Skip to content

[WIP] Move console proxy related global settings to Zone level #11415

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft
wants to merge 3 commits into
base: main
Choose a base branch
from
Draft

[WIP] Move console proxy related global settings to Zone level #11415

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
8a0b090
Move Console Proxy global settings to zone level
Pearl1594 Aug 6, 2025
317696f
move most console proxy setting to zone level
Pearl1594 Aug 7, 2025
b8c2c3b
move consoleproxy service offering to zone level
Pearl1594 Aug 7, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions framework/config/src/main/java/org/apache/cloudstack/framework/config/ConfigKey.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -229,6 +229,10 @@ public ConfigKey(String category, Class<T> type, String name, String defaultValu
this(type, name, category, defaultValue, description, isDynamic, Scope.Global, null);
}

public ConfigKey(String category, Class<T> type, String name, String defaultValue, String description, Scope scope, boolean isDynamic) {
this(type, name, category, defaultValue, description, isDynamic, scope, null);
}

public ConfigKey(String category, Class<T> type, String name, String defaultValue, String description, boolean isDynamic, Kind kind, String options) {
this(type, name, category, defaultValue, description, isDynamic, Scope.Global, null, null, null, null, null, kind, options);
}
Expand Down
100 changes: 1 addition & 99 deletions server/src/main/java/com/cloud/configuration/Config.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,6 @@
import org.apache.cloudstack.framework.config.ConfigKey;

import com.cloud.agent.AgentManager;
import com.cloud.consoleproxy.ConsoleProxyManager;
import com.cloud.ha.HighAvailabilityManager;
import com.cloud.hypervisor.Hypervisor.HypervisorType;
import com.cloud.network.router.VpcVirtualNetworkApplianceManager;
Expand Down Expand Up @@ -404,96 +403,6 @@ public enum Config {
"service monitoring in router enable/disable option, default false", null),


// Console Proxy
ConsoleProxyCapacityStandby(
"Console Proxy",
AgentManager.class,
String.class,
"consoleproxy.capacity.standby",
"10",
"The minimal number of console proxy viewer sessions that system is able to serve immediately(standby capacity)",
null),
ConsoleProxyCapacityScanInterval(
"Console Proxy",
AgentManager.class,
String.class,
"consoleproxy.capacityscan.interval",
"30000",
"The time interval(in millisecond) to scan whether or not system needs more console proxy to ensure minimal standby capacity",
null),
ConsoleProxyCmdPort(
"Console Proxy",
AgentManager.class,
Integer.class,
"consoleproxy.cmd.port",
"8001",
"Console proxy command port that is used to communicate with management server",
null),
ConsoleProxyRestart(
"Console Proxy",
AgentManager.class,
Boolean.class,
"consoleproxy.restart",
"true",
"Console proxy restart flag, defaulted to true",
null),
ConsoleProxyUrlDomain(
"Console Proxy",
AgentManager.class,
String.class,
"consoleproxy.url.domain",
"",
"Console proxy url domain",
"domainName,privateip"),
ConsoleProxySessionMax(
"Console Proxy",
AgentManager.class,
Integer.class,
"consoleproxy.session.max",
String.valueOf(ConsoleProxyManager.DEFAULT_PROXY_CAPACITY),
"The max number of viewer sessions console proxy is configured to serve for",
null),
ConsoleProxySessionTimeout(
"Console Proxy",
AgentManager.class,
Integer.class,
"consoleproxy.session.timeout",
"300000",
"Timeout(in milliseconds) that console proxy tries to maintain a viewer session before it times out the session for no activity",
null),
ConsoleProxyDisableRpFilter(
"Console Proxy",
AgentManager.class,
Boolean.class,
"consoleproxy.disable.rpfilter",
"true",
"disable rp_filter on console proxy VM public interface",
null),
ConsoleProxyLaunchMax(
"Console Proxy",
AgentManager.class,
Integer.class,
"consoleproxy.launch.max",
"10",
"maximum number of console proxy instances per zone can be launched",
null),
ConsoleProxyManagementState(
"Console Proxy",
AgentManager.class,
String.class,
"consoleproxy.management.state",
com.cloud.consoleproxy.ConsoleProxyManagementState.Auto.toString(),
"console proxy service management state",
null),
ConsoleProxyManagementLastState(
"Console Proxy",
AgentManager.class,
String.class,
"consoleproxy.management.state.last",
com.cloud.consoleproxy.ConsoleProxyManagementState.Auto.toString(),
"last console proxy service management state",
null),

// Snapshots

SnapshotPollInterval(
Expand Down Expand Up @@ -1587,14 +1496,6 @@ public enum Config {
"false",
"Should be set to true, if there will be multiple NetScaler devices providing EIP service in a zone",
null),
ConsoleProxyServiceOffering(
"Advanced",
ManagementServer.class,
String.class,
"consoleproxy.service.offering",
null,
"Uuid of the service offering used by console proxy; if NULL - system offering will be used",
null),
SecondaryStorageServiceOffering(
"Advanced",
ManagementServer.class,
Expand Down Expand Up @@ -1799,6 +1700,7 @@ public enum Config {

SSVMPSK("Hidden", ManagementServer.class, String.class, "upload.post.secret.key", "", "PSK with SSVM", null);


private final String _category;
private final Class<?> _componentClass;
private final Class<?> _type;
Expand Down
3 changes: 2 additions & 1 deletion server/src/main/java/com/cloud/configuration/ConfigurationManagerImpl.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -50,6 +50,7 @@
import javax.inject.Inject;
import javax.naming.ConfigurationException;

import com.cloud.consoleproxy.ConsoleProxyManager;
import org.apache.cloudstack.acl.RoleType;
import org.apache.cloudstack.acl.SecurityChecker;
import org.apache.cloudstack.affinity.AffinityGroup;
Expand Down Expand Up @@ -573,7 +574,7 @@ protected void populateConfigValuesForValidationSet() {
configValuesForValidation.add("event.purge.interval");
configValuesForValidation.add("account.cleanup.interval");
configValuesForValidation.add("alert.wait");
configValuesForValidation.add("consoleproxy.capacityscan.interval");
configValuesForValidation.add(ConsoleProxyManager.ConsoleProxyCapacityScanInterval.key());
configValuesForValidation.add("expunge.interval");
configValuesForValidation.add("host.stats.interval");
configValuesForValidation.add("network.gc.interval");
Expand Down
10 changes: 6 additions & 4 deletions server/src/main/java/com/cloud/consoleproxy/AgentBasedConsoleProxyManager.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -120,12 +120,12 @@ public boolean configure(String name, Map<String, Object> params) throws Configu
_consoleProxyPort = NumbersUtil.parseInt(value, ConsoleProxyManager.DEFAULT_PROXY_VNC_PORT);
}

value = configs.get(ConsoleProxySslEnabled.key());
if (value != null && value.equalsIgnoreCase("true")) {
Boolean sslEnabled = ConsoleProxySslEnabled.value();
if (Boolean.TRUE.equals(sslEnabled)) {
_sslEnabled = true;
}

_consoleProxyUrlDomain = configs.get("consoleproxy.url.domain");
_consoleProxyUrlDomain = ConsoleProxyUrlDomain.value();

_listener = new ConsoleProxyListener(new AgentBasedAgentHook(_instanceDao, _hostDao, _configDao, _ksMgr,
_agentMgr, _keysMgr, consoleAccessManager));
Expand Down Expand Up @@ -166,6 +166,8 @@ public ConsoleProxyInfo assignProxy(long dataCenterId, VMInstanceVO userVm) {
urlPort = host.getProxyPort().intValue();
}

_sslEnabled = ConsoleProxySslEnabled.valueIn(dataCenterId);
_consoleProxyUrlDomain = ConsoleProxyUrlDomain.valueIn(dataCenterId);
return new ConsoleProxyInfo(_sslEnabled, publicIp, _consoleProxyPort, urlPort, _consoleProxyUrlDomain);
} else {
logger.warn("Host that VM is running is no longer available, console access to VM {} will be temporarily unavailable.", userVm);
Expand All @@ -189,7 +191,7 @@ public boolean destroyProxy(long proxyVmId) {
}

@Override
public int getVncPort() {
public int getVncPort(Long dataCenterId) {
return _consoleProxyPort;
}

Expand Down
16 changes: 8 additions & 8 deletions server/src/main/java/com/cloud/consoleproxy/AgentHookBase.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,6 @@
import com.cloud.agent.api.StartupCommand;
import com.cloud.agent.api.StartupProxyCommand;
import com.cloud.agent.api.proxy.StartConsoleProxyAgentHttpHandlerCommand;
import com.cloud.configuration.Config;
import com.cloud.exception.AgentUnavailableException;
import com.cloud.exception.OperationTimedoutException;
import com.cloud.host.Host;
Expand Down Expand Up @@ -213,10 +212,14 @@ public void startAgentHttpHandlerInVM(StartupProxyCommand startupCmd) {

byte[] ksBits = null;

String consoleProxyUrlDomain = _configDao.getValue(Config.ConsoleProxyUrlDomain.key());
String consoleProxySslEnabled = _configDao.getValue(ConsoleProxyManager.ConsoleProxySslEnabled.key());
if (!StringUtils.isEmpty(consoleProxyUrlDomain) && !StringUtils.isEmpty(consoleProxySslEnabled)
&& consoleProxySslEnabled.equalsIgnoreCase("true")) {
HostVO consoleProxyHost = findConsoleProxyHost(startupCmd);

assert (consoleProxyHost != null);

Long datacenterId = consoleProxyHost.getDataCenterId();
String consoleProxyUrlDomain = ConsoleProxyManager.ConsoleProxyUrlDomain.valueIn(datacenterId);
Boolean consoleProxySslEnabled = ConsoleProxyManager.ConsoleProxySslEnabled.valueIn(datacenterId);
if (!StringUtils.isEmpty(consoleProxyUrlDomain) && Boolean.TRUE.equals(consoleProxySslEnabled)) {
ksBits = _ksMgr.getKeystoreBits(ConsoleProxyManager.CERTIFICATE_NAME, ConsoleProxyManager.CERTIFICATE_NAME, storePassword);
//ks manager raises exception if ksBits are null, hence no need to explicltly handle the condition
} else {
Expand All @@ -227,9 +230,6 @@ public void startAgentHttpHandlerInVM(StartupProxyCommand startupCmd) {
cmd.setEncryptorPassword(getEncryptorPassword());
cmd.setIsSourceIpCheckEnabled(Boolean.parseBoolean(_configDao.getValue(ConsoleProxyManager.NoVncConsoleSourceIpCheckEnabled.key())));

HostVO consoleProxyHost = findConsoleProxyHost(startupCmd);

assert (consoleProxyHost != null);
if (consoleProxyHost != null) {
Answer answer = _agentMgr.send(consoleProxyHost.getId(), cmd);
if (answer == null || !answer.getResult()) {
Expand Down
45 changes: 42 additions & 3 deletions server/src/main/java/com/cloud/consoleproxy/ConsoleProxyManager.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,9 @@
// under the License.
package com.cloud.consoleproxy;

import java.util.Arrays;
import java.util.Map;
import java.util.stream.Collectors;

import org.apache.cloudstack.framework.config.ConfigKey;

Expand Down Expand Up @@ -46,14 +48,51 @@ public interface ConsoleProxyManager extends Manager, ConsoleProxyService {
String CERTIFICATE_NAME = "CPVMCertificate";

ConfigKey<Boolean> ConsoleProxySslEnabled = new ConfigKey<>(ConfigKey.CATEGORY_ADVANCED, Boolean.class, "consoleproxy.sslEnabled", "false",
"Enable SSL for console proxy", false);
"Enable SSL for console proxy", ConfigKey.Scope.Zone, false);

ConfigKey<Boolean> NoVncConsoleDefault = new ConfigKey<>(ConfigKey.CATEGORY_ADVANCED, Boolean.class, "novnc.console.default", "true",
"If true, noVNC console will be default console for virtual machines", true);
"If true, noVNC console will be default console for virtual machines", ConfigKey.Scope.Zone, true);

ConfigKey<Boolean> NoVncConsoleSourceIpCheckEnabled = new ConfigKey<>(ConfigKey.CATEGORY_ADVANCED, Boolean.class, "novnc.console.sourceip.check.enabled", "false",
"If true, The source IP to access novnc console must be same as the IP in request to management server for console URL. Needs to reconnect CPVM to management server when this changes (via restart CPVM, or management server, or cloud service in CPVM)", false);

ConfigKey<String> ConsoleProxyServiceOffering = new ConfigKey<>(String.class, "consoleproxy.service.offering", "Console Proxy", null,
"Uuid of the service offering used by console proxy; if NULL - system offering will be used", false, ConfigKey.Scope.Zone, null);

ConfigKey<String> ConsoleProxyCapacityStandby = new ConfigKey<>(String.class, "consoleproxy.capacity.standby", "Console Proxy", String.valueOf(DEFAULT_STANDBY_CAPACITY),
"The minimal number of console proxy viewer sessions that system is able to serve immediately(standby capacity)", false, ConfigKey.Scope.Zone, null);

ConfigKey<String> ConsoleProxyCapacityScanInterval = new ConfigKey<>(String.class, "consoleproxy.capacityscan.interval", "Console Proxy", "30000",
"The time interval(in millisecond) to scan whether or not system needs more console proxy to ensure minimal standby capacity", false, null);

ConfigKey<Integer> ConsoleProxyCmdPort = new ConfigKey<>(Integer.class, "consoleproxy.cmd.port", "Console Proxy", String.valueOf(DEFAULT_PROXY_CMD_PORT),
"Console proxy command port that is used to communicate with management server", false, ConfigKey.Scope.Zone, null);

ConfigKey<Boolean> ConsoleProxyRestart = new ConfigKey<>(Boolean.class, "consoleproxy.restart", "Console Proxy", "true",
"Console proxy restart flag, defaults to true", false, ConfigKey.Scope.Zone, null);

ConfigKey<String> ConsoleProxyUrlDomain = new ConfigKey<>(String.class, "consoleproxy.url.domain", "Console Proxy", "",
"Console proxy url domain - domainName,privateip", false, ConfigKey.Scope.Zone, null);

ConfigKey<Integer> ConsoleProxySessionMax = new ConfigKey<>(Integer.class, "consoleproxy.session.max", "Console Proxy", String.valueOf(DEFAULT_PROXY_CAPACITY),
"The max number of viewer sessions console proxy is configured to serve for", false, ConfigKey.Scope.Zone, null);

ConfigKey<Integer> ConsoleProxySessionTimeout = new ConfigKey<>(Integer.class, "consoleproxy.session.timeout", "Console Proxy", String.valueOf(DEFAULT_PROXY_SESSION_TIMEOUT),
"Timeout(in milliseconds) that console proxy tries to maintain a viewer session before it times out the session for no activity", false, ConfigKey.Scope.Zone, null);

ConfigKey<Boolean> ConsoleProxyDisableRpFilter = new ConfigKey<>(Boolean.class, "consoleproxy.disable.rpfilter", "Console Proxy", "true",
"disable rp_filter on console proxy VM public interface", false, ConfigKey.Scope.Zone, null);

ConfigKey<Integer> ConsoleProxyLaunchMax = new ConfigKey<>(Integer.class, "consoleproxy.launch.max", "Console Proxy", "10",
"maximum number of console proxy instances per zone can be launched", false, ConfigKey.Scope.Zone, null);

String consoleProxyManagementStates = Arrays.stream(com.cloud.consoleproxy.ConsoleProxyManagementState.values()).map(Enum::name).collect(Collectors.joining(","));
ConfigKey<String> ConsoleProxyServiceManagementState = new ConfigKey<String>(ConfigKey.CATEGORY_ADVANCED, String.class, "consoleproxy.management.state", com.cloud.consoleproxy.ConsoleProxyManagementState.Auto.toString(),
"console proxy service management state", false, ConfigKey.Kind.Select, consoleProxyManagementStates);

ConfigKey<String> ConsoleProxyManagementLastState = new ConfigKey<String>(ConfigKey.CATEGORY_ADVANCED, String.class, "consoleproxy.management.state.last", com.cloud.consoleproxy.ConsoleProxyManagementState.Auto.toString(),
"last console proxy service management state", false, ConfigKey.Kind.Select, consoleProxyManagementStates);

void setManagementState(ConsoleProxyManagementState state);

ConsoleProxyManagementState getManagementState();
Expand All @@ -72,6 +111,6 @@ void startProxyForHA(VirtualMachine vm, Map<VirtualMachineProfile.Param, Object>

boolean destroyProxy(long proxyVmId);

int getVncPort();
int getVncPort(Long dataCenterId);

}
Loading
Loading