Jump to: navigation, search

Difference between revisions of "GuestAgent"

m (Text replace - "NovaSpec" to "NovaSpec")
 
(7 intermediate revisions by 4 users not shown)
Line 1: Line 1:
__NOTOC__
 
== Guest Agent ==
 
  
Live Notes may be taken for this topci at: http://etherpad.openstack.org/GuestAgent
+
<!-- ##(see the [[SpecSpec]] for an explanation) -->
 +
* '''Launchpad Entry''': NovaSpec:resize-servers
 +
* '''Created''': 2010-09-01
 +
* '''Contributors''': [[JesseAndrews]], [[ChrisBehrens]]
 +
 
 +
== Summary ==
 +
 
 +
The feature will allow communication with a guest agent from compute node controller. This allows cloud controller APIs to be added for user controlled password reset, settings ips, ... - allowing windows support.
 +
 
 +
== Design Summit Notes ==
 +
 
 +
Live Notes were be taken for this topic at: http://etherpad.openstack.org/GuestAgent
  
 
=== Current architecture of the Rackspace Guest Agents ===
 
=== Current architecture of the Rackspace Guest Agents ===
 +
 +
App -> Host ([[XenStore]]) <-> Guest Agent
 +
 +
See the [[GuestAgentXenStoreCommunication]] wiki entry for more information.  Details about the 'protocol' used for the [[XenStore]] communication is contained there.  Requests and responses are encoded in JSON.
 +
 +
The format of the requests are:
 +
 +
<pre><nowiki>
 +
"{'name': '<command_name>', 'value': '<command_args>'}"
 +
</nowiki></pre>
 +
 +
 +
Responses are:
 +
 +
<pre><nowiki>
 +
"{'returncode': '<response_code>', 'message': '<response_string>'}"
 +
</nowiki></pre>
 +
  
 
Current commands on Guest Agents (Linux/Windows):
 
Current commands on Guest Agents (Linux/Windows):
* Get current version
 
* Reset password
 
* Ready/Available?
 
* Reset network
 
* Update Agent
 
* Activate License (windows only)
 
* Initiate Key for encryption mechanism of password reset
 
* File injection
 
  
=== Making the agents hypervisor agnostic ===
+
{| border="1" cellpadding="2" cellspacing="0"
 +
| '''Description'''
 +
| '''Command'''
 +
| '''Command Arguments'''
 +
| '''Response Code'''
 +
|-
 +
| Get version info from the agent
 +
| "version"
 +
|  "agent" or "xentools" or "updater"
 +
|  "0"
 +
|-
 +
| Get a list of agent features
 +
| "features"
 +
| ""
 +
| "0"
 +
|-
 +
| Do a Diffie-Hellman Key Exchange
 +
| "keyinit"
 +
| local public key
 +
| "D0"
 +
|-
 +
| (Re)set root password
 +
| "password"
 +
| encrypted password
 +
| "0"
 +
|-
 +
| Configure the networking
 +
| "resetnetwork"
 +
| ""
 +
| "0"
 +
|-
 +
| Update the agent
 +
| "agentupdate"
 +
| "URL,MD5SUM"
 +
| "0"
 +
|-
 +
| Inject a file
 +
| "injectfile"
 +
| base64 encoding of "file_path,file_contents"
 +
| "0"
 +
|-
 +
| Guest is ready/available?
 +
 +
 +
 +
|-
 +
| Update [[XenTools]] (Windows only)
 +
 +
 +
 +
|-
 +
| KMS Licensing (Windows only)
 +
 +
 +
 +
|}
  
=== Requirements ===
+
=== Considerations ===
  
=== Considerations ===
 
 
1. What happens when a client/customer kills the guest agent or disables the startup?
 
1. What happens when a client/customer kills the guest agent or disables the startup?
 +
2. Agents should be hypervisor agnostic/support many hypervisors
 +
 +
<!-- ##(see the [[SpecSpec]] for an explanation) -->
 +
* '''Launchpad Entry''': NovaSpec:resize-servers
 +
* '''Created''': 2010-09-01
 +
* '''Contributors''': [[JesseAndrews]]
 +
 +
== Summary ==
 +
 +
The feature will allow communication with a guest agent from compute node controller. This allows cloud controller APIs to be added for user controlled password reset, settings ips, ... - allowing windows support.
 +
 +
== Release Note ==
 +
 +
Support has been added to [[OpenStack]] compute host agent code to support communication with guest agents. 
 +
 +
== Rationale ==
 +
 +
Windows instances cannot be configured similarly to linux machines.  Supporting them as well as tools that provide for better user experience (such as password reset) provide rackspace/slicehost parity.
 +
 +
== User stories ==
 +
 +
A user forgets their password.  Rather than having to use rescue mode to reset the password, the user may have the password reset by using an API.
 +
 +
== Assumptions ==
 +
 +
* guest agent code for both Unix and Windows is available and licensed under Apache 2.0.  They're available at https://launchpad.net/openstack-guest-agents
 +
 +
== Design ==
 +
 +
To communicate with guest agents, we use the [[XenStore]] in [[XenServer]]. 
 +
 +
== Implementation ==
 +
 +
API additions:
 +
* reset password
 +
 +
Messages are written to [[XenStore]] using xenstore-write for each instance via /local/domain/(domid)/data/guest/(message_uuid)
 +
 +
== Test/Demo Plan ==
 +
 +
----
 +
[[Category:Spec]]

Latest revision as of 23:31, 17 February 2013

Summary

The feature will allow communication with a guest agent from compute node controller. This allows cloud controller APIs to be added for user controlled password reset, settings ips, ... - allowing windows support.

Design Summit Notes

Live Notes were be taken for this topic at: http://etherpad.openstack.org/GuestAgent

Current architecture of the Rackspace Guest Agents

App -> Host (XenStore) <-> Guest Agent

See the GuestAgentXenStoreCommunication wiki entry for more information. Details about the 'protocol' used for the XenStore communication is contained there. Requests and responses are encoded in JSON.

The format of the requests are:

"{'name': '<command_name>', 'value': '<command_args>'}"


Responses are:

"{'returncode': '<response_code>', 'message': '<response_string>'}"


Current commands on Guest Agents (Linux/Windows):

Description Command Command Arguments Response Code
Get version info from the agent "version" "agent" or "xentools" or "updater" "0"
Get a list of agent features "features" "" "0"
Do a Diffie-Hellman Key Exchange "keyinit" local public key "D0"
(Re)set root password "password" encrypted password "0"
Configure the networking "resetnetwork" "" "0"
Update the agent "agentupdate" "URL,MD5SUM" "0"
Inject a file "injectfile" base64 encoding of "file_path,file_contents" "0"
Guest is ready/available?
Update XenTools (Windows only)
KMS Licensing (Windows only)

Considerations

1. What happens when a client/customer kills the guest agent or disables the startup? 2. Agents should be hypervisor agnostic/support many hypervisors

  • Launchpad Entry: NovaSpec:resize-servers
  • Created: 2010-09-01
  • Contributors: JesseAndrews

Summary

The feature will allow communication with a guest agent from compute node controller. This allows cloud controller APIs to be added for user controlled password reset, settings ips, ... - allowing windows support.

Release Note

Support has been added to OpenStack compute host agent code to support communication with guest agents.

Rationale

Windows instances cannot be configured similarly to linux machines. Supporting them as well as tools that provide for better user experience (such as password reset) provide rackspace/slicehost parity.

User stories

A user forgets their password. Rather than having to use rescue mode to reset the password, the user may have the password reset by using an API.

Assumptions

Design

To communicate with guest agents, we use the XenStore in XenServer.

Implementation

API additions:

  • reset password

Messages are written to XenStore using xenstore-write for each instance via /local/domain/(domid)/data/guest/(message_uuid)

Test/Demo Plan