← Back to team overview

yahoo-eng-team team mailing list archive

  1. yahoo-eng-team team
  2. Mailing list archive
  3. Message #89238

[Bug 1980647] [NEW] console doesn't work with VMware driver

  Thread PreviousDate PreviousThread Next 
Public bug reported:

Hi!

Openstack documentation for Yoga says that about mks console access with VMware backend:
--------
MKS¶
MKS is the protocol used for accessing the console of a virtual machine running on VMware vSphere. It is very similar to VNC. Due to the architecture of the VMware vSphere hypervisor, it is not necessary to run a console proxy service.

Configuration¶
To enable the MKS console service, only the nova-compute service must be configured. All options are defined in the mks group.

The nova-compute service requires the following options to configure MKS
console support.

mks.enabled

mks.mksproxy_base_url

For example, to configure this via a nova.conf file:

[mks]
enabled = True
mksproxy_base_url = https://127.0.0.1:6090/

About nova-consoleauth¶
The now-removed nova-consoleauth service was previously used to provide a shared service to manage token authentication that the client proxies outlined below could leverage. Token authentication was moved to the database in 18.0.0 (Rocky) and the service was removed in 20.0.0 (Train).
-------

>>Due to the architecture of the VMware vSphere hypervisor, it is not
necessary to run a console proxy service.

It seems like not true, or given information is not clear. How could it work without proxy? 
vCenter mks architecture provides mks access directly to ESXi host.
https://vdc-download.vmware.com/vmwb-repository/dcr-public/8c1815ce-2f69-4b0b-a50c-ed8b305c22c0/e01e3448-99e8-4b7c-b26b-f0f02c45fb91/GUID-635B3A9F-C62E-4A97-9FAB-FBCAA3914FDA.html
and it is not acceptable for cloud solutions give an access for client to internal management networks.

I tried mksproxy module:
https://opendev.org/x/nova-mksproxy
But it was written 6y ago and still uses consoleauth which is deprecated and removed, and therefore doesn't work. 
Looks like there is no working solution for VMware backend driver to work with console. 
Am I missing something?

Thanks.

** Affects: nova
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Yahoo!
Engineering Team, which is subscribed to OpenStack Compute (nova).
https://bugs.launchpad.net/bugs/1980647

Title:
  console doesn't work with VMware driver

Status in OpenStack Compute (nova):
  New

Bug description:
  Hi!

  Openstack documentation for Yoga says that about mks console access with VMware backend:
  --------
  MKS¶
  MKS is the protocol used for accessing the console of a virtual machine running on VMware vSphere. It is very similar to VNC. Due to the architecture of the VMware vSphere hypervisor, it is not necessary to run a console proxy service.

  Configuration¶
  To enable the MKS console service, only the nova-compute service must be configured. All options are defined in the mks group.

  The nova-compute service requires the following options to configure
  MKS console support.

  mks.enabled

  mks.mksproxy_base_url

  For example, to configure this via a nova.conf file:

  [mks]
  enabled = True
  mksproxy_base_url = https://127.0.0.1:6090/

  About nova-consoleauth¶
  The now-removed nova-consoleauth service was previously used to provide a shared service to manage token authentication that the client proxies outlined below could leverage. Token authentication was moved to the database in 18.0.0 (Rocky) and the service was removed in 20.0.0 (Train).
  -------

  >>Due to the architecture of the VMware vSphere hypervisor, it is not
  necessary to run a console proxy service.

  It seems like not true, or given information is not clear. How could it work without proxy? 
  vCenter mks architecture provides mks access directly to ESXi host.
  https://vdc-download.vmware.com/vmwb-repository/dcr-public/8c1815ce-2f69-4b0b-a50c-ed8b305c22c0/e01e3448-99e8-4b7c-b26b-f0f02c45fb91/GUID-635B3A9F-C62E-4A97-9FAB-FBCAA3914FDA.html
  and it is not acceptable for cloud solutions give an access for client to internal management networks.

  I tried mksproxy module:
  https://opendev.org/x/nova-mksproxy
  But it was written 6y ago and still uses consoleauth which is deprecated and removed, and therefore doesn't work. 
  Looks like there is no working solution for VMware backend driver to work with console. 
  Am I missing something?

  Thanks.

To manage notifications about this bug go to:
https://bugs.launchpad.net/nova/+bug/1980647/+subscriptions

Follow ups

  Thread PreviousDate PreviousThread Next