Update patch set 2

Patch Set 2:

(3 comments)

Patch-set: 2
Attention: {"person_ident":"Gerrit User 2271 \u003c2271@4a232e18-c5a9-48ee-94c0-e04e7cca6543\u003e","operation":"REMOVE","reason":"\u003cGERRIT_ACCOUNT_2271\u003e replied on the change"}
Attention: {"person_ident":"Gerrit User 11604 \u003c11604@4a232e18-c5a9-48ee-94c0-e04e7cca6543\u003e","operation":"ADD","reason":"\u003cGERRIT_ACCOUNT_2271\u003e replied on the change"}

46e3a675903174c7daebc430039214311910d318

@@ -17,6 +17,24 @@
       "revId": "46e3a675903174c7daebc430039214311910d318",
       "serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
     },
+    {
+      "unresolved": true,
+      "key": {
+        "uuid": "251c5593_601a40e8",
+        "filename": "specs/2024.2/approved/libvirt-spice-direct-consoles.rst",
+        "patchSetId": 2
+      },
+      "lineNbr": 95,
+      "author": {
+        "id": 2271
+      },
+      "writtenOn": "2024-04-08T04:27:49Z",
+      "side": 1,
+      "message": "So the reason that spice-direct makes sense when the other native protocols don\u0027t is exactly because I am providing a SPICE native proxy to deploy in front. If there was a similar functionality for VNC etc, I\u0027d have no problem with that being supported too, but I don\u0027t think it exists right now.\n\nThere is no more direct connection to the hypervisor in this proposal than there is if you\u0027re using the HTML5 transcoding proxy. That too depends on a proxy being deployed in front.",
+      "parentUuid": "70edb44a_c2403d3b",
+      "revId": "46e3a675903174c7daebc430039214311910d318",
+      "serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
+    },
     {
       "unresolved": true,
       "key": {
@@ -33,6 +51,24 @@
       "message": "this is a fairly major security change.\n\nfirst of all the end user today is not intended to be able to discover the hypervior hostname or its ip via any nova restapi.\n\nwe consdier any leakage fo that form nova to be a security bug and you are proposing adding a api that would enable this that anyoen could use.\n\nto me that a pretty big security hole and its not at all comparableto how this works with the console proxy service today.\n\n\ntoday the end user never get the ip or port of the hyperiovr or the vm console port.",
       "revId": "46e3a675903174c7daebc430039214311910d318",
       "serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
+    },
+    {
+      "unresolved": true,
+      "key": {
+        "uuid": "f056613b_e71fabf2",
+        "filename": "specs/2024.2/approved/libvirt-spice-direct-consoles.rst",
+        "patchSetId": 2
+      },
+      "lineNbr": 221,
+      "author": {
+        "id": 2271
+      },
+      "writtenOn": "2024-04-08T04:27:49Z",
+      "side": 1,
+      "message": "This is true, I had missed that the HTML5 proxy has the following flow:\n\n* It creates an access token. That token maps to a hypervisor and TCP port.\n* The access token is then handed out via the Nova APIs.\n* nova.console.websocketproxy.NovaProxyRequestHandler._get_connect_info knows how to map that access token back to the hypervisor and port.\n\nThat\u0027s not a great fit for my use case because the SPICE native protocol isn\u0027t a websocket, which this code assumes.\n\nI need to think through an alternate mechanism more, but given my general read of your comments is your entirely opposed to SPICE native console functionality, I\u0027d like some clarity on if this idea is entirely dead before I spend that time.",
+      "parentUuid": "577b7090_966607bf",
+      "revId": "46e3a675903174c7daebc430039214311910d318",
+      "serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
     }
   ]
 }

787ff3a7c19a47db6e1fcedbd7630772ceb0767c

@@ -0,0 +1,21 @@
+{
+  "comments": [
+    {
+      "unresolved": false,
+      "key": {
+        "uuid": "17378781_e6c1145a",
+        "filename": "/PATCHSET_LEVEL",
+        "patchSetId": 1
+      },
+      "lineNbr": 0,
+      "author": {
+        "id": 2271
+      },
+      "writtenOn": "2024-04-08T04:27:49Z",
+      "side": 1,
+      "message": "I am unclear on what is causing this error:\n\nWarning, treated as error:\n/Users/mikal/src/openstack/nova-specs/doc/source/specs/2024.2/approved/libvirt-spice-direct-consoles.rst:125:Unexpected indentation.\ndocs: exit 2 (8.69 seconds) /Users/mikal/src/openstack/nova-specs\u003e sphinx-build -W -b html doc/source doc/build/html pid\u003d66987\n\nI have tried indenting that block and it didn\u0027t help.",
+      "revId": "787ff3a7c19a47db6e1fcedbd7630772ceb0767c",
+      "serverId": "4a232e18-c5a9-48ee-94c0-e04e7cca6543"
+    }
+  ]
+}