mirror of
https://git.proxmox.com/git/pve-manager
synced 2025-08-06 04:36:29 +00:00
implement spice viewer for openvz
This commit is contained in:
Dietmar Maurer
parent
2d802f8c3b
commit
427d3fa6d2
@ -536,6 +536,7 @@ __PACKAGE__->register_method({
|
||||
{ subdir => 'config' },
|
||||
{ subdir => 'status' },
|
||||
{ subdir => 'vncproxy' },
|
||||
{ subdir => 'spiceproxy' },
|
||||
{ subdir => 'migrate' },
|
||||
{ subdir => 'initlog' },
|
||||
{ subdir => 'rrd' },
|
||||
@ -901,6 +902,119 @@ __PACKAGE__->register_method ({
|
||||
};
|
||||
}});
|
||||
|
||||
__PACKAGE__->register_method ({
|
||||
name => 'spiceproxy',
|
||||
path => '{vmid}/spiceproxy',
|
||||
method => 'POST',
|
||||
protected => 1,
|
||||
proxyto => 'node',
|
||||
permissions => {
|
||||
check => ['perm', '/vms/{vmid}', [ 'VM.Console' ]],
|
||||
},
|
||||
description => "Returns a SPICE configuration to connect to the CT.",
|
||||
parameters => {
|
||||
additionalProperties => 0,
|
||||
properties => {
|
||||
node => get_standard_option('pve-node'),
|
||||
vmid => get_standard_option('pve-vmid'),
|
||||
proxy => {
|
||||
description => "This can be used by the client to specify the proxy server. All nodes in a cluster runs 'spiceproxy', so it is up to the client to choose one. By default, we return the node where the VM is currently running. As resonable setting is to use same node you use to connect to the API (This is window.location.hostname for the JS GUI).",
|
||||
type => 'string', format => 'dns-name',
|
||||
optional => 1,
|
||||
},
|
||||
},
|
||||
},
|
||||
returns => {
|
||||
description => "Returned values can be directly passed to the 'remote-viewer' application.",
|
||||
additionalProperties => 1,
|
||||
properties => {
|
||||
type => { type => 'string' },
|
||||
password => { type => 'string' },
|
||||
proxy => { type => 'string' },
|
||||
host => { type => 'string' },
|
||||
'tls-port' => { type => 'integer' },
|
||||
},
|
||||
},
|
||||
code => sub {
|
||||
my ($param) = @_;
|
||||
|
||||
my $rpcenv = PVE::RPCEnvironment::get();
|
||||
|
||||
my $authuser = $rpcenv->get_user();
|
||||
|
||||
my $vmid = $param->{vmid};
|
||||
my $node = $param->{node};
|
||||
my $proxy = $param->{proxy};
|
||||
if (!$proxy) {
|
||||
my $host = `hostname -f` || PVE::INotify::nodename();
|
||||
chomp $host;
|
||||
$proxy = $host;
|
||||
}
|
||||
|
||||
my $authpath = "/vms/$vmid";
|
||||
|
||||
my ($ticket, $proxyticket) = PVE::AccessControl::assemble_spice_ticket($authuser, $vmid, $node);
|
||||
|
||||
my $filename = "/etc/pve/local/pve-ssl.pem";
|
||||
my $subject = PVE::QemuServer::read_x509_subject_spice($filename);
|
||||
|
||||
my $cacert = PVE::Tools::file_get_contents("/etc/pve/pve-root-ca.pem", 8192);
|
||||
$cacert =~ s/\n/\\n/g;
|
||||
|
||||
my $port = PVE::Tools::next_spice_port();
|
||||
|
||||
my $remip;
|
||||
|
||||
my $shcmd = [ '/usr/bin/dtach', '-A',
|
||||
"/var/run/dtach/vzctlconsole$vmid",
|
||||
'-r', 'winch', '-z',
|
||||
'/usr/sbin/vzctl', 'console', $vmid ];
|
||||
|
||||
my $realcmd = sub {
|
||||
my $upid = shift;
|
||||
|
||||
syslog('info', "starting openvz vnc proxy $upid\n");
|
||||
|
||||
my $timeout = 10;
|
||||
|
||||
eval {
|
||||
foreach my $k (keys %ENV) {
|
||||
next if $k eq 'PATH' || $k eq 'TERM' || $k eq 'USER' || $k eq 'HOME';
|
||||
delete $ENV{$k};
|
||||
}
|
||||
$ENV{PWD} = '/';
|
||||
$ENV{SPICE_TICKET} = $ticket;
|
||||
|
||||
my $cmd = ['/usr/bin/spiceterm', '--port', $port, '--addr', '127.0.0.1',
|
||||
'--timeout', $timeout, '--authpath', $authpath,
|
||||
'--permissions', 'VM.Console', '--', @$shcmd];
|
||||
|
||||
run_command($cmd, errmsg => "spiceterm failed");
|
||||
};
|
||||
if (my $err = $@) {
|
||||
syslog ('err', $err);
|
||||
}
|
||||
|
||||
return;
|
||||
};
|
||||
|
||||
my $upid = $rpcenv->fork_worker('spiceproxy', $vmid, $authuser, $realcmd);
|
||||
|
||||
PVE::Tools::wait_for_vnc_port($port);
|
||||
|
||||
return {
|
||||
type => 'spice',
|
||||
title => "Shell on '$node'",
|
||||
host => $proxyticket, # this break tls hostname verification, so we need to use 'host-subject'
|
||||
proxy => "http://$proxy:3128",
|
||||
'tls-port' => $port,
|
||||
'host-subject' => $subject,
|
||||
ca => $cacert,
|
||||
password => $ticket,
|
||||
'delete-this-file' => 1,
|
||||
};
|
||||
}});
|
||||
|
||||
__PACKAGE__->register_method({
|
||||
name => 'vmcmdidx',
|
||||
path => '{vmid}/status',
|
||||
|
||||
@ -105,7 +105,13 @@ Ext.define('PVE.openvz.Config', {
|
||||
text: gettext('Console'),
|
||||
disabled: !caps.vms['VM.Console'],
|
||||
handler: function() {
|
||||
PVE.Utils.openConoleWindow('openvz', vmid, nodename, vmname);
|
||||
if (PVE.Utils.defaultViewer() === 'vv') {
|
||||
var params = { proxy: window.location.hostname };
|
||||
PVE.Utils.openSpiceViewer('/nodes/' + nodename + '/openvz/' + vmid +
|
||||
'/spiceproxy', params);
|
||||
} else {
|
||||
PVE.Utils.openConoleWindow('openvz', vmid, nodename, vmname);
|
||||
}
|
||||
}
|
||||
});
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user