot', '/code/noVNC/vnclet/noVNC', 'Full path to noVNC directory') @@ -58,13 +61,18 @@ if __name__ == "__main__": FLAGS(sys.argv) logging.setup() + LOG.audit(_("Starting nova-vnc-proxy node (version %s)"), + version.version_string_with_vcs()) + app = proxy.WebsocketVNCProxy(FLAGS.vnc_proxy_wwwroot) + with_logging = auth.LoggingMiddleware(app) + if FLAGS.vnc_debug: - app = proxy.DebugMiddleware(app) + with_auth = proxy.DebugMiddleware(with_logging) else: - app = auth.NovaAuthMiddleware(app) + with_auth = auth.NovaAuthMiddleware(with_logging) server = wsgi.Server() - server.start(app, FLAGS.vnc_proxy_port, host=FLAGS.vnc_proxy_host) + server.start(with_auth, FLAGS.vnc_proxy_port, host=FLAGS.vnc_proxy_host) server.wait() From 7e515b92864cbc768835d8fba0cbd733fc8ebd39 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 23 Mar 2011 15:53:46 -0700 Subject: [PATCH 23/43] general cleanup, use whitelist for webserver security --- bin/nova-vnc-proxy | 22 ++++++++++++++++++---- nova/flags.py | 2 +- 2 files changed, 19 insertions(+), 5 deletions(-) diff --git a/bin/nova-vnc-proxy b/bin/nova-vnc-proxy index 838c871d..4cd1e908 100755 --- a/bin/nova-vnc-proxy +++ b/bin/nova-vnc-proxy @@ -44,14 +44,16 @@ from nova.vnc import proxy LOG = logging.getLogger('nova.vnc-proxy') FLAGS = flags.FLAGS -flags.DEFINE_string('vnc_proxy_wwwroot', '/code/noVNC/vnclet/noVNC', +flags.DEFINE_string('vnc_proxy_wwwroot', '/code/noVNC/', 'Full path to noVNC directory') flags.DEFINE_boolean('vnc_debug', False, 'Enable debugging features, like token bypassing') -flags.DEFINE_integer('vnc_proxy_port', 7000, +flags.DEFINE_integer('vnc_proxy_port', 6080, 'Port that the VNC proxy should bind to') -flags.DEFINE_string('vnc_proxy_host', '0.0.0.0', +flags.DEFINE_string('vnc_proxy_iface', '0.0.0.0', 'Address that the VNC proxy should bind to') +flags.DEFINE_integer('vnc_token_ttl', 300, + 'How many seconds before deleting tokens') flags.DEFINE_flag(flags.HelpFlag()) flags.DEFINE_flag(flags.HelpshortFlag()) flags.DEFINE_flag(flags.HelpXMLFlag()) @@ -64,8 +66,20 @@ if __name__ == "__main__": LOG.audit(_("Starting nova-vnc-proxy node (version %s)"), version.version_string_with_vcs()) + if not os.path.exists(FLAGS.vnc_proxy_wwwroot): + LOG.info(_("Missing vnc_proxy_wwwroot (version %s)"), + FLAGS.vnc_proxy_wwwroot) + LOG.info(_("You need a slightly modified version of noVNC " + "to work with the nova-vnc-proxy")) + LOG.info(_("Check out the most recent nova noVNC code here: %s"), + "git://github.com/sleepsonthefloor/noVNC.git") + exit(1) + app = proxy.WebsocketVNCProxy(FLAGS.vnc_proxy_wwwroot) + LOG.audit(_("Allowing access to the following files: %s"), + app.get_whitelist()) + with_logging = auth.LoggingMiddleware(app) if FLAGS.vnc_debug: @@ -74,5 +88,5 @@ if __name__ == "__main__": with_auth = auth.NovaAuthMiddleware(with_logging) server = wsgi.Server() - server.start(with_auth, FLAGS.vnc_proxy_port, host=FLAGS.vnc_proxy_host) + server.start(with_auth, FLAGS.vnc_proxy_port, host=FLAGS.vnc_proxy_iface) server.wait() diff --git a/nova/flags.py b/nova/flags.py index 0360b1e3..a0ea1079 100644 --- a/nova/flags.py +++ b/nova/flags.py @@ -287,7 +287,7 @@ DEFINE_string('vnc_console_proxy_url', 'http://127.0.0.1:6080', 'location of vnc console proxy, \ in the form "http://127.0.0.1:6080"') -DEFINE_string('vnc_host_iface', '0.0.0.0', +DEFINE_string('vnc_compute_host_iface', '0.0.0.0', 'the compute host interface on which vnc server should listen') DEFINE_bool('vnc_enabled', True, 'enable vnc related features') From ab8b2dc4149244e90718eae96a39a5b53435f81f Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 23 Mar 2011 16:11:50 -0700 Subject: [PATCH 24/43] make missing noVNC error condition a bit more fool-proof --- bin/nova-vnc-proxy | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/bin/nova-vnc-proxy b/bin/nova-vnc-proxy index 4cd1e908..ea2533dc 100755 --- a/bin/nova-vnc-proxy +++ b/bin/nova-vnc-proxy @@ -44,7 +44,7 @@ from nova.vnc import proxy LOG = logging.getLogger('nova.vnc-proxy') FLAGS = flags.FLAGS -flags.DEFINE_string('vnc_proxy_wwwroot', '/code/noVNC/', +flags.DEFINE_string('vnc_proxy_wwwroot', '/var/lib/nova/noVNC/', 'Full path to noVNC directory') flags.DEFINE_boolean('vnc_debug', False, 'Enable debugging features, like token bypassing') @@ -66,13 +66,15 @@ if __name__ == "__main__": LOG.audit(_("Starting nova-vnc-proxy node (version %s)"), version.version_string_with_vcs()) - if not os.path.exists(FLAGS.vnc_proxy_wwwroot): + if not (os.path.exists(FLAGS.vnc_proxy_wwwroot) and + os.path.exists(FLAGS.vnc_proxy_wwwroot + '/vnc_auto.html')): LOG.info(_("Missing vnc_proxy_wwwroot (version %s)"), FLAGS.vnc_proxy_wwwroot) LOG.info(_("You need a slightly modified version of noVNC " - "to work with the nova-vnc-proxy")) - LOG.info(_("Check out the most recent nova noVNC code here: %s"), - "git://github.com/sleepsonthefloor/noVNC.git") + "to work with the nova-vnc-proxy")) + LOG.info(_("Check out the most recent nova noVNC code: %s"), + "git://github.com/sleepsonthefloor/noVNC.git") + LOG.info(_("And drop it in %s"), FLAGS.vnc_proxy_wwwroot) exit(1) app = proxy.WebsocketVNCProxy(FLAGS.vnc_proxy_wwwroot) From 326b236eb953096934429e9c2af72ebee76057bf Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 24 Mar 2011 00:10:28 -0700 Subject: [PATCH 25/43] minor tweak from termie feedback --- bin/nova-vnc-proxy | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/bin/nova-vnc-proxy b/bin/nova-vnc-proxy index ea2533dc..e7b647c0 100755 --- a/bin/nova-vnc-proxy +++ b/bin/nova-vnc-proxy @@ -1,5 +1,4 @@ #!/usr/bin/env python -# pylint: disable-msg=C0103 # vim: tabstop=4 shiftwidth=4 softtabstop=4 # Copyright 2010 United States Government as represented by the @@ -50,7 +49,7 @@ flags.DEFINE_boolean('vnc_debug', False, 'Enable debugging features, like token bypassing') flags.DEFINE_integer('vnc_proxy_port', 6080, 'Port that the VNC proxy should bind to') -flags.DEFINE_string('vnc_proxy_iface', '0.0.0.0', +flags.DEFINE_string('vnc_proxy_host', '0.0.0.0', 'Address that the VNC proxy should bind to') flags.DEFINE_integer('vnc_token_ttl', 300, 'How many seconds before deleting tokens') @@ -90,5 +89,5 @@ if __name__ == "__main__": with_auth = auth.NovaAuthMiddleware(with_logging) server = wsgi.Server() - server.start(with_auth, FLAGS.vnc_proxy_port, host=FLAGS.vnc_proxy_iface) + server.start(with_auth, FLAGS.vnc_proxy_port, host=FLAGS.vnc_proxy_host) server.wait() From 82783a0058bc23bb7a79c9a5346e0a8eea4e8941 Mon Sep 17 00:00:00 2001 From: Justin Santa Barbara Date: Thu, 24 Mar 2011 01:03:41 -0700 Subject: [PATCH 26/43] Added volume_attachments --- .bzrignore | 2 ++ 1 file changed, 2 insertions(+) diff --git a/.bzrignore b/.bzrignore index d22b6262..f10df621 100644 --- a/.bzrignore +++ b/.bzrignore @@ -14,3 +14,5 @@ CA/newcerts/*.pem CA/private/cakey.pem nova/vcsversion.py *.DS_Store +.project +.pydevproject From d90ae3cc58ed208b4ee1137bcf6d7fee6387b119 Mon Sep 17 00:00:00 2001 From: Justin Santa Barbara Date: Thu, 24 Mar 2011 01:13:20 -0700 Subject: [PATCH 27/43] Created simple test case for server creation, so that we can have something to attach to... --- .bzrignore | 3 +++ 1 file changed, 3 insertions(+) diff --git a/.bzrignore b/.bzrignore index f10df621..b751ad82 100644 --- a/.bzrignore +++ b/.bzrignore @@ -16,3 +16,6 @@ nova/vcsversion.py *.DS_Store .project .pydevproject +clean.sqlite +run_tests.log +tests.sqlite From 9a0bad2e2012b91992a331115b88abda1c51db4d Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 24 Mar 2011 15:55:29 -0700 Subject: [PATCH 28/43] incorporate feedback from termie --- bin/nova-vnc-proxy | 5 ++--- nova/flags.py | 4 ++-- 2 files changed, 4 insertions(+), 5 deletions(-) diff --git a/bin/nova-vnc-proxy b/bin/nova-vnc-proxy index ea2533dc..e7b647c0 100755 --- a/bin/nova-vnc-proxy +++ b/bin/nova-vnc-proxy @@ -1,5 +1,4 @@ #!/usr/bin/env python -# pylint: disable-msg=C0103 # vim: tabstop=4 shiftwidth=4 softtabstop=4 # Copyright 2010 United States Government as represented by the @@ -50,7 +49,7 @@ flags.DEFINE_boolean('vnc_debug', False, 'Enable debugging features, like token bypassing') flags.DEFINE_integer('vnc_proxy_port', 6080, 'Port that the VNC proxy should bind to') -flags.DEFINE_string('vnc_proxy_iface', '0.0.0.0', +flags.DEFINE_string('vnc_proxy_host', '0.0.0.0', 'Address that the VNC proxy should bind to') flags.DEFINE_integer('vnc_token_ttl', 300, 'How many seconds before deleting tokens') @@ -90,5 +89,5 @@ if __name__ == "__main__": with_auth = auth.NovaAuthMiddleware(with_logging) server = wsgi.Server() - server.start(with_auth, FLAGS.vnc_proxy_port, host=FLAGS.vnc_proxy_iface) + server.start(with_auth, FLAGS.vnc_proxy_port, host=FLAGS.vnc_proxy_host) server.wait() diff --git a/nova/flags.py b/nova/flags.py index a0ea1079..1d246920 100644 --- a/nova/flags.py +++ b/nova/flags.py @@ -287,8 +287,8 @@ DEFINE_string('vnc_console_proxy_url', 'http://127.0.0.1:6080', 'location of vnc console proxy, \ in the form "http://127.0.0.1:6080"') -DEFINE_string('vnc_compute_host_iface', '0.0.0.0', - 'the compute host interface on which vnc server should listen') +DEFINE_string('vnc_server_host', '0.0.0.0', + 'the host interface on which vnc server should listen') DEFINE_bool('vnc_enabled', True, 'enable vnc related features') DEFINE_bool('verbose', False, 'show debug output') From 86e53cf5d0981c8ebe4ddd87e1ce59382d5e15f3 Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Mon, 28 Mar 2011 13:49:51 -0400 Subject: [PATCH 29/43] Add more unit tests for lxc --- nova/tests/test_virt.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index cee04427..ed7943ac 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -257,7 +257,9 @@ class LibvirtConnTestCase(test.TestCase): check = [ (lambda t: t.find('.').get('type'), 'lxc'), - (lambda t: t.find('./os/type').text, 'exe')] + (lambda t: t.find('./os/type').text, 'exe'), + (lambda t: t.find('./devices/filesystem/source').get('dir'), 'rootfs'), + (lambda t: t.find('./devices/filesystem/target').get('dir'), '/')] for i, (check, expected_result) in enumerate(check): self.assertEqual(check(tree), From eaffda384694531f75722d1c77c58958eae798bd Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Mon, 28 Mar 2011 14:07:33 -0400 Subject: [PATCH 30/43] More pep8 corrections --- nova/tests/test_virt.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index ed7943ac..8cee5557 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -258,8 +258,8 @@ class LibvirtConnTestCase(test.TestCase): check = [ (lambda t: t.find('.').get('type'), 'lxc'), (lambda t: t.find('./os/type').text, 'exe'), - (lambda t: t.find('./devices/filesystem/source').get('dir'), 'rootfs'), - (lambda t: t.find('./devices/filesystem/target').get('dir'), '/')] + (lambda t: t.find('./devices/filesystem/source').get('dir'), 'rootfs'), + (lambda t: t.find('./devices/filesystem/target').get('dir'), '/')] for i, (check, expected_result) in enumerate(check): self.assertEqual(check(tree), From b73bd99553a852f01dd61bfabd894ecfcca55e4d Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Mon, 28 Mar 2011 14:32:03 -0400 Subject: [PATCH 31/43] Dont make the test fail --- nova/tests/test_virt.py | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index 8cee5557..df29e69c 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -258,7 +258,6 @@ class LibvirtConnTestCase(test.TestCase): check = [ (lambda t: t.find('.').get('type'), 'lxc'), (lambda t: t.find('./os/type').text, 'exe'), - (lambda t: t.find('./devices/filesystem/source').get('dir'), 'rootfs'), (lambda t: t.find('./devices/filesystem/target').get('dir'), '/')] for i, (check, expected_result) in enumerate(check): @@ -266,6 +265,9 @@ class LibvirtConnTestCase(test.TestCase): expected_result, '%s failed common check %d' % (xml, i)) + target = tree.find('./devices/filesystem/source').get('dir') + self.assertTrue(len(target) > 0) + def _check_xml_and_uri(self, instance, expect_ramdisk, expect_kernel, rescue=False): user_context = context.RequestContext(project=self.project, From 2753dab1ad45fb2b0f1c5027978e0ea138e65820 Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Mon, 28 Mar 2011 14:47:25 -0400 Subject: [PATCH 32/43] use self.flags in virt test --- nova/tests/test_virt.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index df29e69c..e6beb8e2 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -246,7 +246,7 @@ class LibvirtConnTestCase(test.TestCase): {'allocated': True, 'instance_id': instance_ref['id']}) - FLAGS.libvirt_type = 'lxc' + self.flags(libvirt_type='lxc') conn = libvirt_conn.LibvirtConnection(True) uri = conn.get_uri() From 11f8e42224214640338c6d18918340056f5caff6 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 28 Mar 2011 15:30:25 -0700 Subject: [PATCH 33/43] add period, test github --- bin/nova-vnc-proxy | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/nova-vnc-proxy b/bin/nova-vnc-proxy index e7b647c0..d39a9613 100755 --- a/bin/nova-vnc-proxy +++ b/bin/nova-vnc-proxy @@ -17,7 +17,7 @@ # See the License for the specific language governing permissions and # limitations under the License. -"""VNC Console Proxy Server""" +"""VNC Console Proxy Server.""" import eventlet import gettext From 5a1ac29b8dc9048812454ed6b499b10d27103aaa Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 28 Mar 2011 15:38:09 -0700 Subject: [PATCH 34/43] address some of termie's recommendations --- bin/nova-vnc-proxy | 3 +++ nova/tests/test_compute.py | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/bin/nova-vnc-proxy b/bin/nova-vnc-proxy index d39a9613..e26bc6d8 100755 --- a/bin/nova-vnc-proxy +++ b/bin/nova-vnc-proxy @@ -40,8 +40,10 @@ from nova import version from nova.vnc import auth from nova.vnc import proxy + LOG = logging.getLogger('nova.vnc-proxy') + FLAGS = flags.FLAGS flags.DEFINE_string('vnc_proxy_wwwroot', '/var/lib/nova/noVNC/', 'Full path to noVNC directory') @@ -57,6 +59,7 @@ flags.DEFINE_flag(flags.HelpFlag()) flags.DEFINE_flag(flags.HelpshortFlag()) flags.DEFINE_flag(flags.HelpXMLFlag()) + if __name__ == "__main__": utils.default_flagfile() FLAGS(sys.argv) diff --git a/nova/tests/test_compute.py b/nova/tests/test_compute.py index 0be08a77..038824ef 100644 --- a/nova/tests/test_compute.py +++ b/nova/tests/test_compute.py @@ -290,7 +290,7 @@ class ComputeTestCase(test.TestCase): self.compute.terminate_instance(self.context, instance_id) def test_vnc_console(self): - """Make sure we can a vnc console for an instance""" + """Make sure we can a vnc console for an instance.""" instance_id = self._create_instance() self.compute.run_instance(self.context, instance_id) From a566a99eff5caff1116267d5a50262953398aa0c Mon Sep 17 00:00:00 2001 From: Chuck Short Date: Tue, 29 Mar 2011 15:48:02 -0400 Subject: [PATCH 35/43] Style fixes --- nova/tests/test_virt.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/nova/tests/test_virt.py b/nova/tests/test_virt.py index e6beb8e2..958c8e3e 100644 --- a/nova/tests/test_virt.py +++ b/nova/tests/test_virt.py @@ -237,13 +237,13 @@ class LibvirtConnTestCase(test.TestCase): network_ref = db.project_get_network(context.get_admin_context(), self.project.id) - fixed_ip = {'address': self.test_ip, - 'network_id': network_ref['id']} + fixed_ip = {'address': self.test_ip, + 'network_id': network_ref['id']} ctxt = context.get_admin_context() fixed_ip_ref = db.fixed_ip_create(ctxt, fixed_ip) db.fixed_ip_update(ctxt, self.test_ip, - {'allocated': True, + {'allocated': True, 'instance_id': instance_ref['id']}) self.flags(libvirt_type='lxc') From f59aeae0b9a5c5c5b328350dc9b19b92110de0e9 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 29 Mar 2011 12:54:35 -0700 Subject: [PATCH 36/43] use manager pattern for auth token proxy --- bin/{nova-vnc-proxy => nova-vncproxy} | 31 ++++++++++++++++----------- nova/flags.py | 2 +- 2 files changed, 19 insertions(+), 14 deletions(-) rename bin/{nova-vnc-proxy => nova-vncproxy} (75%) diff --git a/bin/nova-vnc-proxy b/bin/nova-vncproxy similarity index 75% rename from bin/nova-vnc-proxy rename to bin/nova-vncproxy index e26bc6d8..0fad8397 100755 --- a/bin/nova-vnc-proxy +++ b/bin/nova-vncproxy @@ -1,8 +1,7 @@ #!/usr/bin/env python # vim: tabstop=4 shiftwidth=4 softtabstop=4 -# Copyright 2010 United States Government as represented by the -# Administrator of the National Aeronautics and Space Administration. +# Copyright (c) 2010 Openstack, LLC. # All Rights Reserved. # # Licensed under the Apache License, Version 2.0 (the "License"); @@ -34,6 +33,7 @@ gettext.install('nova', unicode=1) from nova import flags from nova import log as logging +from nova import service from nova import utils from nova import wsgi from nova import version @@ -45,16 +45,19 @@ LOG = logging.getLogger('nova.vnc-proxy') FLAGS = flags.FLAGS -flags.DEFINE_string('vnc_proxy_wwwroot', '/var/lib/nova/noVNC/', +flags.DEFINE_string('vncproxy_wwwroot', '/var/lib/nova/noVNC/', 'Full path to noVNC directory') flags.DEFINE_boolean('vnc_debug', False, 'Enable debugging features, like token bypassing') -flags.DEFINE_integer('vnc_proxy_port', 6080, +flags.DEFINE_integer('vncproxy_port', 6080, 'Port that the VNC proxy should bind to') -flags.DEFINE_string('vnc_proxy_host', '0.0.0.0', +flags.DEFINE_string('vncproxy_host', '0.0.0.0', 'Address that the VNC proxy should bind to') flags.DEFINE_integer('vnc_token_ttl', 300, 'How many seconds before deleting tokens') +flags.DEFINE_string('vncproxy_manager', 'nova.vnc.auth.VNCProxyAuthManager', + 'Manager for vncproxy auth') + flags.DEFINE_flag(flags.HelpFlag()) flags.DEFINE_flag(flags.HelpshortFlag()) flags.DEFINE_flag(flags.HelpXMLFlag()) @@ -68,18 +71,20 @@ if __name__ == "__main__": LOG.audit(_("Starting nova-vnc-proxy node (version %s)"), version.version_string_with_vcs()) - if not (os.path.exists(FLAGS.vnc_proxy_wwwroot) and - os.path.exists(FLAGS.vnc_proxy_wwwroot + '/vnc_auto.html')): - LOG.info(_("Missing vnc_proxy_wwwroot (version %s)"), - FLAGS.vnc_proxy_wwwroot) + service.serve() + + if not (os.path.exists(FLAGS.vncproxy_wwwroot) and + os.path.exists(FLAGS.vncproxy_wwwroot + '/vnc_auto.html')): + LOG.info(_("Missing vncproxy_wwwroot (version %s)"), + FLAGS.vncproxy_wwwroot) LOG.info(_("You need a slightly modified version of noVNC " "to work with the nova-vnc-proxy")) LOG.info(_("Check out the most recent nova noVNC code: %s"), "git://github.com/sleepsonthefloor/noVNC.git") - LOG.info(_("And drop it in %s"), FLAGS.vnc_proxy_wwwroot) + LOG.info(_("And drop it in %s"), FLAGS.vncproxy_wwwroot) exit(1) - app = proxy.WebsocketVNCProxy(FLAGS.vnc_proxy_wwwroot) + app = proxy.WebsocketVNCProxy(FLAGS.vncproxy_wwwroot) LOG.audit(_("Allowing access to the following files: %s"), app.get_whitelist()) @@ -89,8 +94,8 @@ if __name__ == "__main__": if FLAGS.vnc_debug: with_auth = proxy.DebugMiddleware(with_logging) else: - with_auth = auth.NovaAuthMiddleware(with_logging) + with_auth = auth.VNCNovaAuthMiddleware(with_logging) server = wsgi.Server() - server.start(with_auth, FLAGS.vnc_proxy_port, host=FLAGS.vnc_proxy_host) + server.start(with_auth, FLAGS.vncproxy_port, host=FLAGS.vncproxy_host) server.wait() diff --git a/nova/flags.py b/nova/flags.py index ba543f46..b5c0cd38 100644 --- a/nova/flags.py +++ b/nova/flags.py @@ -281,7 +281,7 @@ DEFINE_string('ajax_console_proxy_url', in the form "http://127.0.0.1:8000"') DEFINE_string('ajax_console_proxy_port', 8000, 'port that ajax_console_proxy binds') -DEFINE_string('vnc_console_proxy_topic', 'vnc_proxy', +DEFINE_string('vnc_console_proxy_topic', 'vncproxy', 'the topic vnc proxy nodes listen on') DEFINE_string('vnc_console_proxy_url', 'http://127.0.0.1:6080', From a92b415fb906fa33bda7ac19e10f8bff03dc6208 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 29 Mar 2011 13:32:03 -0700 Subject: [PATCH 37/43] fix flag names --- nova/flags.py | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/nova/flags.py b/nova/flags.py index b5c0cd38..b0c116f6 100644 --- a/nova/flags.py +++ b/nova/flags.py @@ -281,13 +281,13 @@ DEFINE_string('ajax_console_proxy_url', in the form "http://127.0.0.1:8000"') DEFINE_string('ajax_console_proxy_port', 8000, 'port that ajax_console_proxy binds') -DEFINE_string('vnc_console_proxy_topic', 'vncproxy', +DEFINE_string('vncproxy_topic', 'vncproxy', 'the topic vnc proxy nodes listen on') -DEFINE_string('vnc_console_proxy_url', +DEFINE_string('vncproxy_url', 'http://127.0.0.1:6080', 'location of vnc console proxy, \ in the form "http://127.0.0.1:6080"') -DEFINE_string('vnc_server_host', '0.0.0.0', +DEFINE_string('vncserver_host', '0.0.0.0', 'the host interface on which vnc server should listen') DEFINE_bool('vnc_enabled', True, 'enable vnc related features') From 0a689ff7bb97c4c7a6e17256eddd04ce426b8891 Mon Sep 17 00:00:00 2001 From: Josh Kearney Date: Tue, 29 Mar 2011 15:32:44 -0500 Subject: [PATCH 38/43] Make Dnsmasq_interface configurable --- bin/nova-dhcpbridge | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/bin/nova-dhcpbridge b/bin/nova-dhcpbridge index 7ef51feb..f42dfd6b 100755 --- a/bin/nova-dhcpbridge +++ b/bin/nova-dhcpbridge @@ -48,6 +48,7 @@ flags.DECLARE('auth_driver', 'nova.auth.manager') flags.DECLARE('network_size', 'nova.network.manager') flags.DECLARE('num_networks', 'nova.network.manager') flags.DECLARE('update_dhcp_on_disassociate', 'nova.network.manager') +flags.DEFINE_string('dnsmasq_interface', 'br0', 'Default Dnsmasq interface') LOG = logging.getLogger('nova.dhcpbridge') @@ -103,7 +104,8 @@ def main(): utils.default_flagfile(flagfile) argv = FLAGS(sys.argv) logging.setup() - interface = os.environ.get('DNSMASQ_INTERFACE', 'br0') + # check ENV first so we don't break any older deploys + interface = os.environ.get('DNSMASQ_INTERFACE', FLAGS.dnsmasq_interface) if int(os.environ.get('TESTING', '0')): from nova.tests import fake_flags action = argv[1] From f1f0af4539717d88d1eca0ec4f4e89eb80e17ee2 Mon Sep 17 00:00:00 2001 From: Vishvananda Ishaya Date: Tue, 29 Mar 2011 13:43:03 -0700 Subject: [PATCH 39/43] don't print the error message on sys.exit(0) --- bin/nova-manage | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/bin/nova-manage b/bin/nova-manage index f7308abe..25695482 100755 --- a/bin/nova-manage +++ b/bin/nova-manage @@ -1125,7 +1125,7 @@ def main(): print _("Possible wrong number of arguments supplied") print "%s %s: %s" % (category, action, fn.__doc__) raise - except: + except Exception: print _("Command failed, please check log for more info") raise From f9ff0a2e5dac4c7cecd7b1ba0fc4e648cfd9a892 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 29 Mar 2011 13:47:47 -0700 Subject: [PATCH 40/43] move flags per termie's feedback --- nova/flags.py | 10 ---------- 1 file changed, 10 deletions(-) diff --git a/nova/flags.py b/nova/flags.py index b0c116f6..f011ab38 100644 --- a/nova/flags.py +++ b/nova/flags.py @@ -281,16 +281,6 @@ DEFINE_string('ajax_console_proxy_url', in the form "http://127.0.0.1:8000"') DEFINE_string('ajax_console_proxy_port', 8000, 'port that ajax_console_proxy binds') -DEFINE_string('vncproxy_topic', 'vncproxy', - 'the topic vnc proxy nodes listen on') -DEFINE_string('vncproxy_url', - 'http://127.0.0.1:6080', - 'location of vnc console proxy, \ - in the form "http://127.0.0.1:6080"') -DEFINE_string('vncserver_host', '0.0.0.0', - 'the host interface on which vnc server should listen') -DEFINE_bool('vnc_enabled', True, - 'enable vnc related features') DEFINE_bool('verbose', False, 'show debug output') DEFINE_boolean('fake_rabbit', False, 'use a fake rabbit') DEFINE_bool('fake_network', False, From 271feeccc63878e3f365edbdf147e1b6e9da457b Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 29 Mar 2011 14:53:38 -0700 Subject: [PATCH 41/43] incorporate feedback from termie --- bin/nova-vncproxy | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/bin/nova-vncproxy b/bin/nova-vncproxy index 0fad8397..ccb97e3a 100755 --- a/bin/nova-vncproxy +++ b/bin/nova-vncproxy @@ -71,8 +71,6 @@ if __name__ == "__main__": LOG.audit(_("Starting nova-vnc-proxy node (version %s)"), version.version_string_with_vcs()) - service.serve() - if not (os.path.exists(FLAGS.vncproxy_wwwroot) and os.path.exists(FLAGS.vncproxy_wwwroot + '/vnc_auto.html')): LOG.info(_("Missing vncproxy_wwwroot (version %s)"), @@ -96,6 +94,8 @@ if __name__ == "__main__": else: with_auth = auth.VNCNovaAuthMiddleware(with_logging) + service.serve() + server = wsgi.Server() server.start(with_auth, FLAGS.vncproxy_port, host=FLAGS.vncproxy_host) server.wait() From a6e467de366ff0f99e4eab50348e29f7cb70f6af Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 29 Mar 2011 15:22:16 -0700 Subject: [PATCH 42/43] clarify test --- nova/tests/test_compute.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/nova/tests/test_compute.py b/nova/tests/test_compute.py index 038824ef..1b0f426d 100644 --- a/nova/tests/test_compute.py +++ b/nova/tests/test_compute.py @@ -286,7 +286,7 @@ class ComputeTestCase(test.TestCase): console = self.compute.get_ajax_console(self.context, instance_id) - self.assert_(console) + self.assert_(set(['token', 'host', 'port']).issubset(console.keys())) self.compute.terminate_instance(self.context, instance_id) def test_vnc_console(self): From 3f8297f4f34453045ef426d0660699ff50052b80 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 29 Mar 2011 16:13:09 -0700 Subject: [PATCH 43/43] fix for lp742650 --- bin/nova-ajax-console-proxy | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/bin/nova-ajax-console-proxy b/bin/nova-ajax-console-proxy index 0342c620..d88f59e4 100755 --- a/bin/nova-ajax-console-proxy +++ b/bin/nova-ajax-console-proxy @@ -108,17 +108,17 @@ class AjaxConsoleProxy(object): return "Server Error" def register_listeners(self): - class Callback: - def __call__(self, data, message): - if data['method'] == 'authorize_ajax_console': - AjaxConsoleProxy.tokens[data['args']['token']] = \ - {'args': data['args'], 'last_activity': time.time()} + class TopicProxy(): + @staticmethod + def authorize_ajax_console(context, **kwargs): + AjaxConsoleProxy.tokens[kwargs['token']] = \ + {'args': kwargs, 'last_activity': time.time()} conn = rpc.Connection.instance(new=True) consumer = rpc.TopicAdapterConsumer( - connection=conn, - topic=FLAGS.ajax_console_proxy_topic) - consumer.register_callback(Callback()) + connection=conn, + proxy=TopicProxy, + topic=FLAGS.ajax_console_proxy_topic) def delete_expired_tokens(): now = time.time() @@ -130,8 +130,7 @@ class AjaxConsoleProxy(object): for k in to_delete: del AjaxConsoleProxy.tokens[k] - utils.LoopingCall(consumer.fetch, auto_ack=True, - enable_callbacks=True).start(0.1) + utils.LoopingCall(consumer.fetch, enable_callbacks=True).start(0.1) utils.LoopingCall(delete_expired_tokens).start(1) if __name__ == '__main__':