diff options
| author | Anthony Young <sleepsonthefloor@gmail.com> | 2010-12-22 02:19:38 -0800 |
|---|---|---|
| committer | Anthony Young <sleepsonthefloor@gmail.com> | 2010-12-22 02:19:38 -0800 |
| commit | f98bb2b2dee4a0ff67a6548646a852686092c53f (patch) | |
| tree | a847e7439994839dd04931ab68e20ababac1ed4b | |
| parent | d118660d1ba860842f539f5e42a1182dc70c3dbe (diff) | |
connecting ajax proxy to rabbit to allow token based security
| -rwxr-xr-x | bin/nova-ajax-proxy | 71 | ||||
| -rw-r--r-- | nova/api/ec2/cloud.py | 4 | ||||
| -rw-r--r-- | nova/flags.py | 3 | ||||
| -rwxr-xr-x | tools/euca_additions/euca-get-ajax-console | 9 |
4 files changed, 79 insertions, 8 deletions
diff --git a/bin/nova-ajax-proxy b/bin/nova-ajax-proxy index 1a0c896ee..cad496b26 100755 --- a/bin/nova-ajax-proxy +++ b/bin/nova-ajax-proxy @@ -1,8 +1,30 @@ #!/usr/bin/python + +import datetime +import os +import sys + +# If ../nova/__init__.py exists, add ../ to Python search path, so that +# it will override what happens to be installed in /usr/(local/)lib/python... +possible_topdir = os.path.normpath(os.path.join(os.path.abspath(sys.argv[0]), + os.pardir, + os.pardir)) +if os.path.exists(os.path.join(possible_topdir, 'nova', '__init__.py')): + sys.path.insert(0, possible_topdir) + +from nova import utils +from nova import flags +from nova import rpc + +import exceptions +import logging +import urlparse + +FLAGS = flags.FLAGS from twisted.internet import reactor +from twisted.internet import task from twisted.web import http from twisted.web.proxy import Proxy, ProxyRequest -import urlparse, exceptions class AjaxProxyRequest(ProxyRequest): def process(self): @@ -20,12 +42,47 @@ class AjaxProxyRequest(ProxyRequest): ProxyRequest.process(self) except (exceptions.KeyError): pass - + class AjaxProxy(Proxy): + tokens = {} requestFactory = AjaxProxyRequest + + def start(self): + conn = rpc.Connection.instance(new=True) + self.consumer = rpc.TopicConsumer( + connection=conn, + topic=FLAGS.ajax_proxy_topic) + self.consumer.register_callback(self) + + task.LoopingCall(self.age).start(1.0) + task.LoopingCall(self.pollq).start(0.1) + + factory = http.HTTPFactory() + factory.protocol = AjaxProxy + + reactor.listenTCP(8000, factory) + reactor.run() + + def age(self): + pass + + def pollq(self): + self.consumer.fetch(auto_ack=True, enable_callbacks=True) -factory = http.HTTPFactory() -factory.protocol = AjaxProxy - -reactor.listenTCP(8000, factory) -reactor.run() + def __call__(self, data, message): + if data['method'] == 'authorize': + AjaxProxy.tokens['token'] = {'args': data['args'], 'born_at': datetime.datetime.now()} + + +if __name__ == '__main__': + utils.default_flagfile() + FLAGS(sys.argv) + + formatter = logging.Formatter('(%(name)s): %(levelname)s %(message)s') + handler = logging.StreamHandler() + handler.setFormatter(formatter) + logging.getLogger().addHandler(handler) + + ajaxproxy = AjaxProxy() + ajaxproxy.start() + diff --git a/nova/api/ec2/cloud.py b/nova/api/ec2/cloud.py index 2ca95c70a..e4ef552b0 100644 --- a/nova/api/ec2/cloud.py +++ b/nova/api/ec2/cloud.py @@ -464,6 +464,10 @@ class CloudController(object): {"method": "get_ajax_console", "args": {"instance_id": instance_ref['id']}}) + rpc.cast(context, '%s' % FLAGS.ajax_proxy_topic, + {"method": "authorize", + "args": {"token": "token", "host": "host", "port":8000}}) + return {"url": output } def describe_volumes(self, context, volume_id=None, **kwargs): diff --git a/nova/flags.py b/nova/flags.py index 8fa0beb7a..53ae9be4f 100644 --- a/nova/flags.py +++ b/nova/flags.py @@ -217,7 +217,8 @@ DEFINE_string('scheduler_topic', 'scheduler', 'the topic scheduler nodes listen on') DEFINE_string('volume_topic', 'volume', 'the topic volume nodes listen on') DEFINE_string('network_topic', 'network', 'the topic network nodes listen on') - +DEFINE_string('ajax_proxy_topic', 'ajax_proxy', + 'the topic ajax proxy nodes listen on') DEFINE_bool('verbose', False, 'show debug output') DEFINE_boolean('fake_rabbit', False, 'use a fake rabbit') DEFINE_bool('fake_network', False, diff --git a/tools/euca_additions/euca-get-ajax-console b/tools/euca_additions/euca-get-ajax-console index 869d5ff91..49e7c378f 100755 --- a/tools/euca_additions/euca-get-ajax-console +++ b/tools/euca_additions/euca-get-ajax-console @@ -3,6 +3,15 @@ import getopt import os import sys + +# If ../nova/__init__.py exists, add ../ to Python search path, so that +# it will override what happens to be installed in /usr/(local/)lib/python... +possible_topdir = os.path.normpath(os.path.join(os.path.abspath(sys.argv[0]), + os.pardir, + os.pardir)) +if os.path.exists(os.path.join(possible_topdir, 'nova', '__init__.py')): + sys.path.insert(0, possible_topdir) + import nova from euca2ools import Euca2ool, InstanceValidationError, Util, ConnectionFailed from nova.boto_extensions import * |