红帽全球峰会附录 F. 在一个独立的机器上安装 Websocket 代理
websocket 代理允许用户通过 noVNC 和 SPICE HTML5 控制台连接到虚拟机。noVNC 客户端使用 websockets 传递 VNC 数据。但是,QEMU 中的 VNC 服务器并不支持 websocket,因此,需要在客户端和 VNC 服务器间使用一个 websocket 代理。这个代理可以运行在任何可以访问网络的机器上(包括 Manager 所在的机器)。
因为安全和性能的原因,用户可能会需要在一台独立的机器上配置 websocket 代理。
注意
对 SPICE HTML5 的支持现在还是一个技术预览(Technology Preview )。技术预览将不被 Red Hat Subscription Service Level Agreements(SLAs)所完全支持,也不能保证它的所有功能都可以正常运行。Technology Preview 功能并不是为当前的生产环境所提供的,但用户可以通过这些功能来尽早接触将来会被使用的新产品技术,同时可以反馈您的意见来完善产品的开发。
本节介绍了如何在一个没有运行 Manager 的机器上安装并配置 websocket 代理的方法。如需了解如何在运行 Manager 的机器上配置 websocket 代理的信息,请参阅 第 3.3 节 “配置 Red Hat Virtualization Manager”。
过程 F.1. 在一台独立的机器上安装和配置 Websocket 代理
- 安装 websocket 代理:
yum install ovirt-engine-websocket-proxy
# yum install ovirt-engine-websocket-proxyCopy to Clipboard Copied! Toggle word wrap Toggle overflow - 运行
engine-setup命令来配置 websocket 代理。engine-setup
# engine-setupCopy to Clipboard Copied! Toggle word wrap Toggle overflow 注意
如果 rhevm 软件包也被安装,则在被询问是否在这个主机上配置引擎时选择No。 - 按 Enter 来允许
engine-setup在机器上配置一个 websocket 代理服务器。Configure WebSocket Proxy on this machine? (Yes, No) [Yes]:
Configure WebSocket Proxy on this machine? (Yes, No) [Yes]:Copy to Clipboard Copied! Toggle word wrap Toggle overflow - 点 Enter 接受自动检测到的主机名(请注意,如果您使用的主机是虚拟机,自动检测到的主机名可能不正确);或输入一个不同的主机名后点 Enter:
Host fully qualified DNS name of this server [host.example.com]:
Host fully qualified DNS name of this server [host.example.com]:Copy to Clipboard Copied! Toggle word wrap Toggle overflow - 按 Enter 允许
engine-setup配置防火墙并打开外部通讯所需的端口。如果不允许engine-setup修改您的防火墙配置,则需要在以后手工打开所需的端口。Setup can automatically configure the firewall on this system. Note: automatic configuration of the firewall may overwrite current settings. Do you want Setup to configure the firewall? (Yes, No) [Yes]:
Setup can automatically configure the firewall on this system. Note: automatic configuration of the firewall may overwrite current settings. Do you want Setup to configure the firewall? (Yes, No) [Yes]:Copy to Clipboard Copied! Toggle word wrap Toggle overflow - 输入 Manager 所在机器的完全限定 DNS 名并点 Enter:
Host fully qualified DNS name of the engine server []: engine_host.example.com
Host fully qualified DNS name of the engine server []: engine_host.example.comCopy to Clipboard Copied! Toggle word wrap Toggle overflow - 按 Enter 允许
engine-setup在 Manager 的机器上执行操作,或按 2 来手工执行这些任务。Setup will need to do some actions on the remote engine server. Either automatically, using ssh as root to access it, or you will be prompted to manually perform each such action. Please choose one of the following: 1 - Access remote engine server using ssh as root 2 - Perform each action manually, use files to copy content around (1, 2) [1]:
Setup will need to do some actions on the remote engine server. Either automatically, using ssh as root to access it, or you will be prompted to manually perform each such action. Please choose one of the following: 1 - Access remote engine server using ssh as root 2 - Perform each action manually, use files to copy content around (1, 2) [1]:Copy to Clipboard Copied! Toggle word wrap Toggle overflow - 按 Enter 接受默认的 SSH 端口号,或输入 Manager 机器的端口号。
ssh port on remote engine server [22]:
ssh port on remote engine server [22]:Copy to Clipboard Copied! Toggle word wrap Toggle overflow - 输入登录到 Manager 机器的 root 密码并按 Enter。
root password on remote engine server engine_host.example.com:
root password on remote engine server engine_host.example.com:Copy to Clipboard Copied! Toggle word wrap Toggle overflow
- 选择是否复查 iptables 规则。
Generated iptables rules are different from current ones. Do you want to review them? (Yes, No) [No]:
Generated iptables rules are different from current ones. Do you want to review them? (Yes, No) [No]:Copy to Clipboard Copied! Toggle word wrap Toggle overflow - 按 Enter 确认配置。
Copy to Clipboard Copied! Toggle word wrap Toggle overflow 如何配置 Manager 机器来使用设置的 websocket 代理的信息会被显示。Copy to Clipboard Copied! Toggle word wrap Toggle overflow - 登录到 Manager 的机器,运行以下命令:
engine-config -s WebSocketProxy=host.example.com:6100 systemctl restart ovirt-engine.service
# engine-config -s WebSocketProxy=host.example.com:6100 # systemctl restart ovirt-engine.serviceCopy to Clipboard Copied! Toggle word wrap Toggle overflow
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}