From: Ben Nemec Date: Fri, 15 Jan 2016 22:31:36 +0000 (-0600) Subject: Allow vncproxy to work with ssl enabled X-Git-Tag: opnfv-6.0.0~2171^2 X-Git-Url: https://gerrit.opnfv.org/gerrit/gitweb?a=commitdiff_plain;h=dd7602ad82100617126be26d80a6d3f67cb739ac;p=apex-tripleo-heat-templates.git Allow vncproxy to work with ssl enabled Right now our vncproxy settings are hard-coded to http and the non-ssl port. This change adds a vncproxy entry to the endpoint map and uses those values to configure the proxy correctly on compute nodes. This is sufficient to get it working in my environment with ssl enabled. Change-Id: I9d69b088eef4700959b33c7e0eb44932949d7b71 --- diff --git a/environments/enable-tls.yaml b/environments/enable-tls.yaml index bc4d1bef..5794c6b4 100644 --- a/environments/enable-tls.yaml +++ b/environments/enable-tls.yaml @@ -33,6 +33,9 @@ parameter_defaults: NovaEC2Admin: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} NovaEC2Internal: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} NovaEC2Public: {protocol: 'https', port: '13773', host: 'CLOUDNAME'} + NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyPublic: {protocol: 'https', port: '13080', host: 'CLOUDNAME'} SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftPublic: {protocol: 'https', port: '13808', host: 'CLOUDNAME'} diff --git a/network/endpoints/endpoint_map.yaml b/network/endpoints/endpoint_map.yaml index f6063c0e..278c2605 100644 --- a/network/endpoints/endpoint_map.yaml +++ b/network/endpoints/endpoint_map.yaml @@ -74,6 +74,9 @@ parameters: NovaEC2Admin: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} NovaEC2Internal: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} NovaEC2Public: {protocol: 'http', port: '8773', host: 'IP_ADDRESS'} + NovaVNCProxyAdmin: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyInternal: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} + NovaVNCProxyPublic: {protocol: 'http', port: '6080', host: 'IP_ADDRESS'} SwiftAdmin: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftInternal: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} SwiftPublic: {protocol: 'http', port: '8080', host: 'IP_ADDRESS'} @@ -364,6 +367,28 @@ resources: CloudName: {get_param: CloudName} UriSuffix: '/services/Admin' + NovaVNCProxyInternal: + type: OS::TripleO::Endpoint + properties: + EndpointName: NovaVNCProxyInternal + EndpointMap: { get_param: EndpointMap } + IP: {get_param: NovaApiVirtualIP} + CloudName: {get_param: CloudName} + NovaVNCProxyPublic: + type: OS::TripleO::Endpoint + properties: + EndpointName: NovaVNCProxyPublic + EndpointMap: { get_param: EndpointMap } + IP: {get_param: PublicVirtualIP} + CloudName: {get_param: CloudName} + NovaVNCProxyAdmin: + type: OS::TripleO::Endpoint + properties: + EndpointName: NovaVNCProxyAdmin + EndpointMap: { get_param: EndpointMap } + IP: {get_param: NovaApiVirtualIP} + CloudName: {get_param: CloudName} + SwiftInternal: type: OS::TripleO::Endpoint properties: @@ -473,6 +498,9 @@ outputs: NovaEC2Internal: {get_attr: [ NovaEC2Internal, endpoint] } NovaEC2Public: {get_attr: [ NovaEC2Public, endpoint] } NovaEC2Admin: {get_attr: [ NovaEC2Admin, endpoint] } + NovaVNCProxyInternal: {get_attr: [ NovaVNCProxyInternal, endpoint] } + NovaVNCProxyPublic: {get_attr: [ NovaVNCProxyPublic, endpoint] } + NovaVNCProxyAdmin: {get_attr: [ NovaVNCProxyAdmin, endpoint] } SwiftInternal: {get_attr: [ SwiftInternal, endpoint] } SwiftPublic: {get_attr: [ SwiftPublic, endpoint] } SwiftAdmin: {get_attr: [ SwiftAdmin, endpoint] } diff --git a/puppet/compute.yaml b/puppet/compute.yaml index f4165756..1f7f0c23 100644 --- a/puppet/compute.yaml +++ b/puppet/compute.yaml @@ -463,6 +463,9 @@ resources: rbd_persistent_storage: {get_input: cinder_enable_rbd_backend} nova_password: {get_input: nova_password} nova::compute::vncserver_proxyclient_address: {get_input: nova_vnc_proxyclient_address} + nova::vncproxy::common::vncproxy_protocol: {get_input: nova_vncproxy_protocol} + nova::vncproxy::common::vncproxy_host: {get_input: nova_vncproxy_host} + nova::vncproxy::common::vncproxy_port: {get_input: nova_vncproxy_port} nova::network::neutron::neutron_ovs_bridge: {get_input: nova_ovs_bridge} nova::network::neutron::security_group_api: {get_input: nova_security_group_api} ceilometer::debug: {get_input: debug} @@ -533,6 +536,9 @@ resources: nova_enable_rbd_backend: {get_param: NovaEnableRbdBackend} cinder_enable_rbd_backend: {get_param: CinderEnableRbdBackend} nova_vnc_proxyclient_address: {get_attr: [NetIpMap, net_ip_map, {get_param: [ServiceNetMap, NovaVncProxyNetwork]}]} + nova_vncproxy_protocol: {get_param: [EndpointMap, NovaVNCProxyPublic, protocol]} + nova_vncproxy_host: {get_param: [EndpointMap, NovaVNCProxyPublic, host]} + nova_vncproxy_port: {get_param: [EndpointMap, NovaVNCProxyPublic, port]} nova_ovs_bridge: {get_param: NovaOVSBridge} nova_security_group_api: {get_param: NovaSecurityGroupAPI} ceilometer_metering_secret: {get_param: CeilometerMeteringSecret}