Table of Contents

Nova RDP Support Configuration

Nova currently provides support for VNC and SPICE graphical consoles. VNC in particular is the protocol employed natively by most popular hypervisors supported by Nova. Microsoft Hyper-V in this context is a remarkable exception, as it employs the Remote Desktop Protocol (RDP) for graphical console access, based on Open Specifications and implemented by various open source projects.

Here's an example video showing an HTML5 RDP console based on FreeRDP.


Configuring Nova for RDP support

RDP console configuration is quite straightforward. All you need to do is to add the following configuration settings in your Hyper-V compute node's nova.conf:

  [rdp]
  enabled=True
  html5_proxy_base_url=http://10.0.0.1:8000/

Where the url specified in the html5_proxy_base_url setting is provided by the FreeRDP HTML5 proxy as detailed in the next section.

Installing and configuring the FreeRDP HTML5 proxy

The FreeRDP HTML5 proxy can be installed on various Linux distributions (currently Ubuntu >= 12.04, RHEL 6.x / CentOS 6.x and Fedora >= 16) or on Microsoft Windows, including Hyper-V Server.

Ubuntu 12.04 and above

A shell script is provided to simplify the installation of the application and the dependencies, mostly available in source form only.

  sudo apt-get install -y git
  git clone https://github.com/FreeRDP/FreeRDP-WebConnect.git
  cd FreeRDP-WebConnect    
  sudo ./setup_all.sh -f -i
  

At this point the proxy, called wsgate can be installed by running:

  sudo make install    

wsgate configuration

The default configuration file is located here:

  /usr/local/etc/wsgate.ini
  

Change the following options to match your environment configuration:

  [global]
  port = 8000

Note: make sure to open the port in your operating system firewall.

  [openstack]
  authurl = http://10.0.0.1:5000/v2.0
  username = admin
  password = secret
  tenantname = admin
  [hyperv]
  # Credentials used to connect to the Hyper-V hosts when accessing
  # OpenStack instances consoles  
  hostusername = Administrator
  hostpassword = secret

It is also strongly recommended to encrypt the traffic using HTTPS. Here are the relevant parameters, including a PEM file containing both the certificate and the private key.

  [ssl]
  port = 4430
  certfile = /usr/local/etc/wsgate/test.pem
  certpass = verysecret

HTML, CSS and Javascript files are available at the following location for further customization:

  /usr/local/share/wsgate

Running wsgate

wsgate can be executed as a demon with the following instruction:

  wsgate -c /usr/local/etc/wsgate.ini

In case you should prefer to execute wsgate in a shell for debugging purposes, just set:

  [global]
  daemon = false