kvm frontend listen to ipv6 and ipv4

Conflicts:
	software/kvm/software.cfg

slapos/recipe/kvm_frontend/__init__.py

@@ -107,7 +107,8 @@ class Recipe(GenericSlapRecipe):
       http_redirect_server = ''
 
     config = dict(
-      ip=self.options['ip'],
+      ipv6=self.options['ipv6'],
+      ipv4=self.options['ipv4'],
       port=self.options['port'],
       key=self.options['ssl-key-path'],
       certificate=self.options['ssl-cert-path'],

slapos/recipe/kvm_frontend/template/kvm-proxy.js

@@ -37,12 +37,13 @@ var fs = require('fs'),
     httpProxy = require('http-proxy'),
     proxyByUrl = require('proxy-by-url');
 
-var listenInterface = process.argv[2],
-    port = process.argv[3],
-    sslKeyFile = process.argv[4],
-    sslCertFile = process.argv[5],
-    proxyTable = process.argv[6],
-    redirect = process.argv[7] || false,
+var listenInterfacev6 = process.argv[2],
+    listenInterfacev4 = process.argv[3],
+    port = process.argv[4],
+    sslKeyFile = process.argv[5],
+    sslCertFile = process.argv[6],
+    proxyTable = process.argv[7],
+    redirect = process.argv[8] || false,
     isRawIPv6;
 
 if (process.argv.length < 7) {
@@ -50,11 +51,6 @@ if (process.argv.length < 7) {
   process.exit(1);
 }
 
-isRawIPv6 = function checkipv6(str) {
-  // Inspired by http://forums.intermapper.com/viewtopic.php?t=452
-  return (/^\s*((([0-9A-Fa-f]{1,4}:){7}([0-9A-Fa-f]{1,4}|:))|(([0-9A-Fa-f]{1,4}:){6}(:[0-9A-Fa-f]{1,4}|((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){5}(((:[0-9A-Fa-f]{1,4}){1,2})|:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3})|:))|(([0-9A-Fa-f]{1,4}:){4}(((:[0-9A-Fa-f]{1,4}){1,3})|((:[0-9A-Fa-f]{1,4})?:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){3}(((:[0-9A-Fa-f]{1,4}){1,4})|((:[0-9A-Fa-f]{1,4}){0,2}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){2}(((:[0-9A-Fa-f]{1,4}){1,5})|((:[0-9A-Fa-f]{1,4}){0,3}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(([0-9A-Fa-f]{1,4}:){1}(((:[0-9A-Fa-f]{1,4}){1,6})|((:[0-9A-Fa-f]{1,4}){0,4}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:))|(:(((:[0-9A-Fa-f]{1,4}){1,7})|((:[0-9A-Fa-f]{1,4}){0,5}:((25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)(\.(25[0-5]|2[0-4]\d|1\d\d|[1-9]?\d)){3}))|:)))(%.+)?\s*$/.test(str));
-}(listenInterface);
-
 /**
  * Dummy middleware that throws 404 not found. Does not contain websocket
  * middleware.
@@ -69,7 +65,7 @@ var middlewareNotFound = function(req, res, proxy) {
 /**
  * Create server
  */
-var proxyServer = httpProxy.createServer(
+var proxyServerv6 = httpProxy.createServer(
   // We declare our proxyByUrl middleware
   proxyByUrl(proxyTable),
   // Then we add your dummy middleware, called when proxyByUrl doesn't find url.
@@ -87,42 +83,70 @@ var proxyServer = httpProxy.createServer(
       )
     },
     source: {
-    host: listenInterface,
+    host: listenInterfacev6,
     port: port
   }}
 );
 
+
+var proxyServerv4 = httpProxy.createServer(
+  // We declare our proxyByUrl middleware
+  proxyByUrl(proxyTable),
+  // Then we add your dummy middleware, called when proxyByUrl doesn't find url.
+  middlewareNotFound,
+  // And we set HTTPS options for server. HTTP will be forbidden.
+  {
+    https: {
+      key: fs.readFileSync(
+        sslKeyFile,
+        'utf8'
+      ),
+      cert: fs.readFileSync(
+        sslCertFile,
+        'utf8'
+      )
+    },
+    source: {
+    host: listenInterfacev4,
+    port: port
+  }}
+);
+
+
 console.log('HTTPS server starting and trying to listen on ' +
-            listenInterface + ':' + port);
+            listenInterfacev4 + ':' + port);
 // Release the beast.
-proxyServer.listen(port, listenInterface);
+proxyServerv6.listen(port, listenInterfacev6);
+proxyServerv4.listen(port, listenInterfacev4);
 
 // Dummy HTTP server redirecting to HTTPS. Only has sense if we can use port 80
 if (redirect === '1') {
   console.log('HTTP redirect server starting and trying to listen on ' +
               listenInterface + ':' + httpPort);
-  try {
-    var httpPort = 80;
-    http.createServer(function(req, res) {
-      var url;
-      if (isRawIPv6 === true) {
-        url = 'https://[' + listenInterface + ']';
-      } else {
-        url = 'https://' + listenInterface;
-      }
-      // If non standard port : need to specify it
-      if (port !== 443) {
-        url = url + ':' + port;
-      }
-      // Add last part of URL
-      url = url + req.url;
-      console.log(url);
-      // Anwser "permanently redirected"
-      res.statusCode = 301;
-      res.setHeader('Location', url);
-      res.end();
-    }).listen(httpPort, listenInterface);
-  } catch (error) {
-    console.log('Couldn\'t start plain HTTP redirection server : ' + error)
-  }
+/*   
+*try {
+*    var httpPort = 80;
+*    http.createServer(function(req, res) {
+*      var url;
+*      if (isRawIPv6 === true) {
+*        url = 'https://[' + listenInterface + ']';
+*      } else {
+*        url = 'https://' + listenInterface;
+*      }
+*      // If non standard port : need to specify it
+*      if (port !== 443) {
+*        url = url + ':' + port;
+*      }
+*      // Add last part of URL
+*      url = url + req.url;
+*      console.log(url);
+*      // Anwser "permanently redirected"
+*      res.statusCode = 301;
+*      res.setHeader('Location', url);
+*      res.end();
+*    }).listen(httpPort, listenInterface);
+*  } catch (error) {
+*    console.log('Couldn\'t start plain HTTP redirection server : ' + error)
+*  }
+*/
 }

slapos/recipe/kvm_frontend/template/nodejs_run.in

@@ -2,4 +2,4 @@
 # BEWARE: This file is operated by slapgrid
 # BEWARE: It will be overwritten automatically
 export NODE_PATH=%(node_env)s
-exec %(node_path)s %(conf_path)s %(ip)s %(port)s %(key)s %(certificate)s %(map_path)s %(plain_http)s
+exec %(node_path)s %(conf_path)s %(ipv6)s %(ipv4)s %(port)s %(key)s %(certificate)s %(map_path)s %(plain_http)s

software/kvm/instance-frontend.cfg.in

@@ -11,7 +11,8 @@ parts =
   cron-entry-logrotate
   ca-frontend
   certificate-authority
-  frontend-promise
+  frontend-promise-ipv6
+  frontend-promise-ipv4
 
 eggs-directory = ${buildout:eggs-directory}
 develop-eggs-directory = ${buildout:develop-eggs-directory}
@@ -47,7 +48,8 @@ logrotate-entries = $${rootdirectory:etc}/logrotate.d
 recipe = slapos.cookbook:kvm.frontend
 domain = $${ca-frontend:name}
 # port = $${slap-parameter:port}
-ip = $${slap-network-information:local-ipv4}
+ipv6 = $${slap-network-information:global-ipv6}
+ipv4 = $${slap-network-information:local-ipv4}
 port = $${slap-parameter:port}
 http-redirection = $${slap-parameter:http-redirection}
 ssl-key-path = $${ca-frontend:key-file}
@@ -60,10 +62,16 @@ node-binary = ${nodejs:location}/bin/node
 node-env = ${buildout:parts-directory}:${npm-modules:location}/node_modules
 shell-path = ${dash:location}/bin/dash
 
-[frontend-promise]
+[frontend-promise-ipv6]
 recipe = slapos.cookbook:check_port_listening
 path = $${basedirectory:promises}/frontend_promise
-hostname = $${frontend-instance:ip}
+hostname = $${frontend-instance:ipv6}
+port = $${frontend-instance:port}
+
+[frontend-promise-ipv4]
+recipe = slapos.cookbook:check_port_listening
+path = $${basedirectory:promises}/frontend_promise
+hostname = $${frontend-instance:ipv4}
 port = $${frontend-instance:port}
 
 [certificate-authority]

software/kvm/software.cfg

 [buildout]
+<<<<<<< HEAD
 extends = common.cfg
+=======
+extensions =
+  buildout-versions
+  
+extends =
+  ../../component/gzip/buildout.cfg
+  ../../component/dcron/buildout.cfg
+  ../../component/logrotate/buildout.cfg
+  ../../component/git/buildout.cfg
+  ../../component/gnutls/buildout.cfg
+  ../../component/libpng/buildout.cfg
+  ../../component/libuuid/buildout.cfg
+  ../../component/noVNC/buildout.cfg
+  ../../component/openssl/buildout.cfg
+  ../../component/dash/buildout.cfg
+  ../../component/lxml-python/buildout.cfg
+  ../../stack/nodejs.cfg
+
+develop =
+  ${:parts-directory}/websockify
+  /opt/slapdev/
+
+parts =
+  template
+  dash
+  kvm
+  eggs
+  check-local-eggs
+  nodejs
+  http-proxy
+  proxy-by-url
+  npm-modules
+  dcron
+  logrotate
+
+versions = versions
+
+#XXX-Cedric : Currently, one can only access to KVM using noVNC.
+#             Ideally one should be able to access KVM by using either NoVNC or VNC.
+#             Problem is : no native crypto support in web browsers. So we have to disable ssl
+#             In qemu builtin vnc server, and make it available only for localhost 
+#             so that only novnc can listen to it.
+
+#XXX-Cedric: Check status of https://github.com/kanaka/noVNC/issues/13 to see
+#            When qemu has builtin support for websockets in vnc server to get rid of 
+#            Websockify (socket <-> websocket proxy server) when it is ready.
+#            May solve previous XXX depending on the implementation.
+
+#XXX-Cedric : add list of keyboard layouts (azerty/us querty/...) parameter to qemu
+
+[kvm]
+recipe = hexagonit.recipe.cmmi
+url = http://downloads.sourceforge.net/project/kvm/qemu-kvm/0.15.1/qemu-kvm-0.15.1.tar.gz
+# XXX-Cedric : Upgrade to 1.0
+# url = http://downloads.sourceforge.net/project/kvm/qemu-kvm/1.0/qemu-kvm-1.0.tar.gz
+# md5sum = 00a825db46a70ba8ef9fc95da9cc7c1e
+md5sum = 8800a7d6b3aa4a168ea7f78dc66c0320
+configure-options =
+  --disable-sdl
+  --disable-xen
+  --enable-vnc-tls
+  --disable-vnc-sasl
+  --disable-curses
+  --disable-curl
+  --enable-kvm
+  --disable-docs
+  --enable-vnc-png
+  --disable-vnc-jpeg
+  --extra-cflags="-I${gnutls:location}/include -I${libuuid:location}/include -I${zlib:location}/include -I${libpng:location}/include"
+  --extra-ldflags="-Wl,-rpath -Wl,${glib:location}/lib -L${glib:location}/lib -Wl,-rpath -Wl,${gnutls:location}/lib -L${gnutls:location}/lib -Wl,-rpath -Wl,${gpg-error:location}/lib -L${gpg-error:location}/lib -L${gettext:location}/lib -Wl,-rpath -Wl,${gettext:location}/lib -Wl,-rpath -Wl,${libpng:location}/lib -L${libpng:location}/lib -L${libuuid:location}/lib -Wl,-rpath -Wl,${libuuid:location}/lib -L${zlib:location}/lib -Wl,-rpath -Wl,${zlib:location}/lib -lpng -lz -lgnutls"
+  --disable-werror
+environment =
+  PATH=${pkgconfig:location}/bin:%(PATH)s
+  PKG_CONFIG_PATH=${gnutls:location}/lib/pkgconfig:${glib:location}/lib/pkgconfig
+
+[websockify]
+# XXX-Cedric : use official egg from pypi when it is released
+recipe = plone.recipe.command
+stop-on-error = true
+commit = 301f3ae580557da47fa5ea2050aa671ce9c5a1a0
+repository = https://github.com/SlapOS/websockify.git
+location = ${buildout:parts-directory}/${:_buildout_section_name_}
+git-binary = ${git:location}/bin/git
+command = export GIT_SSL_NO_VERIFY=true; (${:git-binary} clone --quiet ${:repository} ${:location} && cd ${:location} && ${:git-binary} reset --hard ${:commit}) || (rm -fr ${:location}; exit 1)
+update-command =
+
+[check-local-eggs]
+recipe = plone.recipe.command
+stop-on-error = true
+update-command = ${:command}
+command = grep parts ${buildout:develop-eggs-directory}/websockify.egg-link
+depends = ${eggs:dummy}
+
+[eggs]
+recipe = z3c.recipe.scripts
+dummy =
+  ${websockify:location}
+eggs =
+  ${lxml-python:egg}
+  websockify
+  slapos.cookbook
+  slapos.toolbox
+
+[http-proxy]
+# https://github.com/nodejitsu/node-http-proxy
+recipe = slapos.recipe.build:download-unpacked
+#XXX-Cedric : use upstream when merged
+url = https://nodeload.github.com/desaintmartin/node-http-proxy/zipball/master
+md5sum = 20204d0b29c2cef26e1c91e99eedca6b
+
+[proxy-by-url]
+# https://github.com/dominictarr/proxy-by-url
+recipe = slapos.recipe.build:download-unpacked
+#XXX-Cedric : use upstream when merged
+url = https://nodeload.github.com/desaintmartin/proxy-by-url/zipball/master
+md5sum = c2609948aa708581f93b981b23880314
+
+[npm-modules]
+recipe = plone.recipe.command
+destination = ${buildout:parts-directory}/${:_buildout_section_name_}
+location = ${buildout:parts-directory}/${:_buildout_section_name_}
+command =
+  rm -fr ${:destination} &&
+  mkdir -p ${:destination} &&
+  cd ${:destination} &&
+  ${nodejs:location}/bin/node ${nodejs:location}/bin/npm install colors@0.6.0-1 &&
+  ${nodejs:location}/bin/node ${nodejs:location}/bin/npm install socket.io@0.8.7 &&
+  ${nodejs:location}/bin/node ${nodejs:location}/bin/npm install socket.io-client@0.8.7 &&
+  ${nodejs:location}/bin/node ${nodejs:location}/bin/npm install optimist@0.3.1 &&
+  ${nodejs:location}/bin/node ${nodejs:location}/bin/npm install pkginfo@0.2.3
+
+
+[template-kvm]
+recipe = slapos.recipe.template
+url = ${:_profile_base_location_}/instance-kvm.cfg
+md5sum = 0cd59f4911521977026b63b8af23aaba
+output = ${buildout:directory}/template-kvm.cfg
+mode = 0644
+
+[template-kvmplus]
+recipe = slapos.recipe.template
+url = ${:_profile_base_location_}/instance-kvmplus.cfg
+md5sum = 2e35c5b2ac9ee51d8f98fb1199f011c4
+output = ${buildout:directory}/template-kvmplus.cfg
+mode = 0644
+
+[template-nbd]
+recipe = slapos.recipe.template
+url = ${:_profile_base_location_}/instance-nbd.cfg
+md5sum = 7691fadfc8d4392c58ac1bf0ebd5aaf2
+output = ${buildout:directory}/template-nbd.cfg
+mode = 0644
+
+[template-frontend]
+recipe = slapos.recipe.template
+url = ${:_profile_base_location_}/instance-frontend.cfg
+md5sum = cdb690495e9eb007d2b7d2f8e12f5c59
+output = ${buildout:directory}/template-frontend.cfg
+mode = 0644
+
+[template]
+recipe = slapos.recipe.template
+url = ${:_profile_base_location_}/instance.cfg
+md5sum = 68788763d23f70f24b9e575871c903a8
+output = ${buildout:directory}/template.cfg
+mode = 0644
+>>>>>>> 0c26091... kvm frontend listen to ipv6 and ipv4
 
 [networkcache]
 # signature certificates of the following uploaders.
@@ -143,4 +311,4 @@ xml-marshaller = 0.9.7
 
 # Required by:
 # slapos.core==0.35.1
-zope.interface = 4.0.5
\ No newline at end of file
+zope.interface = 4.0.5