Nova analysis (9) -- Nova-novncproxy

Nova provides the novncproxy proxy to allow users to access virtual machines through VNC. Users can access virtual machines through websocket, Java client, or spicehtml5. The function of accessing a virtual machine through websket has been integrated into horizon, and the corresponding software needs to be installed first through the Java client. To facilitate user access to virtual machines, Nova uses a proxy, which is usually deployed together with Nova-API.

The following describes how to implement VNC access. First, enable VNC when starting a virtual machine. You can add the VNC parameter to KVM. In this way, KVM starts a vncserver to listen to the virtual machine. To access the virtual machine through websocket, follow these steps:

1. Obtain the access URL through the NOVA-API. The URL format is http: // ip: Port /? Token = xxx, which is actually the address of the VNC proxy.
2. Connect the browser to the VNC proxy
3. The VNC proxy is connected to the Nova-consoleauth to verify the token, and maps the token to the IP address and a port of the host where the VM is located. This port is the port listened to when the VM is started.
4. The VNC proxy establishes a connection with the vncserver of the host machine where the VM is located, and starts proxy until the browser session ends.

In Nova. conf, the compute node can specify the vncserver listening address and VNC proxy to connect to the vncserver through that address. This option is vncserver_proxyclient_address. The VNC proxy acts as a bridge between the public network and computing nodes, and also needs to encapsulate the VNC protocol.

VNC proxy configuration method

Generally, to provide the complete VNC function, three services must be deployed:

• Nova-consoleauth: Provides token verification to maintain the ing between tokens and IP addresses and port numbers.
• Nova-novncproxy: supports browser-based VNC clients, which are usually deployed together with Nova-API.
• Nova-xvpvncproxy: supports Java-based VNC clients, which are usually deployed together with Nova-API.

In addition, you also need to configure the computing node. The details are as follows:

• Vnc_enabled = true enables the virtual machine's VNC function.
• Vncserver_listen = 0.0.0.0 is 127.0.0.1 by default, that is, it can only be accessed from the local machine, usually configured as the IP address of the management network. When this parameter is set to 0.0.0.0, dynamic migration fails because the target host does not have an IP address during dynamic migration.
• Vncserver_proxyclient_address specifies the IP address that the VNC proxy should use to connect to the vncserver, which is usually the management network IP address.
• Novncproxy_base_url = http: // $ service_host: 6080/vnc_auto.html specifies the address that the browser client should connect. $ Service_host is usually a public IP address.
• Xvpvncproxy_base_url = http: // $ service_host: 6081/console specifies the address that the Java client should connect. $ Service_host is usually a public IP address.

The configuration of VNC proxy is relatively simple. You only need to set the host and port on which it listens. The details are as follows:

• Novncproxy_host = $ service_host is usually a public IP address.
• Maid = 6080
• Xvpvncproxy_host = $ service_host is usually a public IP.
• Xvpvncproxy_port = 6081

Take novncproxy as an example to see how it is implemented:

Class novawebsocketproxy (websockify. websocketproxy): # inherits from websocketproxy in websockify, while websocketproxy inherits from websocketserver def _ init _ (self, * ARGs, ** kwargs ): # inherit from the parent class init method def new_client (Self): # It will be executed after the websocket connection is established #1) obtain the target host from the cookie, port #2) handshake as necessary #3) create a socket connect to VNC #4) do_proxydef do_proxy (self, target ):... rlist = [self. client, target] # self. the client is generated after the websocket connection # target is the socket passed in after the above creation, connected to vnc addr while true: wlist = [] If tqueue: wlist. append (target) If cqueue or c_pend: wlist. append (self. client) INS, outs, TS = select (rlist, wlist, [], 1) If self. client in outs: # send data to client if self. client in INS # accept data from client if target in outs: # Send client data to the target VNC address if target in INS: # accept data from the target VNC address

 

References

Http://zhengtianbao.com /? P = 144