Fix novnc proxy configuration
The guest consoles are not visible through the horizon UI because novnc proxy is set to compute node by default thus a port forwarding to dom0 is required. Besides, Mirantis uses an internal host name - "public.fuel.local" - as the novnc's base url which cannot be resolved by users therefore need to be replaced with the real public IP address. Change-Id: I819d13dca1a8263247fe443606095ba33b142756 Closes-Bug: #1513551
This commit is contained in:
parent
c44842113e
commit
7b01f345c6
|
@ -16,6 +16,7 @@ ASTUTE_PATH = '/etc/astute.yaml'
|
|||
ASTUTE_SECTION = 'fuel-plugin-xenserver'
|
||||
LOG_ROOT = '/var/log/fuel-plugin-xenserver'
|
||||
LOG_FILE = 'compute_post_deployment.log'
|
||||
HIMN_IP = '169.254.0.1'
|
||||
|
||||
if not os.path.exists(LOG_ROOT):
|
||||
os.mkdir(LOG_ROOT)
|
||||
|
@ -76,6 +77,18 @@ def get_astute(astute_path):
|
|||
return astute
|
||||
|
||||
|
||||
def astute_get(dct, keys, default=None, fail_if_missing=True):
|
||||
"""A safe dictionary getter"""
|
||||
for key in keys:
|
||||
if key in dct:
|
||||
dct = dct[key]
|
||||
else:
|
||||
if fail_if_missing:
|
||||
reportError('Value of "%s" is missing' % key)
|
||||
return default
|
||||
return dct
|
||||
|
||||
|
||||
def get_options(astute, astute_section):
|
||||
"""Return username and password filled in plugin."""
|
||||
if not astute_section in astute:
|
||||
|
@ -144,15 +157,15 @@ def init_eth():
|
|||
if ip:
|
||||
himn_local = ip[0]['addr']
|
||||
himn_xs = '.'.join(himn_local.split('.')[:-1] + ['1'])
|
||||
if '169.254.0.1' == himn_xs:
|
||||
info('himn_ip: %s' % himn_local)
|
||||
return eth, himn_local, himn_xs
|
||||
if HIMN_IP == himn_xs:
|
||||
info('himn_local: %s' % himn_local)
|
||||
return eth, himn_local
|
||||
|
||||
reportError('HIMN failed to get IP address from XenServer')
|
||||
|
||||
|
||||
def check_hotfix_exists(himn, username, password, hotfix):
|
||||
out = ssh(himn_xs, username, password,
|
||||
out = ssh(HIMN_IP, username, password,
|
||||
'xe patch-list name-label=%s' % hotfix)
|
||||
if not out:
|
||||
reportError('Hotfix %s has not been installed' % hotfix)
|
||||
|
@ -163,19 +176,28 @@ def install_xenapi_sdk():
|
|||
execute('cp', 'XenAPI.py', '/usr/lib/python2.7/dist-packages/')
|
||||
|
||||
|
||||
def create_novacompute_conf(himn, username, password):
|
||||
def create_novacompute_conf(himn, username, password, public_ip):
|
||||
"""Fill nova-compute.conf with HIMN IP and root password. """
|
||||
template = '\n'.join([
|
||||
'[DEFAULT]',
|
||||
'compute_driver=xenapi.XenAPIDriver',
|
||||
'force_config_drive=always',
|
||||
'novncproxy_base_url=https://%s:6080/vnc_auto.html',
|
||||
'vncserver_proxyclient_address=%s',
|
||||
'[xenserver]',
|
||||
'connection_url=http://%s',
|
||||
'connection_username="%s"',
|
||||
'connection_password="%s"'
|
||||
])
|
||||
|
||||
s = template % (himn, username, password)
|
||||
mgmt_if = netifaces.ifaddresses('br-mgmt')
|
||||
if mgmt_if and mgmt_if.get(netifaces.AF_INET) \
|
||||
and mgmt_if.get(netifaces.AF_INET)[0]['addr']:
|
||||
mgmt_ip = mgmt_if.get(netifaces.AF_INET)[0]['addr']
|
||||
else:
|
||||
reportError('Cannot get IP Address on Management Network')
|
||||
|
||||
s = template % (public_ip, mgmt_ip, himn, username, password)
|
||||
fname = '/etc/nova/nova-compute.conf'
|
||||
with open(fname, 'w') as f:
|
||||
f.write(s)
|
||||
|
@ -252,19 +274,45 @@ def forward_from_himn(eth):
|
|||
execute('service', 'iptables-persistent', 'save')
|
||||
|
||||
|
||||
def forward_port(eth_in, eth_out, target_host, target_port):
|
||||
"""Forward packets from eth_in to eth_out on target_host:target_port. """
|
||||
execute('iptables', '-t', 'nat', '-A', 'PREROUTING',
|
||||
'-i', eth_in, '-p', 'tcp', '--dport', target_port,
|
||||
'-j', 'DNAT', '--to', target_host)
|
||||
execute('iptables', '-A', 'FORWARD',
|
||||
'-i', eth_out, '-o', eth_in,
|
||||
'-m', 'state', '--state', 'RELATED,ESTABLISHED',
|
||||
'-j', 'ACCEPT')
|
||||
execute('iptables', '-A', 'FORWARD',
|
||||
'-i', eth_in, '-o', eth_out,
|
||||
'-j', 'ACCEPT')
|
||||
|
||||
execute('iptables', '-t', 'filter', '-S', 'FORWARD')
|
||||
execute('iptables', '-t', 'nat', '-S', 'POSTROUTING')
|
||||
execute('service', 'iptables-persistent', 'save')
|
||||
|
||||
|
||||
if __name__ == '__main__':
|
||||
install_xenapi_sdk()
|
||||
astute = get_astute(ASTUTE_PATH)
|
||||
if astute:
|
||||
username, password, install_xapi = get_options(astute, ASTUTE_SECTION)
|
||||
endpoints = get_endpoints(astute)
|
||||
eth, himn_local, himn_xs = init_eth()
|
||||
if username and password and endpoints and himn_local and himn_xs:
|
||||
check_hotfix_exists(himn_xs, username, password, 'XS65ESP1013')
|
||||
himn_eth, himn_local = init_eth()
|
||||
|
||||
public_ip = astute_get(
|
||||
astute, ('network_metadata', 'vips', 'public', 'ipaddr'))
|
||||
|
||||
if username and password and endpoints and himn_local:
|
||||
check_hotfix_exists(HIMN_IP, username, password, 'XS65ESP1013')
|
||||
route_to_compute(
|
||||
endpoints, himn_xs, himn_local, username, password)
|
||||
endpoints, HIMN_IP, himn_local, username, password)
|
||||
if install_xapi:
|
||||
install_suppack(himn_xs, username, password)
|
||||
forward_from_himn(eth)
|
||||
create_novacompute_conf(himn_xs, username, password)
|
||||
install_suppack(HIMN_IP, username, password)
|
||||
forward_from_himn(himn_eth)
|
||||
|
||||
# port forwarding for novnc
|
||||
forward_port('br-mgmt', himn_eth, HIMN_IP, '80')
|
||||
|
||||
create_novacompute_conf(HIMN_IP, username, password, public_ip)
|
||||
restart_nova_services()
|
||||
|
|
|
@ -39,9 +39,29 @@ function create_image {
|
|||
fi
|
||||
}
|
||||
|
||||
function mod_novnc {
|
||||
local public_ip
|
||||
public_ip=$(python - <<EOF
|
||||
import sys
|
||||
import yaml
|
||||
astute=yaml.load(open('/etc/astute.yaml'))
|
||||
print astute['network_metadata']['vips']['public']['ipaddr']
|
||||
EOF
|
||||
)
|
||||
cat > /etc/nova/nova-compute.conf <<EOF
|
||||
[DEFAULT]
|
||||
novncproxy_host=0.0.0.0
|
||||
novncproxy_base_url=http://$public_ip:6080/vnc_auto.html
|
||||
EOF
|
||||
service nova-novncproxy restart
|
||||
service nova-consoleauth restart
|
||||
}
|
||||
|
||||
source /root/openrc admin
|
||||
|
||||
clear_images
|
||||
create_image "TestVM" "xen" "http://ca.downloads.xensource.com/OpenStack/cirros-0.3.4-x86_64-disk.vhd.tgz"
|
||||
create_image "F17-x86_64-cfntools" "hvm" "http://ca.downloads.xensource.com/OpenStack/F21-x86_64-cfntools.tgz"
|
||||
glance image-list >> $LOG_FILE
|
||||
glance image-list >> $LOG_FILE
|
||||
|
||||
mod_novnc
|
Loading…
Reference in New Issue