Hello CloudStack developers and users, We (as leaseweb) would like to share our NoVNC solution on our cloudstack platforms with the CloudStack community . The feature was implemented in 2012 and we have made some changes since that. We have used it for more than 7 years and it is very stable.
Unlike the pull request submitted by sachinnitw1317 ( https://github.com/apache/cloudstack/pull/2204 ) ,which is based on the novnc as the front end (different from the cloudstack) and the java websocket proxy (same as cloudstack) in console proxy vm (cpvm), we use modified novnc and websockify to launch a websockify proxy in cpvm . Here are some technical details: (1) We use two open source projects: noVNC (https://github.com/novnc/noVNC , 0.6.2) and websockify (https://github.com/novnc/websockify ,latest) (2) We modified websockify so we can launch it without the target server/port and token. (3) We reuse the 'path' in novnc and websockify to pass some necessary vm informations from cloudstack to novnc and websockify. path is encrypted in cpvm / java, which contains target server,target port, vnc password, client ip and timestamp. When a new client comes, websockify will decrypt 'path' to get the vm informations above, and check if the client ip matches and the timestamp has not expired. (4) We moved the server/client initialization from novnc(js) to websockify(python). When a new client comes, websockify will create a websocket connection to the target server and port ,then check the protocol version and authentication scheme, use the password in step (3) in vnc authentication . (5) Add a global setting in cloudstack for encryption in java and decryption in websockify. Compared to the cloudstack native console (ajax/java websocket proxy) and the novnc console purposed in PR 2204 (novnc /java websocket proxy) , we believe that the novnc console based on websockifty (written in python) is more efficient than the consoles based on java websocket proxy. If you have any questions or concerns, please feel free to ask. If nobody objects, we will port our changes to cloudstack 4.11.2 LTS and submit a pull request on cloudstack github, so everyone who is interested can merge and build it in his/her fork and test it . Considering that novnc and websockify are both open source projects, and we also use some open source code (such as in pyDes.py VNC password authentication) , it would be appreciated if anyone can help us on software licensing issues. Kind regards, Wei Zhou Principal Cloud Engineer LEASEWEB
