Add novnc console support

This change adds in support for the novnc console type in Nova. * The change adds in a few new variables to the defaults which allow for the novnc console to be configued. * A port entry was added to haproxy to support the console type. * noVNC is being installed from source in the nova_console container. The git repo has been added to the openstack_other.yml repo-package file which allows for the repo to be cloned into the repo containers and then distributed out where needed from within the environment. This cherry-pick was modified to remove the "vnc" section because that configuration option within nova was not backported to kilo in upstream nova. Closes-Bug: 1428833 Change-Id: I221557aad77bf266b4e2fae23007ffa210aa1f75 Signed-off-by: Kevin Carter <kevin.carter@rackspace.com> (cherry picked from commit 0681e25a52) Signed-off-by: Kevin Carter <kevin.carter@rackspace.com>
2015-09-25 20:50:42 -05:00 · 2015-09-25 20:50:42 -05:00 · f3f56a7af3
parent 14360aca72
commit f3f56a7af3
12 changed files with 190 additions and 18 deletions
--- a/playbooks/defaults/repo_packages/openstack_other.yml
+++ b/playbooks/defaults/repo_packages/openstack_other.yml
@ -30,3 +30,8 @@ tempest_git_repo: https://git.openstack.org/openstack/tempest
 tempest_git_install_branch: 94955015682c7d8c5ed45dac76d0dbb2d4107529 # HEAD of "master" as of 08.10.2015
 tempest_git_install_fragments: "yaprtignorerequirements=true"
 tempest_git_dest: "/opt/tempest_{{ tempest_git_install_branch | replace('/', '_') }}"
+
+# NOVNC from source
+novncproxy_git_repo: https://github.com/kanaka/novnc
+novncproxy_git_install_branch: a0e7ab43dca0ce11a713694ee4cf530bd3b17c5a
+novncproxy_git_dest: "/opt/novnc_{{ novncproxy_git_install_branch | replace('/', '_') }}"
--- a/playbooks/inventory/group_vars/hosts.yml
+++ b/playbooks/inventory/group_vars/hosts.yml
@ -38,7 +38,7 @@ rsyslog_server_storage_directory: /var/log/log-storage
 openstack_repo_url: "http://{{ internal_lb_vip_address }}:{{ repo_server_port }}"
 openstack_upstream_domain: "rpc-repo.rackspace.com"
 openstack_upstream_url: "http://{{ openstack_upstream_domain }}"
-
+openstack_repo_git_url: "http://{{ internal_lb_vip_address }}:{{ repo_server_port }}/openstackgit"

 ## LXC options
 lxc_container_caches:
--- a/playbooks/os-nova-install.yml
+++ b/playbooks/os-nova-install.yml
@ -111,13 +111,20 @@
      tags:
        - nova-logs
  roles:
-    - { role: "os_nova", tags: [ "os-nova" ] }
+    - role: "os_nova"
+      nova_novncproxy_git_repo: "{{ openstack_repo_git_url }}/novnc"
+      nova_novncproxy_git_install_branch: "{{ novncproxy_git_install_branch }}"
+      nova_galera_address: "{{ internal_lb_vip_address }}"
+      tags:
+        - "os-nova"
    - role: "ceph_client"
      openstack_service_system_user: "{{ nova_system_user_name }}"
      tags:
        - "nova-ceph-client"
        - "ceph-client"
-    - { role: "openstack_openrc", tags: [ "openstack-openrc" ] }
+    - role: "openstack_openrc"
+      tags:
+        - "openstack-openrc"
    - role: "rsyslog_client"
      rsyslog_client_log_rotate_file: nova_log_rotate
      rsyslog_client_log_dir: "/var/log/nova"
@ -130,8 +137,9 @@
        - "system-crontab-coordination"
  vars:
    galera_address: "{{ internal_lb_vip_address }}"
-    nova_galera_address: "{{ internal_lb_vip_address }}"
    ansible_hostname: "{{ container_name }}"
    ansible_ssh_host: "{{ container_address }}"
    is_metal: "{{ properties.is_metal|default(false) }}"
    glance_host: "{{ internal_lb_vip_address }}"
+  vars_files:
+    - defaults/repo_packages/openstack_other.yml
--- a/playbooks/repo-build.yml
+++ b/playbooks/repo-build.yml
@ -28,6 +28,7 @@
              create-report \
              --report-file {{ repo_service_home_folder }}/repo/reports/release-{{ openstack_release }}-report.json \
              --git-install-repos {{ item['remote_packages'] }} \
+              --git-repo-path "{{ repo_service_home_folder }}/repo/openstackgit" \
              --packages {{ item['packages'] }}
      with_py_pkgs: ../
      sudo: yes
@ -49,6 +50,7 @@
              --build-output "{{ repo_build_output }}" \
              --build-dir "{{ repo_build_dir }}" \
              --build-requirements \
+              --git-repo-path "{{ repo_service_home_folder }}/repo/openstackgit" \
              --force-clean
      sudo: yes
      sudo_user: "{{ repo_service_user_name }}"
@ -68,6 +70,7 @@
              --build-dir "{{ repo_build_dir }}" \
              --build-branches \
              --build-releases \
+              --git-repo-path "{{ repo_service_home_folder }}/repo/openstackgit" \
              --force-clean
      sudo: yes
      sudo_user: "{{ repo_service_user_name }}"
@ -84,6 +87,17 @@
      sudo_user: "{{ repo_service_user_name }}"
      tags:
        - repo-html-indexes
+
+    - name: Store all git source
+      shell: |
+        yaprt --quiet \
+              store-repos \
+              --report-file {{ repo_service_home_folder }}/repo/reports/release-{{ openstack_release }}-report.json \
+              --git-repo-path "{{ repo_service_home_folder }}/repo/openstackgit"
+      sudo: yes
+      sudo_user: "{{ repo_service_user_name }}"
+      tags:
+        - repo-store-git-sources
  vars:
    repo_build_dir: "/tmp/openstack-builder"
    repo_build_output: "/tmp/openstack-wheel-output"
--- a/playbooks/roles/os_nova/defaults/main.yml
+++ b/playbooks/roles/os_nova/defaults/main.yml
@ -156,12 +156,26 @@ nova_cross_az_attach: True
 ## Nova spice
 nova_spice_html5proxy_base_proto: http
 nova_spice_html5proxy_base_port: 6082
-nova_spice_html5proxy_base_uri: "{{ nova_spice_html5proxy_base_proto }}://{{ external_lb_vip_address}}:{{ nova_spice_html5proxy_base_port }}"
+nova_spice_html5proxy_base_uri: "{{ nova_spice_html5proxy_base_proto }}://{{ external_lb_vip_address }}:{{ nova_spice_html5proxy_base_port }}"
 nova_spice_html5proxy_base_url: "{{ nova_spice_html5proxy_base_uri }}/spice_auto.html"
 nova_spice_console_keymap: en-us
 nova_spice_console_agent_enabled: True
 nova_spice_program_name: nova-spicehtml5proxy

+## Nova novnc
+nova_novncproxy_proto: http
+nova_novncproxy_port: 6080
+nova_novncproxy_host: "{{ ansible_ssh_host }}"
+nova_novncproxy_base_uri: "{{ nova_novncproxy_proto }}://{{ external_lb_vip_address }}:{{ nova_novncproxy_port }}"
+nova_novncproxy_base_url: "{{ nova_novncproxy_base_uri }}/vnc_auto.html"
+nova_novncproxy_vncserver_proxyclient_address: "{{ ansible_ssh_host }}"
+nova_novncproxy_vncserver_listen: "{{ ansible_ssh_host }}"
+nova_novncproxy_agent_enabled: True
+nova_novncproxy_program_name: nova-novncproxy
+nova_novncproxy_git_repo: https://github.com/kanaka/novnc
+nova_novncproxy_git_install_branch: master
+nova_novncproxy_vnc_keymap: en-us
+
 ## Nova metadata
 nova_metadata_proxy_enabled: True
 nova_metadata_port: 8775
@ -194,7 +208,7 @@ nova_console_agent_enabled: True
 nova_consoleauth_program_name: nova-consoleauth
 nova_console_agent_enabled: True
 nova_console_keymap: en-us
-# Set the console type. Presently the only option is ["spice"].
+# Set the console type. Presently the only options are ["spice", "novnc"].
 nova_console_type: spice

 ## Nova global config
@ -297,6 +311,7 @@ nova_service_names:
  - "{{ nova_compute_program_name }}"
  - "{{ nova_spice_program_name }}"
  - "{{ nova_consoleauth_program_name }}"
+  - "{{ nova_novncproxy_program_name }}"

 # Common apt packages
 nova_apt_packages:
@ -308,6 +323,17 @@ nova_apt_packages:
 nova_spice_apt_packages:
  - spice-html5

+nova_novnc_apt_packages:
+  - libjs-jquery
+  - libjs-sphinxdoc
+  - libjs-underscore
+  - libjs-swfobject
+  - librabbitmq1
+  - libyaml-0-2
+
+nova_novnc_pip_packages:
+  - websockify
+
 nova_compute_kvm_apt_packages:
  - bridge-utils
  - genisoimage
--- a/playbooks/roles/os_nova/tasks/main.yml
+++ b/playbooks/roles/os_nova/tasks/main.yml
@ -15,12 +15,7 @@

 - include: nova_pre_install.yml
 - include: nova_install.yml
-
- include: nova_spice_console_install.yml
-  when: >
-    inventory_hostname in groups['nova_console'] and
-    nova_console_type == "spice"
-
+- include: nova_console_install.yml
 - include: nova_post_install.yml
 - include: nova_upstart_init.yml

--- a/playbooks/roles/os_nova/tasks/nova_console_install.yml
+++ b/playbooks/roles/os_nova/tasks/nova_console_install.yml
@ -0,0 +1,28 @@
+---
+# Copyright 2015, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- include: nova_console_spice_install.yml
+  when:
+    - inventory_hostname in groups['nova_console']
+    - nova_console_type == "spice"
+  tags:
+    - nova-spice-console
+
+- include: nova_console_novnc_install.yml
+  when:
+    - inventory_hostname in groups['nova_console']
+    - nova_console_type == "novnc"
+  tags:
+    - nova-novnc-console
--- a/playbooks/roles/os_nova/tasks/nova_console_novnc_install.yml
+++ b/playbooks/roles/os_nova/tasks/nova_console_novnc_install.yml
@ -0,0 +1,66 @@
+---
+# Copyright 2014, Rackspace US, Inc.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+- name: Get package from git
+  git:
+    repo: "{{ nova_novncproxy_git_repo }}"
+    dest: "/usr/share/novnc"
+    clone: "yes"
+    update: "yes"
+    version: "{{ nova_novncproxy_git_install_branch }}"
+  register: git_clone
+  until: git_clone|success
+  retries: 5
+  delay: 2
+  tags:
+    - nova-novnc-git
+
+- name: Update apt sources
+  apt:
+    update_cache: yes
+    cache_valid_time: 600
+  register: apt_update
+  until: apt_update|success
+  retries: 5
+  delay: 2
+  tags:
+    - nova-apt-packages
+    - nova-novnc-apt-packages
+
+- name: Install apt packages
+  apt:
+    pkg: "{{ item }}"
+    state: latest
+  register: install_packages
+  until: install_packages|success
+  retries: 5
+  delay: 2
+  with_items: nova_novnc_apt_packages
+  tags:
+    - nova-apt-packages
+    - nova-novnc-apt-packages
+
+- name: Install pip packages
+  pip:
+    name: "{{ item }}"
+    state: present
+  register: install_packages
+  until: install_packages|success
+  retries: 5
+  delay: 2
+  with_items:
+    - "{{ nova_novnc_pip_packages }}"
+  tags:
+    - nova-novnc-pip-packages
--- a/playbooks/roles/os_nova/tasks/nova_console_spice_install.yml
+++ b/playbooks/roles/os_nova/tasks/nova_console_spice_install.yml
@ -37,4 +37,3 @@
  tags:
    - nova-apt-packages
    - nova-spice-apt-packages
-
--- a/playbooks/roles/os_nova/tasks/nova_upstart_init.yml
+++ b/playbooks/roles/os_nova/tasks/nova_upstart_init.yml
@ -97,9 +97,21 @@
    system_user: "{{ nova_system_user_name }}"
    system_group: "{{ nova_system_group_name }}"
    service_home: "{{ nova_system_home_folder }}"
-  when: >
-    inventory_hostname in groups ['nova_console'] and
-    nova_console_type == "spice"
+  when:
+    - inventory_hostname in groups ['nova_console']
+    - nova_console_type == "spice"
+
+# Upstart init script for novnc console.
+- include: nova_upstart_common_init.yml
+  vars:
+    program_name: "{{ nova_novncproxy_program_name }}"
+    service_name: "{{ nova_service_name }}"
+    system_user: "{{ nova_system_user_name }}"
+    system_group: "{{ nova_system_group_name }}"
+    service_home: "{{ nova_system_home_folder }}"
+  when:
+    - inventory_hostname in groups ['nova_console']
+    - nova_console_type == "novnc"

 - include: nova_upstart_common_init.yml
  vars:
--- a/playbooks/roles/os_nova/templates/nova.conf.j2
+++ b/playbooks/roles/os_nova/templates/nova.conf.j2
@ -92,8 +92,18 @@ default_floating_pool = public
 security_group_api = neutron
 network_api_class = nova.network.neutronv2.api.API

-# VNC disabled, see spice section
+{% if nova_console_type == 'spice' %}
 vnc_enabled = False
+{% elif nova_console_type == 'novnc' %}
+vnc_enabled = {{ nova_novncproxy_agent_enabled }}
+# NOVNC CONSOLE
+novncproxy_base_url = {{ nova_novncproxy_base_url }}
+novncproxy_host = {{ nova_novncproxy_host }}
+novncproxy_port = {{ nova_novncproxy_port }}
+vnc_keymap = {{ nova_novncproxy_vnc_keymap }}
+vncserver_proxyclient_address = {{ nova_novncproxy_vncserver_proxyclient_address }}
+vncserver_listen = {{ nova_novncproxy_vncserver_listen }}
+{% endif %}

 # Authentication
 auth_strategy = keystone
@ -131,7 +141,7 @@ catalog_info = volumev2:cinderv2:internalURL
 cross_az_attach = {{ nova_cross_az_attach }}


-{% if nova_spice_html5proxy_base_url is defined and nova_console_type == "spice" %}
+{% if nova_console_type == 'spice' %}
 [spice]
 agent_enabled = {{ nova_console_agent_enabled }}
 enabled = {{ nova_console_agent_enabled }}
--- a/playbooks/vars/configs/haproxy_config.yml
+++ b/playbooks/vars/configs/haproxy_config.yml
@ -128,6 +128,15 @@ haproxy_service_configs:
      haproxy_timeout_client: 60m
      haproxy_timeout_server: 60m
      haproxy_balance_alg: source
+  - service:
+      haproxy_service_name: nova_console_novnc
+      haproxy_backend_nodes: "{{ groups['nova_console'] }}"
+      haproxy_ssl: "{% if haproxy_ssl | bool and nova_novncproxy_proto == 'https' %}true{% else %}false{% endif %}"
+      haproxy_port: 6080
+      haproxy_balance_type: tcp
+      haproxy_timeout_client: 60m
+      haproxy_timeout_server: 60m
+      haproxy_balance_alg: source
  - service:
      haproxy_service_name: cinder_api
      haproxy_backend_nodes: "{{ groups['cinder_api'] }}"