beaaf405d3
This is a forklift of the nova novncproxy service to act as the noVNC front-end to graphical consoles. The service does the following: - serves noVNC web assets for the browser based VNC client - creates a websocket to proxy VNC traffic to an actual VNC server - decouples authentication traffic so that the source server can have a different authentication method than the browser client The forklifted code has been adapted to Ironic conventions, including: - [vnc] config options following Ironic conventions and using existing config options where appropriate - Removing the unnecessary authentication method VeNCrypt, leaving only the None auth method. - Adapting the ironic-novncproxy command to use Ironic's service launch approach, allowing it to be started as part of the all-in-one ironic - Replace Nova's approach of looking up the instance via the token. Instead the node UUID is included in the websocket querystring alongside the token - Removing cookie fallback when token is missing from querystring - Removing expected protocol validation in the websocket handshake - Removing internal access path support - Removing enforce_session_timeout as this will be done at the container level Related-Bug: 2086715 Change-Id: I575a8671e2262408ba1d690cfceabe992c2d4fef
36 lines
1.6 KiB
Plaintext
36 lines
1.6 KiB
Plaintext
enable_service ironic ir-api ir-cond ir-novnc
|
|
|
|
source $DEST/ironic/devstack/common_settings
|
|
|
|
# Set a default, so we can overwrite it if we need to.
|
|
PUBLIC_BRIDGE_MTU=${PUBLIC_BRIDGE_MTU:-1500}
|
|
|
|
# NOTE(vsaienko) mtu calculation has been changed recently to 1450
|
|
# https://github.com/openstack/neutron/commit/51a697
|
|
# and caused https://bugs.launchpad.net/ironic/+bug/1631875
|
|
# Get the smallest local MTU
|
|
local_mtu=$(ip link show | sed -ne 's/.*mtu \([0-9]\+\).*/\1/p' | sort -n | head -1)
|
|
|
|
# At some point, devstack started pre-populating a public bridge mtu,
|
|
# which is fine, but that also got set and used in neutron as the MTU,
|
|
# which is fine, but if our MTU is lower, then that can create headaches,
|
|
# unless we *need* it lower for specific multinode testing.
|
|
# so if the calculated local_mtu *is* higher, then we are wrong, and trust
|
|
# a prepopulated variable (1500-40-30=1430 bytes)
|
|
if [ $local_mtu -gt $PUBLIC_BRIDGE_MTU ]; then
|
|
local_mtu=$PUBLIC_BRIDGE_MTU
|
|
fi
|
|
|
|
# 50 bytes is overhead for vxlan (which is greater than GRE
|
|
# allowing us to use either overlay option with this MTU).
|
|
# However, if traffic is flowing over IPv6 tunnels, then
|
|
# The overhead is essentially another 78 bytes. In order to
|
|
# handle both cases, lets go ahead and drop the maximum by
|
|
# 78 bytes, while not going below 1280 to make IPv6 work at all.
|
|
if [[ "$HOST_TOPOLOGY" == "multinode" ]]; then
|
|
# This logic is to artificially pin down the PUBLIC_BRIDGE_MTU for
|
|
# when we are using mutlinode architecture, as to transfer the
|
|
# bytes over the multinode VXLAN tunnel, we need to drop the mtu.
|
|
PUBLIC_BRIDGE_MTU=${OVERRIDE_PUBLIC_BRIDGE_MTU:-$((local_mtu - 78))}
|
|
fi
|