[Kimchi-devel] [PATCH 1/2] Centralize graphics information
Aline Manera
alinefm at linux.vnet.ibm.com
Wed Aug 27 21:33:33 UTC 2014
Recently the ticket information was added to the vm to report the
graphics password and its expiration time.
That way, graphics information was found in 2 different data structuce:
some information under "graphics" and other ones under "ticket".
{
"graphics":{
"type":"vnc",
"port":null,
"listen":"127.0.0.1"
},
"ticket":{
"passwd":null,
"expire":null
},
"name":"Ubuntu14.04",
"uuid":"8522d82d-d51b-436f-88ff-aff1fed27613",
"access":"full",
"state":"shutoff",
"memory":1024
...
}
As "ticket" data structure only contains graphics information it makes
more sense to centralize it under "graphics" and also use the same
terminology used by libvirt (passwd and passwdValidTo)
"graphics":{
"type":"vnc",
"port":null,
"listen":"127.0.0.1"
"passwd":null,
"passwdValidTo":null
},
Signed-off-by: Aline Manera <alinefm at linux.vnet.ibm.com>
---
docs/API.md | 14 +++---
src/kimchi/API.json | 12 ++---
src/kimchi/control/vms.py | 2 +-
src/kimchi/i18n.py | 4 +-
src/kimchi/mockmodel.py | 38 +++++++++-------
src/kimchi/model/vms.py | 112 ++++++++++++++++++++++------------------------
tests/test_mockmodel.py | 2 +-
tests/test_model.py | 19 ++++----
tests/test_rest.py | 13 +++---
9 files changed, 111 insertions(+), 105 deletions(-)
diff --git a/docs/API.md b/docs/API.md
index ebb6e61..20f5f23 100644
--- a/docs/API.md
+++ b/docs/API.md
@@ -96,9 +96,8 @@ the following general conventions:
* port: The real port number of the graphics, vnc or spice. Users
can use this port to connect to the vm with general vnc/spice
clients.
- * ticket: A ticket represents credentials to access VM.
- * password: the password of a ticket.
- * expire: lifetime of a ticket.
+ * passwd: console password
+ * passwdValidTo: lifetime for the console password.
* users: A list of system users who have permission to access the VM.
Default is: empty (i.e. only root-users may access).
* groups: A list of system groups whose users have permission to access
@@ -112,9 +111,12 @@ the following general conventions:
will take effect in next reboot)
* memory: New amount of memory (MB) for this VM (if VM is running, new
value will take effect in next reboot)
- * ticket: A ticket represents credentials to access VM.
- * password *(optional)*: the password of a ticket.
- * expire *(optional)*: lifetime of a ticket.
+ * graphics: A dict to show detail of VM graphics.
+ * passwd *(optional)*: console password. When omitted a random password
+ willbe generated.
+ * passwdValidTo *(optional)*: lifetime for the console password. When
+ omitted the password will be valid just
+ for 30 seconds.
* **POST**: *See Virtual Machine Actions*
diff --git a/src/kimchi/API.json b/src/kimchi/API.json
index c3fc5e3..67612f2 100644
--- a/src/kimchi/API.json
+++ b/src/kimchi/API.json
@@ -235,17 +235,17 @@
"error": "KCHVM0026E"
}
},
- "ticket": {
- "description": "A ticket represents credentials to access VM",
+ "graphics": {
+ "description": "Graphics information from guest",
"type": "object",
"properties": {
- "password": {
- "description": "the password of a ticket.",
+ "passwd": {
+ "description": "New graphics password.",
"type": "string",
"error": "KCHVM0031E"
},
- "size": {
- "description": "lifetime of a ticket.",
+ "passwdValidTo": {
+ "description": "Life time for the graphics password.",
"type": "number",
"error": "KCHVM0032E"
}
diff --git a/src/kimchi/control/vms.py b/src/kimchi/control/vms.py
index 6632e52..88d8a81 100644
--- a/src/kimchi/control/vms.py
+++ b/src/kimchi/control/vms.py
@@ -36,7 +36,7 @@ class VM(Resource):
super(VM, self).__init__(model, ident)
self.role_key = 'guests'
self.update_params = ["name", "users", "groups", "cpus", "memory",
- "ticket"]
+ "graphics"]
self.screenshot = VMScreenShot(model, ident)
self.uri_fmt = '/vms/%s'
for ident, node in sub_nodes.items():
diff --git a/src/kimchi/i18n.py b/src/kimchi/i18n.py
index 2eae7e8..c276b38 100644
--- a/src/kimchi/i18n.py
+++ b/src/kimchi/i18n.py
@@ -94,8 +94,8 @@ messages = {
"KCHVM0028E": _("Group(s) '%(groups)s' do not exist"),
"KCHVM0029E": _("Unable to shutdown virtual machine %(name)s. Details: %(err)s"),
"KCHVM0030E": _("Unable to get access metadata of virtual machine %(name)s. Details: %(err)s"),
- "KCHVM0031E": _("password of a vm ticket must be a string."),
- "KCHVM0032E": _("expire of a vm ticket must be a number."),
+ "KCHVM0031E": _("The guest console password must be a string."),
+ "KCHVM0032E": _("The life time for the guest console password must be a number."),
"KCHVMIF0001E": _("Interface %(iface)s does not exist in virtual machine %(name)s"),
"KCHVMIF0002E": _("Network %(network)s specified for virtual machine %(name)s does not exist"),
diff --git a/src/kimchi/mockmodel.py b/src/kimchi/mockmodel.py
index fc474de..1322def 100644
--- a/src/kimchi/mockmodel.py
+++ b/src/kimchi/mockmodel.py
@@ -91,15 +91,6 @@ class MockModel(object):
def _static_vm_update(self, dom, params):
state = dom.info['state']
- if 'ticket' in params:
- ticket = params.pop('ticket')
- passwd = ticket.get('passwd')
- dom.ticket["passwd"] = passwd if passwd is not None else "".join(
- random.sample(string.ascii_letters + string.digits, 8))
- expire = ticket.get('expire')
- dom.ticket["ValidTo"] = expire if expire is None else round(
- time.time()) + expire
-
for key, val in params.items():
if key == 'name':
if state == 'running' or params['name'] in self.vms_get_list():
@@ -126,7 +117,21 @@ class MockModel(object):
dom.info[key] = val
def _live_vm_update(self, dom, params):
- pass
+ if 'graphics' not in params:
+ return
+
+ graphics = params.pop('graphics')
+ passwd = graphics.get('passwd')
+ if passwd is None:
+ passwd = "".join(random.sample(string.ascii_letters +
+ string.digits, 8))
+
+ expire = graphics.get('passwdValidTo')
+ if expire is not None:
+ expire = round(time.time()) + expire
+
+ dom.info['graphics']["passwd"] = passwd
+ dom.info['graphics']["passwdValidTo"] = expire
def vm_update(self, name, params):
dom = self._get_vm(name)
@@ -141,10 +146,11 @@ class MockModel(object):
vm.info['screenshot'] = self.vmscreenshot_lookup(name)
else:
vm.info['screenshot'] = None
- vm.info['ticket'] = {"passwd": vm.ticket["passwd"]}
- validTo = vm.ticket["ValidTo"]
- vm.info['ticket']["expire"] = (validTo - round(time.time())
- if validTo is not None else None)
+
+ validTo = vm.info['graphics']['passwdValidTo']
+ validTo = (validTo - round(time.time()) if validTo is not None
+ else None)
+ vm.info['graphics']['passwdValidTo'] = validTo
return vm.info
def vm_delete(self, name):
@@ -1050,7 +1056,6 @@ class MockVM(object):
self.networks = template_info['networks']
ifaces = [MockVMIface(net) for net in self.networks]
self.storagedevices = {}
- self.ticket = {"passwd": "123456", "ValidTo": None}
self.ifaces = dict([(iface.info['mac'], iface) for iface in ifaces])
stats = {'cpu_utilization': 20,
@@ -1066,7 +1071,8 @@ class MockVM(object):
'cpus': self.cpus,
'icon': None,
'graphics': {'type': 'vnc', 'listen': '127.0.0.1',
- 'port': None},
+ 'port': None, 'passwd': '123456',
+ 'passwdValidTo': None},
'users': ['user1', 'user2', 'root'],
'groups': ['group1', 'group2', 'admin'],
'access': 'full'
diff --git a/src/kimchi/model/vms.py b/src/kimchi/model/vms.py
index 5721b48..c14d126 100644
--- a/src/kimchi/model/vms.py
+++ b/src/kimchi/model/vms.py
@@ -251,12 +251,6 @@ class VMModel(object):
self.groups = import_class('kimchi.model.host.GroupsModel')(**kargs)
def update(self, name, params):
- if 'ticket' in params:
- password = params['ticket'].get("passwd")
- password = password if password is not None else "".join(
- random.sample(string.ascii_letters + string.digits, 8))
- params['ticket']['passwd'] = password
-
dom = self.get_vm(name, self.conn)
dom = self._static_vm_update(dom, params)
self._live_vm_update(dom, params)
@@ -315,14 +309,15 @@ class VMModel(object):
os_elem = E.os({"distro": distro, "version": version})
set_metadata_node(dom, os_elem)
- def _set_ticket(self, xml, params, flag=0):
+ def _set_graphics_passwd(self, xml, params, flag=0):
DEFAULT_VALID_TO = 30
password = params.get("passwd")
- expire = params.get("expire")
+ expire = params.get("passwdValidTo")
root = objectify.fromstring(xml)
graphic = root.devices.find("graphics")
if graphic is None:
return None
+
graphic.attrib['passwd'] = password
to = graphic.attrib.get('passwdValidTo')
if to is not None:
@@ -337,27 +332,27 @@ class VMModel(object):
return root if flag == 0 else graphic
- def _set_persistent_ticket(self, dom, xml, params):
- if 'ticket' not in params:
- # store the password for copy
- ticket = self._get_ticket(dom)
- if ticket['passwd'] is None:
- return xml
- else:
- params['ticket'] = ticket
- node = self._set_ticket(xml, params['ticket'])
- return xml if node is None else ET.tostring(node, encoding="utf-8")
+ def _update_graphics(self, dom, xml, params):
+ if 'graphics' not in params:
+ return xml
- def _set_live_ticket(self, dom, params):
- if 'ticket' not in params:
- return
- if dom.isActive():
- xml = dom.XMLDesc(libvirt.VIR_DOMAIN_XML_SECURE)
- flag = libvirt.VIR_DOMAIN_XML_SECURE
- node = self._set_ticket(xml, params['ticket'], flag)
- if node is not None:
- dom.updateDeviceFlags(etree.tostring(node),
- libvirt.VIR_DOMAIN_AFFECT_LIVE)
+ password = params['graphics'].get("passwd")
+ if password is None:
+ password = "".join(random.sample(string.ascii_letters +
+ string.digits, 8))
+ params['graphics']['passwd'] = password
+
+ if not dom.isActive():
+ node = self._set_graphics_passwd(xml, params['graphics'])
+ return xml if node is None else ET.tostring(node, encoding="utf-8")
+
+ xml = dom.XMLDesc(libvirt.VIR_DOMAIN_XML_SECURE)
+ flag = libvirt.VIR_DOMAIN_XML_SECURE
+ node = self._set_graphics_passwd(xml, params['graphics'], flag)
+ if node is not None:
+ dom.updateDeviceFlags(etree.tostring(node),
+ libvirt.VIR_DOMAIN_AFFECT_LIVE)
+ return xml
def _static_vm_update(self, dom, params):
state = DOM_STATE_MAP[dom.info()[0]]
@@ -374,7 +369,7 @@ class VMModel(object):
xpath = VM_STATIC_UPDATE_PARAMS[key]
new_xml = xmlutils.xml_item_update(new_xml, xpath, val)
- new_xml = self._set_persistent_ticket(dom, new_xml, params)
+ new_xml = self._update_graphics(dom, new_xml, params)
conn = self.conn.get()
try:
@@ -397,35 +392,19 @@ class VMModel(object):
def _live_vm_update(self, dom, params):
self._vm_update_access_metadata(dom, params)
- self._set_live_ticket(dom, params)
def _has_video(self, dom):
dom = ElementTree.fromstring(dom.XMLDesc(0))
return dom.find('devices/video') is not None
- def _get_ticket(self, dom):
- xml = dom.XMLDesc(libvirt.VIR_DOMAIN_XML_SECURE)
- root = objectify.fromstring(xml)
- graphic = root.devices.find("graphics")
- if graphic is None:
- return {"passwd": None, "expire": None}
- passwd = graphic.attrib.get('passwd')
- ticket = {"passwd": passwd}
- valid_to = graphic.attrib.get('passwdValidTo')
- ticket['expire'] = None
- if valid_to is not None:
- to = time.mktime(time.strptime(valid_to, '%Y-%m-%dT%H:%M:%S'))
- ticket['expire'] = to - time.mktime(time.gmtime())
-
- return ticket
-
def lookup(self, name):
dom = self.get_vm(name, self.conn)
info = dom.info()
state = DOM_STATE_MAP[info[0]]
screenshot = None
+ # (type, listen, port, passwd, passwdValidTo)
graphics = self._vm_get_graphics(name)
- graphics_type, graphics_listen, graphics_port = graphics
+ graphics_port = graphics[2]
graphics_port = graphics_port if state == 'running' else None
try:
if state == 'running' and self._has_video(dom):
@@ -465,10 +444,12 @@ class VMModel(object):
'cpus': info[3],
'screenshot': screenshot,
'icon': icon,
- 'graphics': {"type": graphics_type,
- "listen": graphics_listen,
- "port": graphics_port},
- 'ticket': self._get_ticket(dom),
+ # (type, listen, port, passwd, passwdValidTo)
+ 'graphics': {"type": graphics[0],
+ "listen": graphics[1],
+ "port": graphics_port,
+ "passwd": graphics[3],
+ "passwdValidTo": graphics[4]},
'users': users,
'groups': groups,
'access': 'full',
@@ -568,23 +549,38 @@ class VMModel(object):
def _vm_get_graphics(self, name):
dom = self.get_vm(name, self.conn)
- xml = dom.XMLDesc(0)
+ xml = dom.XMLDesc(libvirt.VIR_DOMAIN_XML_SECURE)
+
expr = "/domain/devices/graphics/@type"
res = xmlutils.xpath_get_text(xml, expr)
graphics_type = res[0] if res else None
+
expr = "/domain/devices/graphics/@listen"
res = xmlutils.xpath_get_text(xml, expr)
graphics_listen = res[0] if res else None
- graphics_port = None
+
+ graphics_port = graphics_passwd = graphics_passwdValidTo = None
if graphics_type:
- expr = "/domain/devices/graphics[@type='%s']/@port" % graphics_type
- res = xmlutils.xpath_get_text(xml, expr)
+ expr = "/domain/devices/graphics[@type='%s']/@port"
+ res = xmlutils.xpath_get_text(xml, expr % graphics_type)
graphics_port = int(res[0]) if res else None
- return graphics_type, graphics_listen, graphics_port
+
+ expr = "/domain/devices/graphics[@type='%s']/@passwd"
+ res = xmlutils.xpath_get_text(xml, expr % graphics_type)
+ graphics_passwd = res[0] if res else None
+
+ expr = "/domain/devices/graphics[@type='%s']/@passwdValidTo"
+ res = xmlutils.xpath_get_text(xml, expr % graphics_type)
+ if res:
+ to = time.mktime(time.strptime(res[0], '%Y-%m-%dT%H:%M:%S'))
+ graphics_passwdValidTo = to - time.mktime(time.gmtime())
+
+ return (graphics_type, graphics_listen, graphics_port,
+ graphics_passwd, graphics_passwdValidTo)
def connect(self, name):
- graphics = self._vm_get_graphics(name)
- graphics_type, graphics_listen, graphics_port = graphics
+ # (type, listen, port, passwd, passwdValidTo)
+ graphics_port = self._vm_get_graphics(name)[2]
if graphics_port is not None:
vnc.add_proxy_token(name, graphics_port)
else:
diff --git a/tests/test_mockmodel.py b/tests/test_mockmodel.py
index b7e6a48..8de7ce9 100644
--- a/tests/test_mockmodel.py
+++ b/tests/test_mockmodel.py
@@ -143,7 +143,7 @@ class MockModelTests(unittest.TestCase):
keys = set(('name', 'state', 'stats', 'uuid', 'memory', 'cpus',
'screenshot', 'icon', 'graphics', 'users', 'groups',
- 'access', 'ticket'))
+ 'access'))
stats_keys = set(('cpu_utilization',
'net_throughput', 'net_throughput_peak',
diff --git a/tests/test_model.py b/tests/test_model.py
index 59f416c..4eed8b3 100644
--- a/tests/test_model.py
+++ b/tests/test_model.py
@@ -65,7 +65,7 @@ class ModelTests(unittest.TestCase):
keys = set(('name', 'state', 'stats', 'uuid', 'memory', 'cpus',
'screenshot', 'icon', 'graphics', 'users', 'groups',
- 'access', 'ticket', 'persistent'))
+ 'access', 'persistent'))
stats_keys = set(('cpu_utilization',
'net_throughput', 'net_throughput_peak',
@@ -765,24 +765,25 @@ class ModelTests(unittest.TestCase):
vms = inst.vms_get_list()
self.assertTrue('kimchi-vm1' in vms)
- # update vm ticket when vm is not running
+ # update vm graphics when vm is not running
inst.vm_update(u'kimchi-vm1',
- {"ticket": {"passwd": "123456"}})
+ {"graphics": {"passwd": "123456"}})
inst.vm_start('kimchi-vm1')
rollback.prependDefer(self._rollback_wrapper, inst.vm_poweroff,
'kimchi-vm1')
vm_info = inst.vm_lookup(u'kimchi-vm1')
- self.assertEquals('123456', vm_info['ticket']["passwd"])
- self.assertEquals(None, vm_info['ticket']["expire"])
+ self.assertEquals('123456', vm_info['graphics']["passwd"])
+ self.assertEquals(None, vm_info['graphics']["passwdValidTo"])
- # update vm ticket when vm is running
+ # update vm graphics when vm is running
inst.vm_update(u'kimchi-vm1',
- {"ticket": {"passwd": "abcdef", "expire": 20}})
+ {"graphics": {"passwd": "abcdef",
+ "passwdValidTo": 20}})
vm_info = inst.vm_lookup(u'kimchi-vm1')
- self.assertEquals('abcdef', vm_info['ticket']["passwd"])
- self.assertGreaterEqual(20, vm_info['ticket']['expire'])
+ self.assertEquals('abcdef', vm_info['graphics']["passwd"])
+ self.assertGreaterEqual(20, vm_info['graphics']['passwdValidTo'])
info = inst.vm_lookup('kimchi-vm1')
self.assertEquals('running', info['state'])
diff --git a/tests/test_rest.py b/tests/test_rest.py
index 2117399..0bf5997 100644
--- a/tests/test_rest.py
+++ b/tests/test_rest.py
@@ -221,20 +221,21 @@ class RestTests(unittest.TestCase):
resp = self.request('/vms/vm-1', req, 'PUT')
self.assertEquals(200, resp.status)
- req = json.dumps({"ticket": {'passwd': "abcdef"}})
+ req = json.dumps({"graphics": {'passwd': "abcdef"}})
resp = self.request('/vms/vm-1', req, 'PUT')
info = json.loads(resp.read())
- self.assertEquals('abcdef', info["ticket"]["passwd"])
- self.assertEquals(None, info["ticket"]["expire"])
+ self.assertEquals('abcdef', info["graphics"]["passwd"])
+ self.assertEquals(None, info["graphics"]["passwdValidTo"])
resp = self.request('/vms/vm-1/poweroff', '{}', 'POST')
self.assertEquals(200, resp.status)
- req = json.dumps({"ticket": {'passwd': "123456", "expire": 20}})
+ req = json.dumps({"graphics": {'passwd': "123456",
+ 'passwdValidTo': 20}})
resp = self.request('/vms/vm-1', req, 'PUT')
info = json.loads(resp.read())
- self.assertEquals('123456', info["ticket"]["passwd"])
- self.assertGreaterEqual(20, info["ticket"]["expire"])
+ self.assertEquals('123456', info["graphics"]["passwd"])
+ self.assertGreaterEqual(20, info["graphics"]["passwdValidTo"])
req = json.dumps({'name': 12})
resp = self.request('/vms/vm-1', req, 'PUT')
--
1.9.3
More information about the Kimchi-devel
mailing list