Implements blueprint vnc-console-cleanup

* Creates a unified way to access vnc consoles for xenserver and libvirt * Now supports both java and websocket clients * Removes nova-vncproxy - a replacement version of this (nova-novncproxy) can be found as described in vncconsole.rst * Adds nova-xvpvncproxy, which supports a java vnc client * Adds api extension to access java and novnc access_urls * Fixes proxy server to close/shutdown sockets more cleanly * Address style feedback * Use new-style extension format * Fix setup.py * utils.gen_uuid must be wrapped like str(utils.gen_uuid()) or it can't be serialized Change-Id: I5e42e2f160e8e3476269bd64b0e8aa77e66c918c
author: Anthony Young <sleepsonthefloor@gmail.com> 2011-12-22 21:39:21 +0000
committer: Anthony Young <sleepsonthefloor@gmail.com> 2012-01-17 14:18:31 -0800
commit: 8d010cacb520786fa12794801bc31eddd23b2af7 (patch)
tree: 51609a7c80b6a62128a9819fadb0064209e17a81 /nova/consoleauth
parent: 5987ed97ffb90e52acb7a7d9e0a915d072aadaed (diff)
download: nova-8d010cacb520786fa12794801bc31eddd23b2af7.tar.gz
nova-8d010cacb520786fa12794801bc31eddd23b2af7.tar.xz
nova-8d010cacb520786fa12794801bc31eddd23b2af7.zip
2 files changed, 100 insertions, 0 deletions
diff --git a/nova/consoleauth/__init__.py b/nova/consoleauth/__init__.py
new file mode 100644
index 000000000..9d578b77a
--- /dev/null
+++ b/nova/consoleauth/__init__.py
@@ -0,0 +1,26 @@
+#!/usr/bin/env python
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright (c) 2012 Openstack, LLC.
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License");
+#    you may not use this file except in compliance with the License.
+#    You may obtain a copy of the License at
+#
+#        http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS,
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#    See the License for the specific language governing permissions and
+#    limitations under the License.
+
+"""Module to authenticate Consoles."""
+
+from nova import flags
+
+
+FLAGS = flags.FLAGS
+flags.DEFINE_string('consoleauth_topic', 'consoleauth',
+                   'the topic console auth proxy nodes listen on')
diff --git a/nova/consoleauth/manager.py b/nova/consoleauth/manager.py
new file mode 100644
index 000000000..8f86b4b8c
--- /dev/null
+++ b/nova/consoleauth/manager.py
@@ -0,0 +1,74 @@
+#!/usr/bin/env python
+# vim: tabstop=4 shiftwidth=4 softtabstop=4
+
+# Copyright (c) 2012 Openstack, LLC.
+# All Rights Reserved.
+#
+#    Licensed under the Apache License, Version 2.0 (the "License");
+#    you may not use this file except in compliance with the License.
+#    You may obtain a copy of the License at
+#
+#        http://www.apache.org/licenses/LICENSE-2.0
+#
+#    Unless required by applicable law or agreed to in writing, software
+#    distributed under the License is distributed on an "AS IS" BASIS,
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+#    See the License for the specific language governing permissions and
+#    limitations under the License.
+
+"""Auth Components for Consoles."""
+
+import os
+import sys
+import time
+
+from nova import flags
+from nova import log as logging
+from nova import manager
+from nova import utils
+
+
+LOG = logging.getLogger('nova.consoleauth')
+FLAGS = flags.FLAGS
+flags.DEFINE_integer('console_token_ttl', 600,
+                     'How many seconds before deleting tokens')
+flags.DEFINE_string('consoleauth_manager',
+                    'nova.consoleauth.manager.ConsoleAuthManager',
+                    'Manager for console auth')
+
+
+class ConsoleAuthManager(manager.Manager):
+    """Manages token based authentication."""
+
+    def __init__(self, scheduler_driver=None, *args, **kwargs):
+        super(ConsoleAuthManager, self).__init__(*args, **kwargs)
+        self.tokens = {}
+        utils.LoopingCall(self._delete_expired_tokens).start(1)
+
+    def _delete_expired_tokens(self):
+        now = time.time()
+        to_delete = []
+        for k, v in self.tokens.items():
+            if now - v['last_activity_at'] > FLAGS.console_token_ttl:
+                to_delete.append(k)
+
+        for k in to_delete:
+            LOG.audit(_("Deleting Expired Token: (%s)"), k)
+            del self.tokens[k]
+
+    def authorize_console(self, context, token, console_type, host, port,
+                          internal_access_path):
+        self.tokens[token] = {'token': token,
+                              'console_type': console_type,
+                              'host': host,
+                              'port': port,
+                              'internal_access_path': internal_access_path,
+                              'last_activity_at': time.time()}
+        token_dict = self.tokens[token]
+        LOG.audit(_("Received Token: %(token)s, %(token_dict)s)"), locals())
+
+    def check_token(self, context, token):
+        token_valid = token in self.tokens
+        LOG.audit(_("Checking Token: %(token)s, %(token_valid)s)"), locals())
+        if token_valid:
+            return self.tokens[token]
author	Anthony Young <sleepsonthefloor@gmail.com>	2011-12-22 21:39:21 +0000
committer	Anthony Young <sleepsonthefloor@gmail.com>	2012-01-17 14:18:31 -0800
commit	8d010cacb520786fa12794801bc31eddd23b2af7 (patch)
tree	51609a7c80b6a62128a9819fadb0064209e17a81 /nova/consoleauth
parent	5987ed97ffb90e52acb7a7d9e0a915d072aadaed (diff)
download	nova-8d010cacb520786fa12794801bc31eddd23b2af7.tar.gz nova-8d010cacb520786fa12794801bc31eddd23b2af7.tar.xz nova-8d010cacb520786fa12794801bc31eddd23b2af7.zip