← Back to team overview

yahoo-eng-team team mailing list archive

[Bug 1373950] [NEW] Serial proxy service and API broken by design

 

Public bug reported:

As part of the blueprint https://blueprints.launchpad.net/nova/+spec
/serial-ports we introduced an API extension and a websocket proxy
binary. The problem with the 2 is that a lot of the stuff was copied
verbatim from the novnc-proxy API and service which relies heavily on
the internal implementation details of NoVNC and python-websockify
libraries.

We should not ship a service that will proxy websocket traffic if we do
not acutally serve a web-based client for it (in the NoVNC case, it has
it's own HTML5 VNC implementation that works over ws://). No similar
thing was part of the proposed (and accepted) implementation. The
websocket proxy based on websockify that we currently have actually
assumes it will serve static content (which we don't do for serial
console case) which will then when excuted in the browser initiate a
websocket connection that sends the security token in the cookie: field
of the request. All of this is specific to the NoVNC implementation
(see:
https://github.com/kanaka/noVNC/blob/e4e9a9b97fec107b25573b29d2e72a6abf8f0a46/vnc_auto.html#L18)
and does not make any sense for serial console functionality.

The proxy service was introduced in
https://review.openstack.org/#/c/113963/

In a similar manner - the API that was proposed and implemented (in
https://review.openstack.org/#/c/113966/) that gives us back the URL
with the security token makes no sense for the same reasons outlined
above.

We should revert at least these 2 patches before the final Juno release
as we do not want to ship a useless service and commit to a useles API
method.

We could then look into providing similar functionality through possibly
something like https://github.com/chjj/term.js which will require us to
write a different proxy service.

** Affects: nova
     Importance: Critical
         Status: Confirmed

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1373950

Title:
  Serial proxy service  and API broken by design

Status in OpenStack Compute (Nova):
  Confirmed

Bug description:
  As part of the blueprint https://blueprints.launchpad.net/nova/+spec
  /serial-ports we introduced an API extension and a websocket proxy
  binary. The problem with the 2 is that a lot of the stuff was copied
  verbatim from the novnc-proxy API and service which relies heavily on
  the internal implementation details of NoVNC and python-websockify
  libraries.

  We should not ship a service that will proxy websocket traffic if we
  do not acutally serve a web-based client for it (in the NoVNC case, it
  has it's own HTML5 VNC implementation that works over ws://). No
  similar thing was part of the proposed (and accepted) implementation.
  The websocket proxy based on websockify that we currently have
  actually assumes it will serve static content (which we don't do for
  serial console case) which will then when excuted in the browser
  initiate a websocket connection that sends the security token in the
  cookie: field of the request. All of this is specific to the NoVNC
  implementation (see:
  https://github.com/kanaka/noVNC/blob/e4e9a9b97fec107b25573b29d2e72a6abf8f0a46/vnc_auto.html#L18)
  and does not make any sense for serial console functionality.

  The proxy service was introduced in
  https://review.openstack.org/#/c/113963/

  In a similar manner - the API that was proposed and implemented (in
  https://review.openstack.org/#/c/113966/) that gives us back the URL
  with the security token makes no sense for the same reasons outlined
  above.

  We should revert at least these 2 patches before the final Juno
  release as we do not want to ship a useless service and commit to a
  useles API method.

  We could then look into providing similar functionality through
  possibly something like https://github.com/chjj/term.js which will
  require us to write a different proxy service.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1373950/+subscriptions


Follow ups

References