From 2b5525715b69be5339956a6082ec19c2fa40bbdf Mon Sep 17 00:00:00 2001 From: Jawon Choo Date: Tue, 16 Jan 2018 20:57:03 +0900 Subject: [PATCH] Nova: add spice console This PS adds spice remote console. User can choose a console by changing console_kind in values file. Best practice is to select one or the other to run, so choosing something other than vnc disables the vnc console. Change-Id: Ic5d361d5f344b7a078e0c3aeb5f921810101552d --- nova/templates/bin/_nova-compute.sh.tpl | 4 + ....tpl => _nova-console-compute-init.sh.tpl} | 23 +++- ...=> _nova-console-proxy-init-assets.sh.tpl} | 7 +- ...sh.tpl => _nova-console-proxy-init.sh.tpl} | 23 +++- ...roxy.sh.tpl => _nova-console-proxy.sh.tpl} | 14 +- nova/templates/configmap-bin.yaml | 16 +-- nova/templates/configmap-etc.yaml | 15 ++- nova/templates/daemonset-compute.yaml | 25 +++- nova/templates/deployment-novncproxy.yaml | 18 +-- nova/templates/deployment-spiceproxy.yaml | 121 ++++++++++++++++++ nova/templates/service-spiceproxy.yaml | 40 ++++++ nova/values.yaml | 51 +++++++- 12 files changed, 324 insertions(+), 33 deletions(-) rename nova/templates/bin/{_nova-vnc-compute-init.sh.tpl => _nova-console-compute-init.sh.tpl} (61%) rename nova/templates/bin/{_nova-vnc-proxy-init-assets.sh.tpl => _nova-console-proxy-init-assets.sh.tpl} (69%) rename nova/templates/bin/{_nova-vnc-proxy-init.sh.tpl => _nova-console-proxy-init.sh.tpl} (63%) rename nova/templates/bin/{_nova-novncproxy.sh.tpl => _nova-console-proxy.sh.tpl} (60%) create mode 100644 nova/templates/deployment-spiceproxy.yaml create mode 100644 nova/templates/service-spiceproxy.yaml diff --git a/nova/templates/bin/_nova-compute.sh.tpl b/nova/templates/bin/_nova-compute.sh.tpl index 15f977bfd0..4824cb7631 100644 --- a/nova/templates/bin/_nova-compute.sh.tpl +++ b/nova/templates/bin/_nova-compute.sh.tpl @@ -23,6 +23,10 @@ if [ "${console_kind}" == "novnc" ] ; then exec nova-compute \ --config-file /etc/nova/nova.conf \ --config-file /tmp/pod-shared/nova-vnc.ini +elif [ "${console_kind}" == "spice" ] ; then +exec nova-compute \ + --config-file /etc/nova/nova.conf \ + --config-file /tmp/pod-shared/nova-spice.ini else exec nova-compute \ --config-file /etc/nova/nova.conf diff --git a/nova/templates/bin/_nova-vnc-compute-init.sh.tpl b/nova/templates/bin/_nova-console-compute-init.sh.tpl similarity index 61% rename from nova/templates/bin/_nova-vnc-compute-init.sh.tpl rename to nova/templates/bin/_nova-console-compute-init.sh.tpl index d1a8166daa..5c6b26416d 100644 --- a/nova/templates/bin/_nova-vnc-compute-init.sh.tpl +++ b/nova/templates/bin/_nova-console-compute-init.sh.tpl @@ -18,9 +18,19 @@ limitations under the License. set -ex -client_address="{{- .Values.conf.nova.vnc.vncserver_proxyclient_address -}}" +console_kind="{{- .Values.console.console_kind -}}" + +if [ "${console_kind}" == "novnc" ] ; then + client_address="{{- .Values.conf.nova.vnc.server_proxyclient_address -}}" + client_interface="{{- .Values.console.novnc.compute.server_proxyclient_interface -}}" + listen_ip="{{- .Values.conf.nova.vnc.server_listen -}}" +elif [ "${console_kind}" == "spice" ] ; then + client_address="{{- .Values.conf.nova.spice.server_proxyclient_address -}}" + client_interface="{{- .Values.console.spice.compute.server_proxyclient_interface -}}" + listen_ip="{{- .Values.conf.nova.spice.server_listen -}}" +fi + if [ -z "${client_address}" ] ; then - client_interface="{{- .Values.console.novnc.compute.vncserver_proxyclient_interface -}}" if [ -z "${client_interface}" ] ; then # search for interface with default routing client_interface=$(ip r | grep default | awk '{print $5}') @@ -30,15 +40,22 @@ if [ -z "${client_address}" ] ; then client_address=$(ip a s $client_interface | grep 'inet ' | awk '{print $2}' | awk -F "/" '{print $1}') fi -listen_ip="{{- .Values.conf.nova.vnc.vncserver_listen -}}" if [ -z "${listen_ip}" ] ; then # The server component listens on all IP addresses and the proxy component # only listens on the management interface IP address of the compute node. listen_ip=0.0.0.0 fi +if [ "${console_kind}" == "novnc" ] ; then cat </tmp/pod-shared/nova-vnc.ini [vnc] vncserver_proxyclient_address = $client_address vncserver_listen = $listen_ip EOF +elif [ "${console_kind}" == "spice" ] ; then +cat </tmp/pod-shared/nova-spice.ini +[spice] +server_proxyclient_address = $client_address +server_listen = $listen_ip +EOF +fi \ No newline at end of file diff --git a/nova/templates/bin/_nova-vnc-proxy-init-assets.sh.tpl b/nova/templates/bin/_nova-console-proxy-init-assets.sh.tpl similarity index 69% rename from nova/templates/bin/_nova-vnc-proxy-init-assets.sh.tpl rename to nova/templates/bin/_nova-console-proxy-init-assets.sh.tpl index 5633c9360e..396d7970d5 100644 --- a/nova/templates/bin/_nova-vnc-proxy-init-assets.sh.tpl +++ b/nova/templates/bin/_nova-console-proxy-init-assets.sh.tpl @@ -18,4 +18,9 @@ limitations under the License. set -ex -cp -vaR /usr/share/novnc/* /tmp/usr/share/novnc/ +console_kind="{{- .Values.console.console_kind -}}" +if [ "${console_kind}" == "novnc" ] ; then + cp -vaR /usr/share/novnc/* /tmp/usr/share/novnc/ +elif [ "${console_kind}" == "spice" ] ; then + cp -vaR /usr/share/spice-html5/* /tmp/usr/share/spice-html5/ +fi \ No newline at end of file diff --git a/nova/templates/bin/_nova-vnc-proxy-init.sh.tpl b/nova/templates/bin/_nova-console-proxy-init.sh.tpl similarity index 63% rename from nova/templates/bin/_nova-vnc-proxy-init.sh.tpl rename to nova/templates/bin/_nova-console-proxy-init.sh.tpl index 44d7ba6057..37000e651c 100644 --- a/nova/templates/bin/_nova-vnc-proxy-init.sh.tpl +++ b/nova/templates/bin/_nova-console-proxy-init.sh.tpl @@ -18,9 +18,19 @@ limitations under the License. set -ex -client_address="{{- .Values.conf.nova.vnc.vncserver_proxyclient_address -}}" -if [ -z "${client_address}" ] ; then +console_kind="{{- .Values.console.console_kind -}}" + +if [ "${console_kind}" == "novnc" ] ; then + client_address="{{- .Values.conf.nova.vnc.vncserver_proxyclient_address -}}" client_interface="{{- .Values.console.novnc.vncproxy.vncserver_proxyclient_interface -}}" + listen_ip="{{- .Values.conf.nova.vnc.vncserver_listen -}}" +elif [ "${console_kind}" == "spice" ] ; then + client_address="{{- .Values.conf.nova.spice.server_proxyclient_address -}}" + client_interface="{{- .Values.console.spice.proxy.server_proxyclient_interface -}}" + listen_ip="{{- .Values.conf.nova.spice.server_listen -}}" +fi + +if [ -z "${client_address}" ] ; then if [ -z "${client_interface}" ] ; then # search for interface with default routing client_interface=$(ip r | grep default | awk '{print $5}') @@ -30,13 +40,20 @@ if [ -z "${client_address}" ] ; then client_address=$(ip a s $client_interface | grep 'inet ' | awk '{print $2}' | awk -F "/" '{print $1}') fi -listen_ip="{{- .Values.conf.nova.vnc.vncserver_listen -}}" if [ -z "${listen_ip}" ] ; then listen_ip=$client_address fi +if [ "${console_kind}" == "novnc" ] ; then cat </tmp/pod-shared/nova-vnc.ini [vnc] vncserver_proxyclient_address = $client_address vncserver_listen = $listen_ip EOF +elif [ "${console_kind}" == "spice" ] ; then +cat </tmp/pod-shared/nova-spice.ini +[spice] +server_proxyclient_address = $client_address +server_listen = $listen_ip +EOF +fi \ No newline at end of file diff --git a/nova/templates/bin/_nova-novncproxy.sh.tpl b/nova/templates/bin/_nova-console-proxy.sh.tpl similarity index 60% rename from nova/templates/bin/_nova-novncproxy.sh.tpl rename to nova/templates/bin/_nova-console-proxy.sh.tpl index c38018ba2a..2ecf5e1762 100644 --- a/nova/templates/bin/_nova-novncproxy.sh.tpl +++ b/nova/templates/bin/_nova-console-proxy.sh.tpl @@ -17,6 +17,14 @@ limitations under the License. */}} set -x -exec nova-novncproxy \ - --config-file /etc/nova/nova.conf \ - --config-file /tmp/pod-shared/nova-vnc.ini \ No newline at end of file + +console_kind="{{- .Values.console.console_kind -}}" +if [ "${console_kind}" == "novnc" ] ; then + exec nova-novncproxy \ + --config-file /etc/nova/nova.conf \ + --config-file /tmp/pod-shared/nova-vnc.ini +elif [ "${console_kind}" == "spice" ] ; then + exec nova-spicehtml5proxy\ + --config-file /etc/nova/nova.conf \ + --config-file /tmp/pod-shared/nova-spice.ini +fi \ No newline at end of file diff --git a/nova/templates/configmap-bin.yaml b/nova/templates/configmap-bin.yaml index dd94801005..cad5437bc9 100644 --- a/nova/templates/configmap-bin.yaml +++ b/nova/templates/configmap-bin.yaml @@ -63,14 +63,14 @@ data: {{ tuple "bin/_nova-scheduler.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} fake-iptables.sh: | {{ tuple "bin/_fake-iptables.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} - nova-novncproxy.sh: | -{{ tuple "bin/_nova-novncproxy.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} - nova-vnc-compute-init.sh: | -{{ tuple "bin/_nova-vnc-compute-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} - nova-vnc-proxy-init-assets.sh: | -{{ tuple "bin/_nova-vnc-proxy-init-assets.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} - nova-vnc-proxy-init.sh: | -{{ tuple "bin/_nova-vnc-proxy-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + nova-console-compute-init.sh: | +{{ tuple "bin/_nova-console-compute-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + nova-console-proxy.sh: | +{{ tuple "bin/_nova-console-proxy.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + nova-console-proxy-init.sh: | +{{ tuple "bin/_nova-console-proxy-init.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} + nova-console-proxy-init-assets.sh: | +{{ tuple "bin/_nova-console-proxy-init-assets.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} ssh-start.sh: | {{ tuple "bin/_ssh-start.sh.tpl" . | include "helm-toolkit.utils.template" | indent 4 }} cell-setup.sh: | diff --git a/nova/templates/configmap-etc.yaml b/nova/templates/configmap-etc.yaml index 301cbd108d..5301187920 100644 --- a/nova/templates/configmap-etc.yaml +++ b/nova/templates/configmap-etc.yaml @@ -138,13 +138,26 @@ limitations under the License. {{- set .Values.conf.nova.placement "password" .Values.endpoints.identity.auth.placement.password | quote | trunc 0 -}} {{- end -}} +{{- if eq .Values.console.console_kind "novnc"}} +{{- "true" | set .Values.conf.nova.vnc "enabled" | quote | trunc 0 -}} {{- if empty .Values.conf.nova.vnc.novncproxy_base_url -}} {{- tuple "compute_novnc_proxy" "public" "novnc_proxy" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.nova.vnc "novncproxy_base_url" | quote | trunc 0 -}} {{- end -}} - {{- if empty .Values.conf.nova.vnc.novncproxy_port -}} {{- tuple "compute_novnc_proxy" "internal" "novnc_proxy" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | set .Values.conf.nova.vnc "novncproxy_port" | quote | trunc 0 -}} {{- end -}} +{{- end -}} + +{{- if eq .Values.console.console_kind "spice"}} +{{- "false" | set .Values.conf.nova.vnc "enabled" | quote | trunc 0 -}} +{{- "true" | set .Values.conf.nova.spice "enabled" | quote | trunc 0 -}} +{{- if empty .Values.conf.nova.spice.html5proxy_base_url -}} +{{- tuple "compute_spice_proxy" "public" "spice_proxy" . | include "helm-toolkit.endpoints.keystone_endpoint_uri_lookup" | set .Values.conf.nova.spice "html5proxy_base_url" | quote | trunc 0 -}} +{{- end -}} +{{- if empty .Values.conf.nova.spice.html5proxy_port -}} +{{- tuple "compute_spice_proxy" "internal" "spice_proxy" . | include "helm-toolkit.endpoints.endpoint_port_lookup" | set .Values.conf.nova.spice "html5proxy_port" | quote | trunc 0 -}} +{{- end -}} +{{- end -}} --- apiVersion: v1 diff --git a/nova/templates/daemonset-compute.yaml b/nova/templates/daemonset-compute.yaml index cd991b7c68..3db2fbe5b8 100644 --- a/nova/templates/daemonset-compute.yaml +++ b/nova/templates/daemonset-compute.yaml @@ -92,6 +92,7 @@ spec: subPath: key readOnly: true {{ end }} + {{- if eq .Values.console.console_kind "novnc"}} - name: nova-compute-vnc-init image: {{ .Values.images.tags.compute }} imagePullPolicy: {{ .Values.images.pull_policy }} @@ -99,14 +100,32 @@ spec: securityContext: runAsUser: {{ .Values.pod.user.nova.uid }} command: - - /tmp/nova-vnc-compute-init.sh + - /tmp/nova-console-compute-init.sh volumeMounts: - name: nova-bin - mountPath: /tmp/nova-vnc-compute-init.sh - subPath: nova-vnc-compute-init.sh + mountPath: /tmp/nova-console-compute-init.sh + subPath: nova-console-compute-init.sh readOnly: true - name: pod-shared mountPath: /tmp/pod-shared + {{ end }} + {{- if eq .Values.console.console_kind "spice"}} + - name: nova-compute-spice-init + image: {{ .Values.images.tags.compute }} + imagePullPolicy: {{ .Values.images.pull_policy }} +{{ tuple $envAll $envAll.Values.pod.resources.compute | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + securityContext: + runAsUser: {{ .Values.pod.user.nova.uid }} + command: + - /tmp/nova-console-compute-init.sh + volumeMounts: + - name: nova-bin + mountPath: /tmp/nova-console-compute-init.sh + subPath: nova-console-compute-init.sh + readOnly: true + - name: pod-shared + mountPath: /tmp/pod-shared + {{ end }} containers: - name: nova-compute image: {{ .Values.images.tags.compute }} diff --git a/nova/templates/deployment-novncproxy.yaml b/nova/templates/deployment-novncproxy.yaml index c50f1aadac..1f7c9d5486 100644 --- a/nova/templates/deployment-novncproxy.yaml +++ b/nova/templates/deployment-novncproxy.yaml @@ -56,11 +56,11 @@ spec: securityContext: runAsUser: {{ .Values.pod.user.nova.uid }} command: - - /tmp/nova-vnc-proxy-init.sh + - /tmp/nova-console-proxy-init.sh volumeMounts: - name: nova-bin - mountPath: /tmp/nova-vnc-proxy-init.sh - subPath: nova-vnc-proxy-init.sh + mountPath: /tmp/nova-console-proxy-init.sh + subPath: nova-console-proxy-init.sh readOnly: true - name: nova-etc mountPath: /etc/nova/nova.conf @@ -73,11 +73,11 @@ spec: imagePullPolicy: {{ .Values.images.pull_policy }} {{ tuple $envAll $envAll.Values.pod.resources.novncproxy | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} command: - - /tmp/nova-vnc-proxy-init-assets.sh + - /tmp/nova-console-proxy-init-assets.sh volumeMounts: - name: nova-bin - mountPath: /tmp/nova-vnc-proxy-init-assets.sh - subPath: nova-vnc-proxy-init-assets.sh + mountPath: /tmp/nova-console-proxy-init-assets.sh + subPath: nova-console-proxy-init-assets.sh readOnly: true - name: pod-usr-share-novnc mountPath: /tmp/usr/share/novnc @@ -87,11 +87,11 @@ spec: imagePullPolicy: {{ .Values.images.pull_policy }} {{ tuple $envAll $envAll.Values.pod.resources.novncproxy | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} command: - - /tmp/nova-novncproxy.sh + - /tmp/nova-console-proxy.sh volumeMounts: - name: nova-bin - mountPath: /tmp/nova-novncproxy.sh - subPath: nova-novncproxy.sh + mountPath: /tmp/nova-console-proxy.sh + subPath: nova-console-proxy.sh readOnly: true - name: nova-etc mountPath: /etc/nova/nova.conf diff --git a/nova/templates/deployment-spiceproxy.yaml b/nova/templates/deployment-spiceproxy.yaml new file mode 100644 index 0000000000..17c8bc32e3 --- /dev/null +++ b/nova/templates/deployment-spiceproxy.yaml @@ -0,0 +1,121 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.deployment_spiceproxy }} +{{- $envAll := . }} +{{ if eq .Values.console.console_kind "spice" }} +{{- $dependencies := .Values.dependencies.spiceproxy }} + +{{- $mounts_nova_spiceproxy := .Values.pod.mounts.nova_spiceproxy.nova_spiceproxy }} +{{- $mounts_nova_spiceproxy_init := .Values.pod.mounts.nova_spiceproxy.init_spiceproxy }} + +{{- $serviceAccountName := "nova-spiceproxy" }} +{{ tuple $envAll $dependencies $serviceAccountName | include "helm-toolkit.snippets.kubernetes_pod_rbac_serviceaccount" }} +--- +apiVersion: apps/v1beta1 +kind: Deployment +metadata: + name: nova-spiceproxy +spec: + replicas: {{ .Values.pod.replicas.spiceproxy }} +{{ tuple $envAll | include "helm-toolkit.snippets.kubernetes_upgrades_deployment" | indent 2 }} + template: + metadata: + labels: +{{ tuple $envAll "nova" "spice-proxy" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 8 }} + annotations: + configmap-bin-hash: {{ tuple "configmap-bin.yaml" . | include "helm-toolkit.utils.hash" }} + configmap-etc-hash: {{ tuple "configmap-etc.yaml" . | include "helm-toolkit.utils.hash" }} + spec: + serviceAccountName: {{ $serviceAccountName }} + affinity: +{{ tuple $envAll "nova" "spice-proxy" | include "helm-toolkit.snippets.kubernetes_pod_anti_affinity" | indent 8 }} + nodeSelector: + {{ .Values.labels.spiceproxy.node_selector_key }}: {{ .Values.labels.spiceproxy.node_selector_value }} + hostNetwork: true + dnsPolicy: ClusterFirstWithHostNet + initContainers: +{{ tuple $envAll $dependencies $mounts_nova_spiceproxy_init | include "helm-toolkit.snippets.kubernetes_entrypoint_init_container" | indent 8 }} + - name: nova-spiceproxy-init + image: {{ .Values.images.tags.spiceproxy }} + imagePullPolicy: {{ .Values.images.pull_policy }} +{{ tuple $envAll $envAll.Values.pod.resources.spiceproxy | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + securityContext: + runAsUser: {{ .Values.pod.user.nova.uid }} + command: + - /tmp/nova-console-proxy-init.sh + volumeMounts: + - name: nova-bin + mountPath: /tmp/nova-console-proxy-init.sh + subPath: nova-console-proxy-init.sh + readOnly: true + - name: nova-etc + mountPath: /etc/nova/nova.conf + subPath: nova.conf + readOnly: true + - name: pod-shared + mountPath: /tmp/pod-shared + - name: nova-spiceproxy-init-assets + image: {{ .Values.images.tags.spiceproxy_assets }} + imagePullPolicy: {{ .Values.images.pull_policy }} +{{ tuple $envAll $envAll.Values.pod.resources.spiceproxy | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + command: + - /tmp/nova-console-proxy-init-assets.sh + volumeMounts: + - name: nova-bin + mountPath: /tmp/nova-console-proxy-init-assets.sh + subPath: nova-console-proxy-init-assets.sh + readOnly: true + - name: pod-usr-share-spice-html5 + mountPath: /tmp/usr/share/spice-html5 + containers: + - name: nova-spiceproxy + image: {{ .Values.images.tags.spiceproxy }} + imagePullPolicy: {{ .Values.images.pull_policy }} +{{ tuple $envAll $envAll.Values.pod.resources.spiceproxy | include "helm-toolkit.snippets.kubernetes_resources" | indent 10 }} + command: + - /tmp/nova-console-proxy.sh + volumeMounts: + - name: nova-bin + mountPath: /tmp/nova-console-proxy.sh + subPath: nova-console-proxy.sh + readOnly: true + - name: nova-etc + mountPath: /etc/nova/nova.conf + subPath: nova.conf + readOnly: true + - name: pod-usr-share-spice-html5 + mountPath: /usr/share/spice-html5 + readOnly: true + - name: pod-shared + mountPath: /tmp/pod-shared +{{ if $mounts_nova_spiceproxy.volumeMounts }}{{ toYaml $mounts_nova_spiceproxy.volumeMounts | indent 12 }}{{ end }} + volumes: + - name: nova-bin + configMap: + name: nova-bin + defaultMode: 0555 + - name: nova-etc + configMap: + name: nova-etc + defaultMode: 0444 + - name: pod-usr-share-spice-html5 + emptyDir: {} + - name: pod-shared + emptyDir: {} +{{ if $mounts_nova_spiceproxy.volumes }}{{ toYaml $mounts_nova_spiceproxy.volumes | indent 8 }}{{ end }} +{{- end }} +{{- end }} diff --git a/nova/templates/service-spiceproxy.yaml b/nova/templates/service-spiceproxy.yaml new file mode 100644 index 0000000000..11a30413fc --- /dev/null +++ b/nova/templates/service-spiceproxy.yaml @@ -0,0 +1,40 @@ +{{/* +Copyright 2017 The Openstack-Helm Authors. + +Licensed under the Apache License, Version 2.0 (the "License"); +you may not use this file except in compliance with the License. +You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + +Unless required by applicable law or agreed to in writing, software +distributed under the License is distributed on an "AS IS" BASIS, +WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +See the License for the specific language governing permissions and +limitations under the License. +*/}} + +{{- if .Values.manifests.service_spiceproxy }} +{{- $envAll := . }} +{{ if eq .Values.console.console_kind "spice" }} +--- +apiVersion: v1 +kind: Service +metadata: + name: {{ tuple "compute_spice_proxy" "internal" . | include "helm-toolkit.endpoints.hostname_short_endpoint_lookup" }} +spec: + ports: + - name: nova-spiceproxy + protocol: TCP + port: {{ .Values.network.spiceproxy.port }} + targetPort: {{ .Values.network.spiceproxy.targetPort }} + {{ if .Values.network.spiceproxy.node_port.enabled }} + nodePort: {{ .Values.network.spiceproxy.node_port.port }} + {{ end }} + selector: +{{ tuple $envAll "nova" "spice-proxy" | include "helm-toolkit.snippets.kubernetes_metadata_labels" | indent 4 }} + {{ if .Values.network.spiceproxy.node_port.enabled }} + type: NodePort + {{ end }} +{{- end }} +{{- end }} diff --git a/nova/values.yaml b/nova/values.yaml index 4202f049ca..648840d88a 100644 --- a/nova/values.yaml +++ b/nova/values.yaml @@ -48,6 +48,9 @@ labels: novncproxy: node_selector_key: openstack-control-plane node_selector_value: enabled + spiceproxy: + node_selector_key: openstack-control-plane + node_selector_value: enabled images: tags: @@ -63,6 +66,8 @@ images: scheduler: docker.io/kolla/ubuntu-source-nova-scheduler:3.0.3 novncproxy: docker.io/kolla/ubuntu-source-nova-novncproxy:3.0.3 novncproxy_assets: docker.io/kolla/ubuntu-source-nova-novncproxy:3.0.3 + spiceproxy: docker.io/kolla/ubuntu-source-nova-spicehtml5proxy:3.0.3 + spiceproxy_assets: docker.io/kolla/ubuntu-source-nova-spicehtml5proxy:3.0.3 consoleauth: docker.io/kolla/ubuntu-source-nova-consoleauth:3.0.3 compute: docker.io/kolla/ubuntu-source-nova-compute:3.0.3 compute_ssh: docker.io/kolla/ubuntu-source-nova-ssh:3.0.3 @@ -147,9 +152,15 @@ network: novncproxy: node_port: enabled: false - port: 36080 + port: 30680 port: 6080 targetPort: 6080 + spiceproxy: + node_port: + enabled: false + port: 30682 + port: 6082 + targetPort: 6082 ssh: name: "nova-ssh" port: 8022 @@ -294,6 +305,12 @@ console: console_kind: novnc serial: spice: + compute: + # IF blank, search default routing interface + server_proxyclient_interface: + proxy: + # IF blank, search default routing interface + server_proxyclient_interface: novnc: compute: # IF blank, search default routing interface @@ -990,6 +1007,11 @@ conf: vncserver_listen: 0.0.0.0 # leave blank, this should be set by each compute nodes's ip vncserver_proxyclient_address: null + spice: + html5proxy_host: 0.0.0.0 + server_listen: 0.0.0.0 + # leave blank, this should be set by each compute nodes's ip + server_proxyclient_address: null conductor: workers: 1 oslo_policy: @@ -1242,6 +1264,19 @@ endpoints: port: novnc_proxy: default: 6080 + compute_spice_proxy: + name: nova + hosts: + default: nova-spiceproxy + host_fqdn_override: + default: null + path: + default: /spice_auto.html + scheme: + default: 'http' + port: + spice_proxy: + default: 6082 placement: name: placement hosts: @@ -1314,6 +1349,9 @@ pod: nova_novncproxy: init_novncproxy: null nova_novncproxy: + nova_spiceproxy: + init_spiceproxy: null + nova_spiceproxy: replicas: api_metadata: 1 placement: 1 @@ -1322,6 +1360,7 @@ pod: consoleauth: 1 scheduler: 1 novncproxy: 1 + spiceproxy: 1 lifecycle: upgrades: deployments: @@ -1415,6 +1454,13 @@ pod: limits: memory: "1024Mi" cpu: "2000m" + spiceproxy: + requests: + memory: "128Mi" + cpu: "100m" + limits: + memory: "1024Mi" + cpu: "2000m" jobs: bootstrap: requests: @@ -1480,7 +1526,6 @@ pod: memory: "1024Mi" cpu: "2000m" - manifests: configmap_bin: true configmap_etc: true @@ -1491,6 +1536,7 @@ manifests: deployment_conductor: true deployment_consoleauth: true deployment_novncproxy: true + deployment_spiceproxy: true deployment_scheduler: true ingress_metadata: true ingress_placement: true @@ -1521,4 +1567,5 @@ manifests: service_metadata: true service_placement: true service_novncproxy: true + service_spiceproxy: true service_osapi: true