I've had some experience with this, in particular with KVM. For administrators we distributed a simple script that would call virt-viewer, which is more or less a VNC client that is distributed along with tools like virsh. It knows how to connect to a VM console by the name defined in libvirt, and can do so over ssh using your admin credentials for the hypervisor. The script could use api access to know which hypervisor and VM name to pass to virt-viewer, but what we did was use a custom URL handler in our browsers and the tweaked the console button to fire that off instead of open a console proxy window. We also had an applescript that would launch "chicken of the VNC" in a similar manner by creating an ssh tunnel and connecting CotVNC locally. Sounds tricky but was relatively easy for the admins to script up without developer help.
For customers, we did much along the lines of what you're talking about, since it distributes the VNC work to individual browsers and scales. There's a websocket proxy often used with novnc. We had to first make some modifications to CloudStack in the form of an api call that would return hypervisor IP and VNC port given a VM id. Then we could feed that to novnc, and we additionally had to modify the proxy for authentication. I honestly don't remember exactly how it was all put together, I just remember the api call and some minor changes to tthe proxy and novnc itself. The new api call would be unnecessary if the proxy were integrated. I think it would be great if the console proxy were to get revamped to host novnc+websocket proxy. It would be faster and more featureful. Even just a websocket proxy would be nice, as people would be free to integrate their own web VNC with it. On Jan 25, 2015 7:27 PM, "David Bierce" <[email protected]> wrote: > Ello -- > > I’ve been looking into different ways to use the console proxy and kind of > wanted to get other people input before diving in. Talking with other > cloudstack users, they scrap cloudstack logs and VNC directly to the > hypervisor. > > The major change I was looking at would be to add to the console, or at > least somewhere console cloud link to, a web client like NoVNC or > guacamole. Then modify the console proxy to, instead of display the VNC > console, create a∂ Websocket for the console client to use. > > The approach would be similar to how OpenStack does console access. Their > novnc-proxy demon could even be a mostly drop in enchantment with some > advanced serial console features, but the agent could also be extended to > handle the authentication and proxy/websockifying. > > Is this a horrible, awful idea? > > David Bierce
