Merge "VNC Graphical console"
This commit is contained in:
commit
ad3533cee7
|
@ -0,0 +1,325 @@
|
|||
..
|
||||
This work is licensed under a Creative Commons Attribution 3.0 Unported
|
||||
License.
|
||||
|
||||
http://creativecommons.org/licenses/by/3.0/legalcode
|
||||
|
||||
=====================
|
||||
VNC Graphical console
|
||||
=====================
|
||||
|
||||
https://bugs.launchpad.net/ironic/+bug/1567629
|
||||
|
||||
In addition to a serial console, allow ironic nodes to be accessed through a
|
||||
graphical console. This proposal presents the work required to create a new
|
||||
driver interface for accessing graphical console of a node.
|
||||
|
||||
|
||||
Problem description
|
||||
===================
|
||||
|
||||
End users often have to troubleshoot their instances because they might have
|
||||
broken their boot configuration or locked themselves out with a firewall.
|
||||
Keyboard-Video-Mouse (KVM) access is often required for troubleshooting these
|
||||
types of issues as serial access is not always available or correctly
|
||||
configured. Also, KVM provides a better user experience as compared to serial
|
||||
console.
|
||||
|
||||
Currently, ironic does not expose a node's KVM capabilities. As such, admin
|
||||
users and deployers have to find alternatives to provide KVM access to their
|
||||
users. Also, Horizon's VNC console is not supported for the ironic nodes
|
||||
provisioned by Nova.
|
||||
|
||||
|
||||
Proposed change
|
||||
===============
|
||||
|
||||
* A new interface ``GraphicalConsoleInterface`` will be added. This interface
|
||||
will essentially have the same class API as current ``ConsoleInterface``
|
||||
interface (with ``start_console``, ``stop_console`` and ``get_console``
|
||||
methods), but it will be possible to enable/disable/configure it
|
||||
independently from serial console access.
|
||||
As with other ironic driver interfaces and hardware types, operators
|
||||
are free to choose which implementation of a graphical console access to use
|
||||
by setting it to the one enabled and supported by corresponding hardware type
|
||||
implementations.
|
||||
The new interface will have following methods::
|
||||
|
||||
class GraphicalConsoleInterface(BaseInterface):
|
||||
"""Interface for graphical console-related actions."""
|
||||
interface_type = "graphical_console"
|
||||
|
||||
@abc.abstractmethod
|
||||
def start_console(self, task):
|
||||
"""Start a remote graphical console for the task's node.
|
||||
|
||||
This method should not raise an exception if console already started.
|
||||
|
||||
:param task: a TaskManager instance containing the node to act on.
|
||||
"""
|
||||
|
||||
@abc.abstractmethod
|
||||
def stop_console(self, task):
|
||||
"""Stop the remote graphical console session for the task's node.
|
||||
|
||||
:param task: a TaskManager instance containing the node to act on.
|
||||
"""
|
||||
|
||||
@abc.abstractmethod
|
||||
def get_console(self, task):
|
||||
"""Get connection information about the graphical console.
|
||||
|
||||
This method should return the necessary information for the
|
||||
client to access the graphical console.
|
||||
|
||||
:param task: a TaskManager instance containing the node to act on.
|
||||
:returns: the graphical console connection information.
|
||||
"""
|
||||
|
||||
* The following new hardware interface implementations of
|
||||
``GraphicalConsoleInterface`` will be created.
|
||||
|
||||
+ ``ipmitool-vnc`` - For accessing graphical console using VNC.
|
||||
+ ``no-graphical-console`` - For no graphical console.
|
||||
+ ``fake`` - For accessing fake graphical console used for testing.
|
||||
|
||||
* New config options will be introduced for this interface which are as
|
||||
follows:
|
||||
|
||||
+ ``[DEFAULT]enabled_graphical_console_interfaces`` - This config option
|
||||
represents the list of enabled graphical console interfaces in ironic.
|
||||
The default value is ``['no-graphical-console']``.
|
||||
|
||||
+ ``[DEFAULT]default_graphical_console_interface`` - This config option
|
||||
represents the default graphical console interface to be used with various
|
||||
drivers. The default value will be ``no-graphical-console``.
|
||||
|
||||
* Two new fields will be added to the Node object:
|
||||
|
||||
+ ``graphical_console_interface`` - This field represents the supported
|
||||
graphical console interface for the node.
|
||||
|
||||
+ ``graphical_console_enabled`` - This field will a Boolean value that will
|
||||
represent the state of console. It will be set to True via request to start
|
||||
the graphical console.
|
||||
|
||||
* While a node unprovisioning, Ironic will stop all the graphical connections
|
||||
to the node.
|
||||
|
||||
Alternatives
|
||||
------------
|
||||
|
||||
* Accept this limitation and only offer a serial console.
|
||||
|
||||
* Use out-of-band KVM access provided by administrator without Ironic support.
|
||||
|
||||
* Generalize and formalize concept of a ``console`` interface,
|
||||
and allow to have arbitrary number of console interfaces
|
||||
(from those declared as supported by a hardware type) to be active and
|
||||
enabled for a particular node.
|
||||
|
||||
Data model impact
|
||||
-----------------
|
||||
|
||||
- A new node field ``graphical_console_enabled``, during upgrade/conversion
|
||||
will be populated from ``default_graphical_console_interface`` config option
|
||||
(``no-graphical-console`` by default).
|
||||
- new node field ``graphical_console_interface`` will be added.
|
||||
|
||||
State Machine Impact
|
||||
--------------------
|
||||
|
||||
None.
|
||||
|
||||
|
||||
REST API impact
|
||||
---------------
|
||||
|
||||
* Add a new optional ``console_type`` parameter to
|
||||
``GET /v1/nodes/{node_ident}/states/console`` and
|
||||
``PUT /v1/nodes/{node_ident}/states/console`` APIs. This
|
||||
parameter defines which type of console the Ironic users want to access.
|
||||
The default value will be ``serial``. The possible values are as follows:
|
||||
|
||||
+ ``serial`` - For accessing the serial console.
|
||||
+ ``graphical`` - For accessing the graphical console.
|
||||
|
||||
This parameter will be included in the query string.
|
||||
|
||||
Example::
|
||||
|
||||
GET /v1/nodes/{node_ident}/states/console?console_type=graphical
|
||||
|
||||
The response would be same as the console interface. A new 400 HTTP response
|
||||
will be returned if user provides a invalid ``console_type``.
|
||||
|
||||
The API microversion will need to be bumped.
|
||||
|
||||
|
||||
Client (CLI) impact
|
||||
-------------------
|
||||
|
||||
* A new option ``--type`` will be added to OSC command
|
||||
``openstack baremetal node console enable`` and
|
||||
``openstack baremetal node console disable``.
|
||||
|
||||
* A new option ``--type`` will be added to OSC command
|
||||
``openstack baremetal node console show``.
|
||||
|
||||
|
||||
RPC API impact
|
||||
--------------
|
||||
|
||||
* Add a new ``console_type`` parameter to ``get_console_information``
|
||||
|
||||
* Add a new ``console_type`` parameter to ``set_console_mode``
|
||||
|
||||
The RPC API microversion will need to be bumped.
|
||||
|
||||
|
||||
Driver API impact
|
||||
-----------------
|
||||
|
||||
* The new ``GraphicalConsoleInterface`` will be included in the standardized
|
||||
interfaces group. It is not a mandatory interface.
|
||||
|
||||
Nova driver impact
|
||||
------------------
|
||||
|
||||
Nova impacts are fully described in the VNC console support for Ironic
|
||||
driver [#]_ blueprint in Nova.
|
||||
|
||||
Essentially, the Ironic virt driver will have to implement ``get_vnc_console``
|
||||
and call Ironic's get/set-console-mode with the ``graphical`` type.
|
||||
|
||||
As per policy in Nova, changes cannot land until ironic and python-ironicclient
|
||||
changes have landed. The changes on the Nova side are fairly straightforward.
|
||||
|
||||
|
||||
Ramdisk impact
|
||||
--------------
|
||||
|
||||
None.
|
||||
|
||||
|
||||
Security impact
|
||||
---------------
|
||||
|
||||
* The VNC connection to the nodes are secured by a token generated while
|
||||
creating the console in Nova.
|
||||
|
||||
* With standalone Ironic deployment, this will return a URL and a user
|
||||
could directly connect with it. The connection to the baremetal node
|
||||
will not be secure.
|
||||
|
||||
Other end user impact
|
||||
---------------------
|
||||
|
||||
* The number of maximum connections per console, specifically VNC consoles is
|
||||
implementation specific. Some servers are capable of multiple connections and
|
||||
others aren't.
|
||||
|
||||
|
||||
Scalability impact
|
||||
------------------
|
||||
|
||||
* As mentioned in the last section, the number of connections varies based on
|
||||
the hardware.
|
||||
|
||||
* TODO(mkrai): Update the number of connections a conductor can handle to
|
||||
address Ruby's comment on PS7.
|
||||
|
||||
|
||||
Performance Impact
|
||||
------------------
|
||||
|
||||
None.
|
||||
|
||||
|
||||
Other deployer impact
|
||||
---------------------
|
||||
|
||||
* Adds ``enabled_graphical_console_interfaces`` config option.
|
||||
|
||||
* Adds ``default_graphical_console_interface`` config option.
|
||||
|
||||
Developer impact
|
||||
----------------
|
||||
|
||||
Driver developers can now offer multiple console interfaces rather than
|
||||
sticking to a single one. This actually maps much better to the reality
|
||||
of servers often offering a Serial-on-LAN access along with a
|
||||
Keyboard-Video-Mouse access.
|
||||
|
||||
|
||||
Implementation
|
||||
==============
|
||||
|
||||
Assignee(s)
|
||||
-----------
|
||||
|
||||
Primary assignee:
|
||||
* mkrai
|
||||
|
||||
Other contributors:
|
||||
* anupn
|
||||
|
||||
Work Items
|
||||
----------
|
||||
|
||||
* Introduce ``ipmitool.IPMIVNCConsole(BaseInterface)``
|
||||
|
||||
* Add ``console_type`` support to the console REST API.
|
||||
|
||||
* Add ``console_type`` support to the RPC methods.
|
||||
|
||||
* Add ``console_type`` support to the OSC plugin.
|
||||
|
||||
* Add graphical console support to VirtualBMC
|
||||
|
||||
* Implement basic enable-disable + connect testing within devstack
|
||||
|
||||
* Update documents to explain how graphical console can be used
|
||||
|
||||
|
||||
Dependencies
|
||||
============
|
||||
|
||||
None.
|
||||
|
||||
|
||||
Testing
|
||||
=======
|
||||
|
||||
* Unit tests
|
||||
|
||||
* CI testing of ``ipmitool.IPMIVNCConsole`` with a basic enable-disable
|
||||
connect test.
|
||||
|
||||
* Add support for graphical console support in virtual BMC for gate test.
|
||||
|
||||
|
||||
Upgrades and Backwards Compatibility
|
||||
====================================
|
||||
|
||||
Proper compatibility with Nova will be ensured. A newer Nova will continue to
|
||||
behave as it currently does when running with an older ironic. A newer ironic
|
||||
will expose features that Nova will simply not use.
|
||||
|
||||
Backwards compatibility within ironic is assured through RPC versions.
|
||||
Additional care is taken to ensure out-of-tree drivers are still compatible
|
||||
because the code will specifically handle drivers not switched to the new
|
||||
hardware types. Specific tests covering this part will be added. Finally,
|
||||
compatibility with older API clients is assured through REST API microversions.
|
||||
|
||||
|
||||
Documentation Impact
|
||||
====================
|
||||
|
||||
* Documentation will be updated.
|
||||
|
||||
|
||||
References
|
||||
==========
|
||||
|
||||
.. [#] https://blueprints.launchpad.net/nova/+spec/ironic-vnc-console
|
|
@ -0,0 +1 @@
|
|||
../approved/vnc-graphical-console.rst
|
Loading…
Reference in New Issue