diff options
| author | root <root@tonbuntu> | 2011-01-12 09:24:57 +0000 |
|---|---|---|
| committer | Tarmac <> | 2011-01-12 09:24:57 +0000 |
| commit | 76fdd667f2efe7e2dc710fe0254437d176efb45c (patch) | |
| tree | dc3640acddec70efd4fef418a298ca53a1e6aa55 /contrib | |
| parent | 78882d496b94915b8a6e2f2edce13e8129299982 (diff) | |
| parent | 7cfca5208766539ae368a9f0b8daba6103041f7f (diff) | |
This branch adds web based serial console access. Here is an overview of how it works (for libvirt):
1. User requests an ajax console for an instance_id (either through OS api, or tools/euca-get-ajax-console)
a. api server calls compute worker to complete request
b. compute worker parses an instance's xml to locate its pseudo terminal (/dev/pts/x)
c. compute worker spawns an ajaxterm daemon, bound to a random port in a specified range. socat is used to connect to /dev/pts/x. Note that ajaxterm was modified in the following ways:
i. dies after 5 minutes of inactivity
ii. now requires token authentication. Previously it was trivial to hijack an ajaxterm
d. compute worker returns ajaxterm connect information to the api server: port, host, token
e. api server casts connect information to the nova-ajax-console-proxy (a new service)
f. api server returns a url for the ajaxterm (eg. http://nova-ajax-console-proxy/?token=123)
2. User now has a url, and can paste it in a browser
a. Browser sends request to https://nova-ajax-console-proxy/?token=123
b. nova-ajax-console-proxy maps token to connect information
c. nova-ajax-console-proxy constructs a proxy to the ajaxterm that is running on the host machine. This is now done with eventlet, though previously it was done using twisted
3. User interacts with console through web browser
NOTE: For this to work as expected, serial console login must be enabled in the instance. Instructions for how to do this on ubuntu can be found here: https://help.ubuntu.com/community/SerialConsoleHowto. Note that you must actively log out of the serial console when you are finished, otherwise the console will remain open even after the ajaxterm term session has ended.
Also note that nova.sh has been modified in this branch to launch nova-ajax-console-proxy.
Diffstat (limited to 'contrib')
| -rwxr-xr-x | contrib/nova.sh | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/contrib/nova.sh b/contrib/nova.sh index da1ba030c..e06706295 100755 --- a/contrib/nova.sh +++ b/contrib/nova.sh @@ -78,6 +78,7 @@ if [ "$CMD" == "install" ]; then sudo apt-get install -y user-mode-linux kvm libvirt-bin sudo apt-get install -y screen euca2ools vlan curl rabbitmq-server sudo apt-get install -y lvm2 iscsitarget open-iscsi + sudo apt-get install -y socat echo "ISCSITARGET_ENABLE=true" | sudo tee /etc/default/iscsitarget sudo /etc/init.d/iscsitarget restart sudo modprobe kvm @@ -155,6 +156,7 @@ if [ "$CMD" == "run" ]; then screen_it network "$NOVA_DIR/bin/nova-network" screen_it scheduler "$NOVA_DIR/bin/nova-scheduler" screen_it volume "$NOVA_DIR/bin/nova-volume" + screen_it ajax_console_proxy "$NOVA_DIR/bin/nova-ajax-console-proxy" screen_it test ". $NOVA_DIR/novarc" screen -S nova -x fi |