====== Nova RDP Support Configuration======

Nova currently provides support for [[http://en.wikipedia.org/wiki/Virtual_Network_Computing|VNC]] and [[http://en.wikipedia.org/wiki/SPICE_(protocol)|SPICE]] graphical consoles. VNC in particular is the protocol employed natively by most popular hypervisors supported by Nova. [[http://en.wikipedia.org/wiki/Hyper-V|Microsoft Hyper-V]] in this context is a remarkable exception, as it employs the [[http://en.wikipedia.org/wiki/Remote_Desktop_Protocol|Remote Desktop Protocol (RDP)]] for graphical console access, based on [[http://msdn.microsoft.com/en-us/library/jj712081.aspx|Open Specifications]] and implemented by various open source projects.

[[http://www.youtube.com/watch?v=DhBa-IuTQAs|Here]]'s an example video showing an HTML5 RDP console based on [[https://github.com/FreeRDP/FreeRDP|FreeRDP]].


----
===== Configuring Nova for RDP support =====

RDP console configuration is quite straightforward. All you need to do is to add the following configuration settings in your Hyper-V compute node's **nova.conf**:

    [rdp]
    enabled=True
    html5_proxy_base_url=http://10.0.0.1:8000/
  
Where the url specified in the **html5_proxy_base_url** setting is provided by the FreeRDP HTML5 proxy as detailed in the next section.

===== Installing and configuring the FreeRDP HTML5 proxy =====

The FreeRDP HTML5 proxy can be installed on various Linux distributions (currently Ubuntu >= 12.04, RHEL 6.x / CentOS 6.x and Fedora >= 16) or on Microsoft Windows, including Hyper-V Server.

==== Ubuntu 12.04 and above ====

A shell script is provided to simplify the installation of the application and the dependencies, mostly available in source form only.

    sudo apt-get install -y git
    git clone https://github.com/FreeRDP/FreeRDP-WebConnect.git
    cd FreeRDP-WebConnect    
    sudo ./setup_all.sh -f -i
    
At this point the proxy, called **wsgate** can be installed by running:

    sudo make install    

==== wsgate configuration ====

The default configuration file is located here:

    /usr/local/etc/wsgate.ini
    
Change the following options to match your environment configuration:

    [global]
    port = 8000

Note: make sure to open the port in your operating system firewall.

    [openstack]
    authurl = http://10.0.0.1:5000/v2.0
    username = admin
    password = secret
    tenantname = admin

    [hyperv]
    # Credentials used to connect to the Hyper-V hosts when accessing
    # OpenStack instances consoles  

    hostusername = Administrator
    hostpassword = secret

It is also strongly recommended to encrypt the traffic using HTTPS. Here are the relevant parameters, including a PEM file containing both the certificate and the private key.

    [ssl]
    port = 4430
    certfile = /usr/local/etc/wsgate/test.pem
    certpass = verysecret

HTML, CSS and Javascript files are available at the following location for further customization:

    /usr/local/share/wsgate

==== Running wsgate ====
    
wsgate can be executed as a demon with the following instruction:

    wsgate -c /usr/local/etc/wsgate.ini

In case you should prefer to execute wsgate in a shell for debugging purposes, just set:

    [global]
    daemon = false