Vitor de Lima has posted comments on this change. Change subject: services, setup: Serial console proxy [WIP] ......................................................................
Patch Set 2: (3 comments) http://gerrit.ovirt.org/#/c/35906/2/packaging/services/ovirt-console-proxy/vmproxy File packaging/services/ovirt-console-proxy/vmproxy: Line 20: Line 21: return user_guid, vm_name Line 22: Line 23: def run_virsh_console(vm, host): Line 24: os.execlp('virsh', 'virsh', '-c', 'qemu+tls://' + host + '/system', 'console', vm) > what is the authentication between the virsh and the destination? The client certificate signed by the engine CA. Line 25: Line 26: def main(): Line 27: # FIXME: Logger Line 28: http://gerrit.ovirt.org/#/c/35906/2/packaging/setup/ovirt_engine_setup/console_proxy/constants.py File packaging/setup/ovirt_engine_setup/console_proxy/constants.py: Line 73: OVIRT_ENGINE_PKI_CONSOLE_CERT = \ Line 74: os.path.join(ocpconfig.VMPROXY_DIR, '.pki/libvirt/clientcert.pem') Line 75: Line 76: OVIRT_ENGINE_PKI_CONSOLE_KEY = \ Line 77: os.path.join(ocpconfig.VMPROXY_DIR, '.pki/libvirt/clientkey.pem') > I am unsure why this goes into /var/lib while all other pki artifacts are a Libvirt expects them to be there, but you can change the folder where these are located by using a parameter in the hypervisor URI while connecting to libvirtd. I will change it. (But temporarily until the SSH + UNIX socket method is ready). Line 78: Line 79: OVIRT_ENGINE_CONSOLE_PROXY_HOST_KEY = \ Line 80: ocpconfig.ENGINE_CONSOLE_PROXY_SSH_HOST_KEY_PATH Line 81: http://gerrit.ovirt.org/#/c/35906/2/packaging/setup/plugins/ovirt-engine-setup/console_proxy/config.py File packaging/setup/plugins/ovirt-engine-setup/console_proxy/config.py: Line 177: ), Line 178: condition=lambda self: self._enabled, Line 179: ) Line 180: def _misc_encrypted(self): Line 181: vdcoption.VdcOption( > if you design to install this remotely you cannot assume you have database This is going to be removed when I force the vmproxy script to use client certificate authentication. Line 182: statement=self.environment[ Line 183: oenginecons.EngineDBEnv.STATEMENT Line 184: ] Line 185: ).updateVdcOptions( -- To view, visit http://gerrit.ovirt.org/35906 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: comment Gerrit-Change-Id: I034ef8e6d10da5dc93eda61e0c5c518ca13a5a28 Gerrit-PatchSet: 2 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Vitor de Lima <[email protected]> Gerrit-Reviewer: Alon Bar-Lev <[email protected]> Gerrit-Reviewer: Francesco Romani <[email protected]> Gerrit-Reviewer: Martin Polednik <[email protected]> Gerrit-Reviewer: Vinzenz Feenstra <[email protected]> Gerrit-Reviewer: Vitor de Lima <[email protected]> Gerrit-Reviewer: Yaniv Bronhaim <[email protected]> Gerrit-Reviewer: [email protected] Gerrit-Reviewer: oVirt Jenkins CI Server Gerrit-HasComments: Yes _______________________________________________ Engine-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/engine-patches
