Commit aaee1c5a authored by Łukasz Nowak's avatar Łukasz Nowak Committed by Łukasz Nowak

software/kvm: Request real frontend for default software type

Real frontend is always requested.

Additional frontend is requested only if frontend-additional-instance-guid is
not empty. This frontend is published as url-additional and can be used for
access to users from some restricted networks.
parent 4636f49f
...@@ -35,9 +35,10 @@ See the instance-kvm-input-schema.json file for more instance parameters (cpu-co ...@@ -35,9 +35,10 @@ See the instance-kvm-input-schema.json file for more instance parameters (cpu-co
KVM instance parameters: KVM instance parameters:
~~~~~~~~~~~~~~~~~~~~~~~~~ ~~~~~~~~~~~~~~~~~~~~~~~~~
- frontend-software-type (default: frontend) - frontend-software-type (default: RootSoftwareInstance)
- frontend-software-url (default: https://lab.nexedi.com/nexedi/slapos/raw/slapos-0.92/software/kvm/software.cfg) - frontend-software-url (default: http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg)
- frontend-instance-guid - frontend-instance-guid
- frontend-addtional-instance-guid
- frontend-instance-name (default: VNC Frontend) - frontend-instance-name (default: VNC Frontend)
- nbd-port (default: 1024) - nbd-port (default: 1024)
- nbd-host - nbd-host
......
...@@ -19,7 +19,7 @@ md5sum = 028b6a6456d744c11b1bb2c51ecd51b2 ...@@ -19,7 +19,7 @@ md5sum = 028b6a6456d744c11b1bb2c51ecd51b2
[template-kvm] [template-kvm]
filename = instance-kvm.cfg.jinja2 filename = instance-kvm.cfg.jinja2
md5sum = 857237f3de9fb42da919a7164a355e4f md5sum = dc4dc40f9d950b5f963c22c62ca488a7
[template-kvm-cluster] [template-kvm-cluster]
filename = instance-kvm-cluster.cfg.jinja2.in filename = instance-kvm-cluster.cfg.jinja2.in
......
...@@ -336,21 +336,38 @@ ...@@ -336,21 +336,38 @@
"frontend-instance-guid": { "frontend-instance-guid": {
"title": "Frontend Instance ID", "title": "Frontend Instance ID",
"description": "Unique identifier of the frontend instance, like \"SOFTINST-11031\".", "description": "Unique identifier of the frontend instance, like \"SOFTINST-11031\".",
"type": "string", "type": "string"
"default": "SOFTINST-11031"
}, },
"frontend-software-type": { "frontend-software-type": {
"title": "Frontend Software Type", "title": "Frontend Software Type",
"description": "Type of the frontend instance, like \"frontend\".", "description": "Type of the frontend instance, like \"frontend\".",
"type": "string", "type": "string",
"default": "frontend" "default": "RootSoftwareInstance"
}, },
"frontend-software-url": { "frontend-software-url": {
"title": "Frontend Software URL", "title": "Frontend Software URL",
"description": "Software Release URL of the frontend instance, like \"http://example.com/path/to/software.cfg\".", "description": "Software Release URL of the frontend instance, like \"http://example.com/path/to/software.cfg\".",
"type": "string", "type": "string",
"format": "uri", "format": "uri",
"default": "https://lab.nexedi.com/nexedi/slapos/raw/slapos-0.92/software/kvm/software.cfg" "default": "http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg"
},
"frontend-additional-instance-guid": {
"title": "Additional Frontend Instance ID",
"description": "Unique identifier of the additional frontend instance, like \"SOFTINST-11031\", if empty won't be requested.",
"type": "string"
},
"frontend-additional-software-type": {
"title": "Additional Frontend Software Type",
"description": "Type of the frontend instance, like \"frontend\".",
"type": "string",
"default": "RootSoftwareInstance"
},
"frontend-additional-software-url": {
"title": "Additional Frontend Software URL",
"description": "Software Release URL of the frontend instance, like \"http://example.com/path/to/software.cfg\".",
"type": "string",
"format": "uri",
"default": "http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg"
} }
} }
} }
{% set additional_frontend = (slapparameter_dict.get('frontend-additional-instance-guid', '').strip() != '') %}
{% set enable_http = slapparameter_dict.get('enable-http-server', 'False').lower() -%} {% set enable_http = slapparameter_dict.get('enable-http-server', 'False').lower() -%}
{% set use_tap = slapparameter_dict.get('use-tap', 'True').lower() -%} {% set use_tap = slapparameter_dict.get('use-tap', 'True').lower() -%}
{% set use_nat = slapparameter_dict.get('use-nat', 'True').lower() -%} {% set use_nat = slapparameter_dict.get('use-nat', 'True').lower() -%}
...@@ -358,20 +359,24 @@ log = ${directory:log}/crond.log ...@@ -358,20 +359,24 @@ log = ${directory:log}/crond.log
#-- #--
#-- Deploy frontend. #-- Deploy frontend.
[request-slave-frontend] [request-slave-frontend-base]
recipe = slapos.cookbook:requestoptional recipe = slapos.cookbook:requestoptional
software-url = ${slap-parameter:frontend-software-url}
server-url = ${slap-connection:server-url} server-url = ${slap-connection:server-url}
key-file = ${slap-connection:key-file} key-file = ${slap-connection:key-file}
cert-file = ${slap-connection:cert-file} cert-file = ${slap-connection:cert-file}
computer-id = ${slap-connection:computer-id} computer-id = ${slap-connection:computer-id}
partition-id = ${slap-connection:partition-id} partition-id = ${slap-connection:partition-id}
name = ${slap-parameter:frontend-instance-name}
software-type = ${slap-parameter:frontend-software-type}
slave = true slave = true
config-host = ${novnc-instance:ip} config-https-only = True
config-port = ${novnc-instance:port} config-type = websocket
return = url resource port domainname config-url = https://[${novnc-instance:ip}]:${novnc-instance:port}
return = secure_access domain
[request-slave-frontend]
<= request-slave-frontend-base
software-url = ${slap-parameter:frontend-software-url}
software-type = ${slap-parameter:frontend-software-type}
name = ${slap-parameter:frontend-instance-name}
sla-instance_guid = ${slap-parameter:frontend-instance-guid} sla-instance_guid = ${slap-parameter:frontend-instance-guid}
[frontend-promise] [frontend-promise]
...@@ -381,6 +386,21 @@ url = ${publish-connection-information:url} ...@@ -381,6 +386,21 @@ url = ${publish-connection-information:url}
dash_path = {{ dash_executable_location }} dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }} curl_path = {{ curl_executable_location }}
{% if additional_frontend %}
[request-slave-frontend-additional]
<= request-slave-frontend-base
software-url = ${slap-parameter:frontend-additional-software-url}
software-type = ${slap-parameter:frontend-additional-software-type}
name = ${slap-parameter:frontend-additional-instance-name}
sla-instance_guid = ${slap-parameter:frontend-additional-instance-guid}
[frontend-additional-promise]
recipe = slapos.cookbook:check_url_available
path = ${directory:promises}/frontend_additional_promise
url = ${publish-connection-information:url-additional}
dash_path = {{ dash_executable_location }}
curl_path = {{ curl_executable_location }}
{% endif %}
{% if enable_http == 'true' %} {% if enable_http == 'true' %}
[httpd] [httpd]
...@@ -421,12 +441,47 @@ interface-url = {{ slapparameter_dict.get('monitor-interface-url', 'https://moni ...@@ -421,12 +441,47 @@ interface-url = {{ slapparameter_dict.get('monitor-interface-url', 'https://moni
[helper] [helper]
blank-line = blank-line =
[frontend-port-execute-base]
recipe = plone.recipe.command
command =
set -e
port=$(echo '${request-slave-frontend:connection-secure_access}' | cut -d ':' -f 3 | cut -d '/' -f 1)
[ -z $port ] && port=443
echo $port > ${:output}
update-command = ${:command}
stop-on-error = True
[frontend-port-execute]
<= frontend-port-execute-base
secure_access = ${request-slave-frontend:connection-secure_access}
output = ${directory:var}/frontend_port.txt
[frontend-port]
recipe = collective.recipe.shelloutput
filename = ${frontend-port-execute:output}
commands =
port = [ -f '${:filename}' ] && cat '${:filename}' || echo "NotReady"
{% if additional_frontend %}
[frontend-additional-port-execute]
<= frontend-port-execute-base
secure_access = ${request-slave-frontend-additional:connection-secure_access}
output = ${directory:var}/frontend_additional_port.txt
[frontend-additional-port]
<= frontend-port
filename = ${frontend-additional-port-execute:output}
{% endif %}
[publish-connection-information] [publish-connection-information]
<= monitor-publish <= monitor-publish
recipe = slapos.cookbook:publish recipe = slapos.cookbook:publish
ipv6 = ${slap-network-information:global-ipv6} ipv6 = ${slap-network-information:global-ipv6}
backend-url = https://[${novnc-instance:ip}]:${novnc-instance:port}/vnc.html?host=[${novnc-instance:ip}]&port=${novnc-instance:port}&encrypt=1&password=${kvm-controller-parameter-dict:vnc-passwd} backend-url = https://[${novnc-instance:ip}]:${novnc-instance:port}/vnc.html?host=[${novnc-instance:ip}]&port=${novnc-instance:port}&encrypt=1&password=${kvm-controller-parameter-dict:vnc-passwd}
url = ${request-slave-frontend:connection-url}/vnc.html?host=${request-slave-frontend:connection-domainname}&port=${request-slave-frontend:connection-port}&encrypt=1&path=${request-slave-frontend:connection-resource}&password=${kvm-controller-parameter-dict:vnc-passwd} url = ${request-slave-frontend:connection-secure_access}/vnc.html?host=${request-slave-frontend:connection-domain}&port=${frontend-port:port}&encrypt=1&password=${kvm-controller-parameter-dict:vnc-passwd}
{% if additional_frontend %}
url-additional = ${request-slave-frontend-additional:connection-secure_access}/vnc.html?host=${request-slave-frontend-additional:connection-domain}&port=${frontend-additional-port:port}&encrypt=1&password=${kvm-controller-parameter-dict:vnc-passwd}
{% endif %}
{% set disk_number = len(storage_dict) -%} {% set disk_number = len(storage_dict) -%}
maximum-extra-disk-amount = {{ disk_number }} maximum-extra-disk-amount = {{ disk_number }}
{% set iface = 'ens3' -%} {% set iface = 'ens3' -%}
...@@ -647,10 +702,14 @@ log = ${directory:public}/ansible/vm-bootstrap.log ...@@ -647,10 +702,14 @@ log = ${directory:public}/ansible/vm-bootstrap.log
[slap-parameter] [slap-parameter]
# Default values if not specified # Default values if not specified
frontend-software-type = frontend frontend-software-type = RootSoftwareInstance
frontend-software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.92:/software/kvm/software.cfg frontend-software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
frontend-instance-guid = frontend-instance-guid =
frontend-instance-name = VNC Frontend frontend-instance-name = VNC Real Frontend
frontend-additional-software-type = RootSoftwareInstance
frontend-additional-software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg
frontend-additional-instance-guid =
frontend-additional-instance-name = VNC Real Frontend Additional
nbd-port = 1024 nbd-port = 1024
nbd-host = nbd-host =
nbd2-port = 1024 nbd2-port = 1024
...@@ -762,6 +821,9 @@ parts = ...@@ -762,6 +821,9 @@ parts =
cron-service cron-service
cron-entry-logrotate cron-entry-logrotate
frontend-promise frontend-promise
{% if additional_frontend %}
frontend-additional-promise
{% endif %}
# monitor parts # monitor parts
monitor-base monitor-base
# Complete parts with sections # Complete parts with sections
......
...@@ -56,6 +56,7 @@ eggs = ...@@ -56,6 +56,7 @@ eggs =
collective.recipe.template collective.recipe.template
plone.recipe.command plone.recipe.command
${pycurl:egg} ${pycurl:egg}
collective.recipe.shelloutput
[http-proxy] [http-proxy]
# https://github.com/nodejitsu/node-http-proxy # https://github.com/nodejitsu/node-http-proxy
...@@ -201,6 +202,7 @@ context = ...@@ -201,6 +202,7 @@ context =
websockify = 0.5.1 websockify = 0.5.1
collective.recipe.environment = 0.2.0 collective.recipe.environment = 0.2.0
collective.recipe.shelloutput = 0.1
gitdb = 0.6.4 gitdb = 0.6.4
pycurl = 7.43.0 pycurl = 7.43.0
slapos.recipe.template = 4.3 slapos.recipe.template = 4.3
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment