This is an automated email from the ASF dual-hosted git repository.
pearl11594 pushed a commit to branch change-cp-settings-to-zonelevel
in repository https://gitbox.apache.org/repos/asf/cloudstack.git
The following commit(s) were added to
refs/heads/change-cp-settings-to-zonelevel by this push:
new 317696fb88a move most console proxy setting to zone level
317696fb88a is described below
commit 317696fb88a0cac621db648f8ed6c7dcccdac210
Author: Pearl Dsilva <[email protected]>
AuthorDate: Thu Aug 7 15:06:49 2025 -0400
move most console proxy setting to zone level
---
.../AgentBasedConsoleProxyManager.java | 2 +-
.../cloud/consoleproxy/ConsoleProxyManager.java | 8 +--
.../consoleproxy/ConsoleProxyManagerImpl.java | 78 ++++++++++------------
.../consoleproxy/ConsoleAccessManagerImpl.java | 2 +-
4 files changed, 40 insertions(+), 50 deletions(-)
diff --git
a/server/src/main/java/com/cloud/consoleproxy/AgentBasedConsoleProxyManager.java
b/server/src/main/java/com/cloud/consoleproxy/AgentBasedConsoleProxyManager.java
index 47c873a0780..a65d54e5346 100644
---
a/server/src/main/java/com/cloud/consoleproxy/AgentBasedConsoleProxyManager.java
+++
b/server/src/main/java/com/cloud/consoleproxy/AgentBasedConsoleProxyManager.java
@@ -191,7 +191,7 @@ public class AgentBasedConsoleProxyManager extends
ManagerBase implements Consol
}
@Override
- public int getVncPort() {
+ public int getVncPort(Long dataCenterId) {
return _consoleProxyPort;
}
diff --git
a/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyManager.java
b/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyManager.java
index 1b585f12d1a..f804f99253d 100644
--- a/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyManager.java
+++ b/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyManager.java
@@ -56,11 +56,11 @@ public interface ConsoleProxyManager extends Manager,
ConsoleProxyService {
ConfigKey<Boolean> NoVncConsoleSourceIpCheckEnabled = new
ConfigKey<>(ConfigKey.CATEGORY_ADVANCED, Boolean.class,
"novnc.console.sourceip.check.enabled", "false",
"If true, The source IP to access novnc console must be same as the IP
in request to management server for console URL. Needs to reconnect CPVM to
management server when this changes (via restart CPVM, or management server, or
cloud service in CPVM)", false);
- ConfigKey<String> ConsoleProxyCapacityStandby = new
ConfigKey<>(String.class, "consoleproxy.capacity.standby", "Console Proxy",
"10",
+ ConfigKey<String> ConsoleProxyCapacityStandby = new
ConfigKey<>(String.class, "consoleproxy.capacity.standby", "Console Proxy",
String.valueOf(DEFAULT_STANDBY_CAPACITY),
"The minimal number of console proxy viewer sessions that system
is able to serve immediately(standby capacity)", false, ConfigKey.Scope.Zone,
null);
ConfigKey<String> ConsoleProxyCapacityScanInterval = new
ConfigKey<>(String.class, "consoleproxy.capacityscan.interval", "Console
Proxy", "30000",
- "The time interval(in millisecond) to scan whether or not system
needs more console proxy to ensure minimal standby capacity", false,
ConfigKey.Scope.Zone, null);
+ "The time interval(in millisecond) to scan whether or not system
needs more console proxy to ensure minimal standby capacity", false, null);
ConfigKey<Integer> ConsoleProxyCmdPort = new ConfigKey<>(Integer.class,
"consoleproxy.cmd.port", "Console Proxy",
String.valueOf(DEFAULT_PROXY_CMD_PORT),
"Console proxy command port that is used to communicate with
management server", false, ConfigKey.Scope.Zone, null);
@@ -74,7 +74,7 @@ public interface ConsoleProxyManager extends Manager,
ConsoleProxyService {
ConfigKey<Integer> ConsoleProxySessionMax = new ConfigKey<>(Integer.class,
"consoleproxy.session.max", "Console Proxy",
String.valueOf(DEFAULT_PROXY_CAPACITY),
"The max number of viewer sessions console proxy is configured to
serve for", false, ConfigKey.Scope.Zone, null);
- ConfigKey<Integer> ConsoleProxySessionTimeout = new
ConfigKey<>(Integer.class, "consoleproxy.session.timeout", "Console Proxy",
"300000",
+ ConfigKey<Integer> ConsoleProxySessionTimeout = new
ConfigKey<>(Integer.class, "consoleproxy.session.timeout", "Console Proxy",
String.valueOf(DEFAULT_PROXY_SESSION_TIMEOUT),
"Timeout(in milliseconds) that console proxy tries to maintain a
viewer session before it times out the session for no activity", false,
ConfigKey.Scope.Zone, null);
ConfigKey<Boolean> ConsoleProxyDisableRpFilter = new
ConfigKey<>(Boolean.class, "consoleproxy.disable.rpfilter", "Console Proxy",
"true",
@@ -108,6 +108,6 @@ public interface ConsoleProxyManager extends Manager,
ConsoleProxyService {
boolean destroyProxy(long proxyVmId);
- int getVncPort();
+ int getVncPort(Long dataCenterId);
}
diff --git
a/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
b/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
index 097ad6dc179..fbf72d074b2 100644
--- a/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
+++ b/server/src/main/java/com/cloud/consoleproxy/ConsoleProxyManagerImpl.java
@@ -233,17 +233,10 @@ public class ConsoleProxyManagerImpl extends ManagerBase
implements ConsoleProxy
private ServiceOfferingVO serviceOfferingVO;
private long capacityScanInterval =
DEFAULT_CAPACITY_SCAN_INTERVAL_IN_MILLISECONDS;
- private int capacityPerProxy = ConsoleProxyManager.DEFAULT_PROXY_CAPACITY;
- private int standbyCapacity = ConsoleProxyManager.DEFAULT_STANDBY_CAPACITY;
private boolean useStorageVm;
- private boolean disableRpFilter = false;
private String instance;
- private int proxySessionTimeoutValue = DEFAULT_PROXY_SESSION_TIMEOUT;
- private boolean sslEnabled = false;
- private String consoleProxyUrlDomain;
-
private SystemVmLoadScanner<Long> loadScanner;
private Map<Long, ZoneHostInfo> zoneHostInfoMap;
private Map<Long, ConsoleProxyLoadInfo> zoneProxyCountMap;
@@ -342,7 +335,7 @@ public class ConsoleProxyManagerImpl extends ManagerBase
implements ConsoleProxy
logger.warn(String.format("SSL is enabled for console proxy [%s]
but no server certificate found in database.", proxy.toString()));
}
- consoleProxyUrlDomain = ConsoleProxyUrlDomain.valueIn(dataCenterId);
+ String consoleProxyUrlDomain =
ConsoleProxyUrlDomain.valueIn(dataCenterId);
ConsoleProxyInfo info;
if (staticPublicIp == null) {
info = new ConsoleProxyInfo(proxy.isSslEnabled(),
proxy.getPublicIpAddress(), consoleProxyPort, proxy.getPort(),
consoleProxyUrlDomain);
@@ -375,6 +368,7 @@ public class ConsoleProxyManagerImpl extends ManagerBase
implements ConsoleProxy
}
proxy = null;
} else {
+ long capacityPerProxy =
ConsoleProxySessionMax.valueIn(dataCenterId);
if
(consoleProxyDao.getProxyActiveLoad(proxy.getId()) < capacityPerProxy ||
hasPreviousSession(proxy, vm)) {
if (logger.isDebugEnabled()) {
logger.debug("Assign previous allocated
console proxy for user vm: {}", vm);
@@ -409,7 +403,7 @@ public class ConsoleProxyManagerImpl extends ManagerBase
implements ConsoleProxy
if (vm.getProxyId() == null || vm.getProxyId() != proxy.getId()) {
vmInstanceDao.updateProxyId(vm.getId(), proxy.getId(),
DateUtil.currentGMTTime());
}
-
+ boolean sslEnabled = isSslEnabled(dataCenterId);
proxy.setSslEnabled(sslEnabled);
if (sslEnabled) {
proxy.setPort(443);
@@ -452,6 +446,7 @@ public class ConsoleProxyManagerImpl extends ManagerBase
implements ConsoleProxy
}
}
+ Integer proxySessionTimeoutValue =
ConsoleProxySessionTimeout.valueIn(proxy.getDataCenterId());
return DateUtil.currentGMTTime().getTime() -
vm.getProxyAssignTime().getTime() < proxySessionTimeoutValue;
} else {
logger.warn(String.format("Unable to retrieve load info from proxy
[%s] on an overloaded proxy.", proxy.toString()));
@@ -501,6 +496,8 @@ public class ConsoleProxyManagerImpl extends ManagerBase
implements ConsoleProxy
logger.debug("Assign console proxy from running pool for request
from data center: {}", zone);
}
+ long capacityPerProxy = ConsoleProxySessionMax.valueIn(dataCenterId);
+
ConsoleProxyAllocator allocator = getCurrentAllocator();
assert (allocator != null);
List<ConsoleProxyVO> runningList =
consoleProxyDao.getProxyListInStates(dataCenterId, State.Running);
@@ -820,8 +817,9 @@ public class ConsoleProxyManagerImpl extends ManagerBase
implements ConsoleProxy
return l.size() < launchLimit;
}
- private boolean checkCapacity(ConsoleProxyLoadInfo proxyCountInfo,
ConsoleProxyLoadInfo vmCountInfo) {
- return proxyCountInfo.getCount() * capacityPerProxy -
vmCountInfo.getCount() > standbyCapacity;
+ private boolean checkCapacity(ConsoleProxyLoadInfo proxyCountInfo,
ConsoleProxyLoadInfo vmCountInfo, long dataCenterId) {
+ long capacityPerProxy = ConsoleProxySessionMax.valueIn(dataCenterId);
+ return proxyCountInfo.getCount() * capacityPerProxy -
vmCountInfo.getCount() > getStandbyCapacity(dataCenterId);
}
private void allocCapacity(long dataCenterId) {
@@ -1118,8 +1116,8 @@ public class ConsoleProxyManagerImpl extends ManagerBase
implements ConsoleProxy
}
@Override
- public int getVncPort() {
- return sslEnabled &&
_ksDao.findByName(ConsoleProxyManager.CERTIFICATE_NAME) != null ? 8443 : 8080;
+ public int getVncPort(Long dataCenterId) {
+ return isSslEnabled(dataCenterId) &&
_ksDao.findByName(ConsoleProxyManager.CERTIFICATE_NAME) != null ? 8443 : 8080;
}
private String getAllocProxyLockName() {
@@ -1136,44 +1134,20 @@ public class ConsoleProxyManagerImpl extends
ManagerBase implements ConsoleProxy
for (Map.Entry<String, String> entry : configs.entrySet()) {
logger.info("PEARL - Configure console proxy manager : " +
entry.getKey() + " = " + entry.getValue());
}
- String value = configs.get(ConsoleProxySslEnabled.key());
- if (value != null && value.equalsIgnoreCase("true")) {
- sslEnabled = true;
- }
- consoleProxyUrlDomain = ConsoleProxyUrlDomain.value();
- if( sslEnabled && (consoleProxyUrlDomain == null ||
consoleProxyUrlDomain.isEmpty())) {
- logger.warn("Empty console proxy domain, explicitly disabling
SSL");
- sslEnabled = false;
- }
-
- value = ConsoleProxyCapacityScanInterval.value();
+ String value = ConsoleProxyCapacityScanInterval.value();
capacityScanInterval = NumbersUtil.parseLong(value,
DEFAULT_CAPACITY_SCAN_INTERVAL_IN_MILLISECONDS);
- capacityPerProxy =
NumbersUtil.parseInt(configs.get("consoleproxy.session.max"),
DEFAULT_PROXY_CAPACITY);
- standbyCapacity =
NumbersUtil.parseInt(ConsoleProxyCapacityStandby.value(),
DEFAULT_STANDBY_CAPACITY);
- proxySessionTimeoutValue =
NumbersUtil.parseInt(configs.get("consoleproxy.session.timeout"),
DEFAULT_PROXY_SESSION_TIMEOUT);
-
value = configs.get("consoleproxy.port");
if (value != null) {
consoleProxyPort = NumbersUtil.parseInt(value,
ConsoleProxyManager.DEFAULT_PROXY_VNC_PORT);
}
- Boolean rpFilterDisabled = ConsoleProxyDisableRpFilter.value();
- if (Boolean.TRUE.equals(rpFilterDisabled)) {
- disableRpFilter = true;
- }
-
value = configs.get("secondary.storage.vm");
if (value != null && value.equalsIgnoreCase("true")) {
useStorageVm = true;
}
- if (logger.isInfoEnabled()) {
- logger.info("Console proxy max session soft limit : " +
capacityPerProxy);
- logger.info("Console proxy standby capacity : " + standbyCapacity);
- }
-
instance = configs.get("instance.name");
if (instance == null) {
instance = "DEFAULT";
@@ -1255,7 +1229,7 @@ public class ConsoleProxyManagerImpl extends ManagerBase
implements ConsoleProxy
buf.append("
host=").append(StringUtils.toCSVList(indirectAgentLB.getManagementServerList(dest.getHost().getId(),
dest.getDataCenter().getId(), null)));
buf.append(" port=").append(managementPort);
buf.append(" name=").append(profile.getVirtualMachine().getHostName());
- if (sslEnabled) {
+ if (isSslEnabled(dest.getDataCenter().getId())) {
buf.append(" premium=true");
}
Long datacenterId = dest.getDataCenter().getId();
@@ -1263,8 +1237,8 @@ public class ConsoleProxyManagerImpl extends ManagerBase
implements ConsoleProxy
buf.append(" pod=").append(dest.getPod().getId());
buf.append(" guid=Proxy.").append(profile.getId());
buf.append(" proxy_vm=").append(profile.getId());
- disableRpFilter = ConsoleProxyDisableRpFilter.valueIn(datacenterId);
- if (disableRpFilter) {
+ Boolean disableRpFilter =
ConsoleProxyDisableRpFilter.valueIn(datacenterId);
+ if (Boolean.TRUE.equals(disableRpFilter)) {
buf.append(" disable_rp_filter=true");
}
@@ -1324,7 +1298,7 @@ public class ConsoleProxyManagerImpl extends ManagerBase
implements ConsoleProxy
buf.append(" dns2=").append(dc.getDns2());
}
if (VirtualMachine.Type.ConsoleProxy ==
profile.getVirtualMachine().getType()) {
- buf.append(" vncport=").append(getVncPort());
+ buf.append(" vncport=").append(getVncPort(datacenterId));
}
buf.append("
keystore_password=").append(VirtualMachineGuru.getEncodedString(PasswordGenerator.generateRandomPassword(16)));
String bootArgs = buf.toString();
@@ -1557,7 +1531,7 @@ public class ConsoleProxyManagerImpl extends ManagerBase
implements ConsoleProxy
vmInfo = new ConsoleProxyLoadInfo();
}
- if (!checkCapacity(proxyInfo, vmInfo)) {
+ if (!checkCapacity(proxyInfo, vmInfo, dataCenterId)) {
if (logger.isDebugEnabled()) {
logger.debug("Expand console proxy standby capacity for zone "
+ proxyInfo.getName());
}
@@ -1632,7 +1606,9 @@ public class ConsoleProxyManagerImpl extends ManagerBase
implements ConsoleProxy
@Override
public ConfigKey<?>[] getConfigKeys() {
- return new ConfigKey<?>[] { ConsoleProxySslEnabled,
NoVncConsoleDefault, NoVncConsoleSourceIpCheckEnabled };
+ return new ConfigKey<?>[] { ConsoleProxySslEnabled,
NoVncConsoleDefault, NoVncConsoleSourceIpCheckEnabled,
+ ConsoleProxyCapacityStandby, ConsoleProxyCapacityScanInterval,
ConsoleProxyCmdPort, ConsoleProxyRestart, ConsoleProxyUrlDomain,
ConsoleProxySessionMax, ConsoleProxySessionTimeout,
ConsoleProxyDisableRpFilter, ConsoleProxyLaunchMax,
+ ConsoleProxyManagementLastState,
ConsoleProxyServiceManagementState };
}
protected ConsoleProxyStatus parseJsonToConsoleProxyStatus(String json)
throws JsonParseException {
@@ -1666,4 +1642,18 @@ public class ConsoleProxyManagerImpl extends ManagerBase
implements ConsoleProxy
consoleProxyDao.update(proxyVmId, count, DateUtil.currentGMTTime(),
details);
}
+
+ private boolean isSslEnabled(Long dataCenterId) {
+ boolean sslEnabled = ConsoleProxySslEnabled.valueIn(dataCenterId);
+ String consoleProxyUrlDomain =
ConsoleProxyUrlDomain.valueIn(dataCenterId);
+ if( sslEnabled && (consoleProxyUrlDomain == null ||
consoleProxyUrlDomain.isEmpty())) {
+ logger.warn("Empty console proxy domain, explicitly disabling
SSL");
+ sslEnabled = false;
+ }
+ return sslEnabled;
+ }
+
+ private Integer getStandbyCapacity(Long datacenterId) {
+ return
Integer.parseInt(ConsoleProxyCapacityStandby.valueIn(datacenterId));
+ }
}
diff --git
a/server/src/main/java/org/apache/cloudstack/consoleproxy/ConsoleAccessManagerImpl.java
b/server/src/main/java/org/apache/cloudstack/consoleproxy/ConsoleAccessManagerImpl.java
index 306023a2263..aeb5f8a8b46 100644
---
a/server/src/main/java/org/apache/cloudstack/consoleproxy/ConsoleAccessManagerImpl.java
+++
b/server/src/main/java/org/apache/cloudstack/consoleproxy/ConsoleAccessManagerImpl.java
@@ -476,7 +476,7 @@ public class ConsoleAccessManagerImpl extends ManagerBase
implements ConsoleAcce
ConsoleProxyClientParam param =
generateConsoleProxyClientParam(parsedHostInfo, port, sid, tag, ticket,
sessionUuid, addr, extraSecurityToken, vm, hostVo, details,
portInfo, host, displayName);
String token = encryptor.encryptObject(ConsoleProxyClientParam.class,
param);
- int vncPort = consoleProxyManager.getVncPort();
+ int vncPort = consoleProxyManager.getVncPort(vm.getDataCenterId());
String url = generateConsoleAccessUrl(rootUrl, param, token, vncPort,
vm, hostVo, details);
