Previous discussion:
https://www.redhat.com/archives/ovirt-devel/2008-August/msg00004.html
Back to the oVirt console issue.
So far we've look at:
(1) A Gtk-based VNC browser plugin. Unfortunately we couldn't
make this stable enough for real production use.
(2) Launching an external program such as virt-viewer from a browser
plugin. This works, but it's a security issue, and we can't use
a Gtk dialog to get around the warning issue because of (1).
(3) Running virt-viewer or viagre as separate, standalone programs.
This works, but requires the user to type in some very long
and complicated command line by hand, and there are unresolved
authentication problems.
We are now in a state where we have a working virt-viewer binary for
Windows. Vinagre is not far off. And we know pretty well how to
write C / Gtk programs which cross-compile and run under Windows
reliably.
On the call today we discussed:
(4) Write a custom C/Gtk/Gtk-VNC Windows program which contacts the
oVirt WUI to do authentication, get available consoles, and
launch a Gtk-VNC widget with the appropriate tunnelling
(openssh.exe based?).
Thoughts?
Rich.
--
Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones
virt-df lists disk usage of guests without needing to install any
software inside the virtual machine. Supports Linux and Windows.
http://et.redhat.com/~rjones/virt-df/
On Thu, Nov 06, 2008 at 05:01:18PM +0000, Richard W.M. Jones wrote:> Previous discussion: > https://www.redhat.com/archives/ovirt-devel/2008-August/msg00004.html > > Back to the oVirt console issue. > > So far we've look at: > > (1) A Gtk-based VNC browser plugin. Unfortunately we couldn't > make this stable enough for real production use. > > (2) Launching an external program such as virt-viewer from a browser > plugin. This works, but it's a security issue, and we can't use > a Gtk dialog to get around the warning issue because of (1). > > (3) Running virt-viewer or viagre as separate, standalone programs. > This works, but requires the user to type in some very long > and complicated command line by hand, and there are unresolved > authentication problems. > > We are now in a state where we have a working virt-viewer binary for > Windows. Vinagre is not far off. And we know pretty well how to > write C / Gtk programs which cross-compile and run under Windows > reliably. > > On the call today we discussed: > > (4) Write a custom C/Gtk/Gtk-VNC Windows program which contacts the > oVirt WUI to do authentication, get available consoles, and > launch a Gtk-VNC widget with the appropriate tunnelling > (openssh.exe based?). > > Thoughts? >Well, we could certainly contact the REST API on the server securely to get that information. Would the Windows program be launched by our browser plugin, or be an entirely separate program? --H
On Thu, Nov 06, 2008 at 05:01:18PM +0000, Richard W.M. Jones wrote:> On the call today we discussed: > > (4) Write a custom C/Gtk/Gtk-VNC Windows program which contacts the > oVirt WUI to do authentication, get available consoles, and > launch a Gtk-VNC widget with the appropriate tunnelling > (openssh.exe based?).This is actually quite a good idea - a oVirt thin client desktop. You could even add in some basic operations like stop/start/blah, and they can avoid the web UI completely for day-to-day work. Basically this is kind of a cross of virt-viewer + vinagre, but talking to oVirt instead of libvirt. Or you could write a libvirt driver that talks to oVirt - cf the OpenNebula guys Daniel -- |: Red Hat, Engineering, London -o- http://people.redhat.com/berrange/ :| |: http://libvirt.org -o- http://virt-manager.org -o- http://ovirt.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: GnuPG: 7D3B9505 -o- F3C9 553F A1DA 4AC2 5648 23C1 B3DF F742 7D3B 9505 :|
Hi,> (3) Running virt-viewer or viagre as separate, standalone programs. > This works, but requires the user to type in some very long > and complicated command line by hand, and there are unresolved > authentication problems.Authentication problems? Which authentication problems? /me uses virt-manager for the guest consoles. Authenticates just fine via kerberos, using the same ticket I need for the ovirt wui anyway. Not the most elegant solution as I'll have to add each node manually to virt-manager. Not a big issue either with my two-node-test-setup ;) For a larger-scale setup you'll probably want build some dedicated app (say ovirt-viewer) which gets a list of vms from ovirt, the node they are running on and then goes talk to libvirt on the nodes for the vnc display. The kerberos ticket should open all doors needed. cheers, Gerd
On Fri, Nov 07, 2008 at 02:06:14PM -0600, Wes Felter wrote:> Richard W.M. Jones wrote: >> Previous discussion: >> https://www.redhat.com/archives/ovirt-devel/2008-August/msg00004.html >> >> Back to the oVirt console issue. > > Have y'all considered a Flash VNC client? I sent this suggestion to the > list months ago, but looking at the archives it looks like it didn't go > through (probably because I'm not a subscriber).The basic problem is that I don't have much experience building Flash programs. There are Flash VNC clients out there, but we'd have to modify them anyway to support Kerberos (or some form of encryption) plus any other VNC extensions that Gtk-VNC supports. Who knows if it's possible to support Kerberos / SASL / encryption / extensions from a Flash program? I'm reasonably confident that we can build a standalone Windows client, because we've in fact already done that (virt-viewer[1][2]). Extending the protocol is well-understood: it involves writing more C code and possibly porting more C libraries, both things that we now have plenty of experience with doing[3]. Rich. [1] http://camltastic.blogspot.com/2008/10/mingw-compile-software-for-windows.html [2] http://hg.et.redhat.com/applications/virt/applications/virt-tools-win32--devel [3] http://hg.et.redhat.com/misc/fedora-mingw--devel -- Richard Jones, Emerging Technologies, Red Hat http://et.redhat.com/~rjones virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into Xen guests. http://et.redhat.com/~rjones/virt-p2v