enforce remote console shutdown
- Adds a CONF option enforce_session_timeout - Adds Timer to close connection once token expire - refactor close_connection functionality - Fixes existing and adds new unit tests - Adds release note - Updates admin guide Change-Id: I5d7e8faf1d271e9dd98d24e825631246308e7141
This commit is contained in:
Amit Uniyal
@@ -69,6 +69,31 @@ This particular example is illustrated below.
|
||||
:alt: noVNC process
|
||||
:width: 95%
|
||||
|
||||
Consoleauth configuration:
|
||||
--------------------------
|
||||
|
||||
The consoleauth accepts following options:
|
||||
|
||||
- :oslo.config:option:`consoleauth.token_ttl`
|
||||
- :oslo.config:option:`consoleauth.enforce_session_timeout`
|
||||
|
||||
.. code-block:: ini
|
||||
|
||||
[consoleauth]
|
||||
token_ttl = 1000 # default value is 600 second
|
||||
enforce_session_timeout = True # default is False
|
||||
|
||||
|
||||
Supported consoles:
|
||||
-------------------
|
||||
|
||||
* :ref:`vnc-console`
|
||||
* :ref:`spice-console`
|
||||
* :ref:`serial-console`
|
||||
* :ref:`mks-console`
|
||||
|
||||
|
||||
.. _vnc-console:
|
||||
|
||||
noVNC-based VNC console
|
||||
-----------------------
|
||||
@@ -294,6 +319,8 @@ be told where to find them. This requires editing :file:`nova.conf` to set.
|
||||
vencrypt_ca_certs=/etc/pki/nova-novncproxy/ca-cert.pem
|
||||
|
||||
|
||||
.. _spice-console:
|
||||
|
||||
SPICE console
|
||||
-------------
|
||||
|
||||
@@ -376,9 +403,10 @@ for SPICE consoles.
|
||||
- :oslo.config:option:`spice.playback_compression`
|
||||
- :oslo.config:option:`spice.streaming_mode`
|
||||
|
||||
.. _serial-console:
|
||||
|
||||
Serial
|
||||
------
|
||||
Serial console
|
||||
--------------
|
||||
|
||||
Serial consoles provide an alternative to graphical consoles like VNC or SPICE.
|
||||
They work a little differently to graphical consoles so an example is
|
||||
@@ -468,9 +496,10 @@ There are some things to keep in mind when configuring these options:
|
||||
:program:`nova-serialproxy` service to determine where to connect to for
|
||||
proxying the console interaction.
|
||||
|
||||
.. _mks-console:
|
||||
|
||||
MKS
|
||||
---
|
||||
MKS console
|
||||
-----------
|
||||
|
||||
MKS is the protocol used for accessing the console of a virtual machine running
|
||||
on VMware vSphere. It is very similar to VNC. Due to the architecture of the
|
||||
@@ -576,6 +605,13 @@ Frequently Asked Questions
|
||||
console connections, make sure that the value of ``novncproxy_base_url`` is
|
||||
set explicitly where the ``nova-novncproxy`` service is running.
|
||||
|
||||
- **Q: How do I know which nova config file to update to set a particular config option?**
|
||||
|
||||
A: First, find out which nova-service is responsible for the change you want
|
||||
to make, using ``ps -aux | grep nova``. Once the service is found, check the
|
||||
status of the service via systemctl. In the status output, associated conf
|
||||
files with respective paths will be listed.
|
||||
|
||||
|
||||
References
|
||||
----------
|
||||
|
||||
Reference in New Issue
Block a user