Closed haiwan-xm closed 4 years ago
I am not quite sure if I understand your question correctly. The language of the web backend (PHP, Java, Python...) does not matter for this tool. The important part is to configure how the login form of the kvm website must be sent to the server. See the configuration section for more details. You can use the web inspector of your browser to get the correct configuration values.
tks , IngoHeimbach Glad to hear from you. now we use php write a manage website . we have trouble. no understand how to use php wss use websocket start novnc see docker running java image. i wish get your guidance
https://www.idcsmart.com/index/view/images/media/customerCase-04.gif we just want study this , use novnc docker running server IPMI java.jnlp .and use html see server state.
So, you would like to embed noVNC into a PHP generated web site to access a Java WebStart application in a Docker container? If I didn't understand it correctly, could you please explain more details? Thanks.
yes. forexample this gig image demo.
we share api { "info": { "_postman_id": "78ae4434-eac9-4931-9896-5fe847b50f14", "name": "vnc api", "schema": "https://schema.getpostman.com/json/collection/v2.1.0/collection.json" }, "item": [ { "name": "检察api状态", "request": { "method": "POST", "header": [ { "key": "Content-Type", "name": "Content-Type", "value": "application/json", "type": "text" } ], "body": { "mode": "raw", "raw": "{\n\t\"UUID\":\"c09291f1-120b-428a-bab3-7211736fe796\"\n}\n", "options": { "raw": { "language": "json" } } }, "url": { "raw": "https://ip:9102/ipmi/api", "protocol": "https", "host": [ "154", "218", "2", "10" ], "port": "9102", "path": [ "ipmi", "api" ] } }, "response": [] }, { "name": "创建docker进程", "request": { "method": "POST", "header": [ { "key": "Content-Type", "name": "Content-Type", "value": "application/json", "type": "text" } ], "body": { "mode": "raw", "raw": "{\n\t\"UUID\":\"c09291f1-120b-428a-bab3-7211736fe796\",\n\t\"name\":\"test\",\n\t\"image_version\":\"java6_ipmi\",\n\t\"port\":7788\n}\n", "options": { "raw": { "language": "json" } } }, "url": { "raw": "https://ip:9102/ipmi/docker/vnc/create", "protocol": "https", "host": [ "154", "218", "2", "10" ], "port": "9102", "path": [ "ipmi", "docker", "vnc", "create" ] } }, "response": [] }, { "name": "删除docker进程", "request": { "method": "POST", "header": [ { "key": "Content-Type", "name": "Content-Type", "value": "application/json", "type": "text" } ], "body": { "mode": "raw", "raw": "{\n\t\"UUID\":\"c09291f1-120b-428a-bab3-7211736fe796\",\n\t\"name\":\"test\"\n}\n", "options": { "raw": { "language": "json" } } }, "url": { "raw": "https://ip:9102/ipmi/docker/vnc/remove", "protocol": "https", "host": [ "154", "218", "2", "10" ], "port": "9102", "path": [ "ipmi", "docker", "vnc", "remove" ] } }, "response": [] }, { "name": "获取docker进程列表", "request": { "method": "POST", "header": [ { "key": "Content-Type", "name": "Content-Type", "value": "application/json", "type": "text" } ], "body": { "mode": "raw", "raw": "{\n\t\"UUID\":\"c09291f1-120b-428a-bab3-7211736fe796\"\n}\n", "options": { "raw": { "language": "json" } } }, "url": { "raw": "https://ip:9102/ipmi/docker/vnc/list", "protocol": "https", "host": [ "154", "218", "2", "10" ], "port": "9102", "path": [ "ipmi", "docker", "vnc", "list" ] } }, "response": [] }, { "name": "下载java数据", "request": { "method": "POST", "header": [ { "key": "Content-Type", "name": "Content-Type", "value": "application/json", "type": "text" } ], "body": { "mode": "raw", "raw": "{\n\t\"UUID\":\"c09291f1-120b-428a-bab3-7211736fe796\",\n\t\"name\":\"test\",\n\t\"ipmi_ip\":\"\",\n\t\"jnlp_data\":\"\"\n}\n", "options": { "raw": { "language": "json" } } }, "url": { "raw": "https://ip:9102/ipmi/download/jnlp", "protocol": "https", "host": [ "154", "218", "2", "10" ], "port": "9102", "path": [ "ipmi", "download", "jnlp" ] } }, "response": [] } ], "protocolProfileBehavior": {} } below is other .sh
install.sh
echo "Please select the installation source you need to use china(y) or USA(n)"
read -p "type the y or n to choose:" DEB_SOURCES
if [ "$DEB_SOURCES" = "y" -o "$DEB_SOURCES" = "Y" ];then
REM=''
else
REM='# '
fi
rm -rf /home/novnc/*
mkdir -p /home/novnc
mkdir -p /home/novnc/tmp
cd /home/novnc
yum -y install wget
if [ ! -f "jre-6u45-linux-x64.bin" ];then
echo "start to download jre-6u45-linux-x64.bin ...!"
wget https://raw.githubusercontent.com/129129/novnc/master/jre-6u45-linux-x64.bin
else
continue
fi
if [ ! -f "websockify.tar.gz" ];then
echo "start to download websockify.tar.gz ...!"
wget https://raw.githubusercontent.com/129129/novnc/master/websockify.tar.gz
else
continue
fi
yum -y install epel-release
yum -y install supervisor docker python36 python36-pip python36-pyOpenSSL ipmitool numpy
/usr/bin/pip3 install flask docker
UUIDGEN=uuidgen
cat > config.conf << EOF
[default]
UUID = $UUIDGEN
ip =
EOF
cat > Dockerfile << EOF
FROM ubuntu:16.04
MAINTAINER zhsrain
ENV DEBIAN_FRONTEND noninteractive
WORKDIR /root/
${REM}ADD sources.list /etc/apt/sources.list
RUN apt-get update
RUN apt-get -y install xvfb x11vnc supervisor fluxbox
ADD jre-6u45-linux-x64.bin /root/
RUN chmod +x /root/jre-6u45-linux-x64.bin
RUN /root/jre-6u45-linux-x64.bin
ADD init /root/.fluxbox/init
ADD menu /root/.fluxbox/menu
ADD keys /root/.fluxbox/keys
ADD black.png /usr/share/images/fluxbox/ubuntu-light.png
ADD supervisord.conf /etc/supervisor/conf.d/
ENTRYPOINT ["/usr/bin/supervisord"]
ENV DISPLAY :0
EOF
cat > /etc/docker/daemon.json << EOF
{
"bip": "10.255.254.1/24"
}
EOF
cat > sources.list << EOF
deb http://mirrors.aliyun.com/ubuntu/ trusty main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ trusty-security main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ trusty-updates main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ trusty-proposed main restricted universe multiverse
deb http://mirrors.aliyun.com/ubuntu/ trusty-backports main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty-security main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty-updates main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty-proposed main restricted universe multiverse
deb-src http://mirrors.aliyun.com/ubuntu/ trusty-backports main restricted universe multiverse
EOF
echo "iVBORw0KGgoAAAANSUhEUgAAAAQAAAADCAAAAACRn/EaAAAACXBIWXMAABYlAAAWJQFJUiTwAAAAC0lEQVQImWNgQAEAAA8AAa1dsIkAAAAASUVORK5CYII=" |base64 -d > black.png
cat > init << EOF
session.menuFile: ~/.fluxbox/menu
session.keyFile: ~/.fluxbox/keys
session.styleFile: /usr/share/fluxbox/styles//ubuntu-light
session.configVersion: 13
session.screen0.toolbar.visible: false
EOF
cat > keys << EOF
OnTitlebar Move1 :StartMoving
EOF
cat > menu << EOF
[begin] (ipmi-java-vnc)
[restart] ('reload')
[end]
EOF
cat > /etc/supervisord.d/api.ini << EOF
[program:api]
command=/usr/bin/python3 ipmi_proxy_api.py
directory=/home/novnc
priority=1
numprocs=1
autostart=true
autorestart=true
startretries=10
stopasgroup=true
killasgroup=true
stopsignal=KILL
redirect_stderr=true
EOF
cat > /etc/supervisord.d/websockify.ini << EOF
[program:websockify]
command=/home/novnc/websockify/run --target-config /home/novnc/token 0.0.0.0:9103
directory=/home/novnc
priority=1
numprocs=1
autostart=true
autorestart=true
startretries=10
stopasgroup=true
killasgroup=true
stopsignal=KILL
redirect_stderr=true
EOF
cat > supervisord.conf << EOF
[supervisord]
nodaemon=true
[program:X11]
command=/usr/bin/Xvfb :0 -screen 0 1280x960x16
autorestart=true
[program:x11vnc]
command=/usr/bin/x11vnc -shared
autorestart=true
[program:fluxbox]
command=/usr/bin/fluxbox
autorestart=true
EOF
cat > ipmi_proxy_api.py << 'EOF'
import json import configparser from flask import Flask, jsonify, request from subprocess import call from base64 import b64encode from base64 import b64decode from time import sleep import docker from threading import Thread
def check_java(name): try: sleep(10) client = docker.from_env() instance = client.containers.get(name) while True: if str(instance.top()).find('/bin/java') == -1: instance.remove(force=True) return True sleep(3) finally: return False
def check_auth(client_UUID, client_ip): try: config = configparser.ConfigParser() config.read('config.conf') server_UUID = config.get("default", "UUID") try: server_ip = config.get("default", "ip") except: server_ip = '' print([client_UUID, client_ip, server_UUID, server_ip]) if server_ip == '': config.set(section='default', option='ip', value=client_ip) with open('config.conf', 'w') as config_file: config.write(config_file) if client_UUID != server_UUID or client_ip != server_ip: return False else: return True except: return False
app = Flask(name)
@app.route("/ipmi/proxy/token", methods=['POST']) def token(): data = json.loads(request.get_data(as_text=True)) if check_auth(data['UUID'], request.remote_addr) is False: return jsonify({"status": "error", "message": b64encode('授权码错误.'.encode('utf-8')).decode()}) print(data) with open('token', 'w') as config_file: config = data['token'] + ': 127.0.0.1:' + data['port'] config_file.write(config) return jsonify({"status": "success", "message": b64encode('token写入成功.'.encode('utf-8')).decode()})
@app.route("/ipmi/docker/vnc/create", methods=['POST']) def docker_run(): data = json.loads(request.get_data(as_text=True)) if check_auth(data['UUID'], request.remote_addr) is False: return jsonify({"status": "error", "message": b64encode('授权码错误.'.encode('utf-8')).decode()}) print(data) image_name = 'xzxzxz/ubuntu_vnc:' + data['image_version'] print(image_name) try: client = docker.from_env() client.containers.create(image=image_name, name=data['name'], ports={'5900': data['port']}, detach=True) call(['/usr/bin/docker', 'cp', '/home/novnc/supervisord.conf', data['name'] + ':/etc/supervisor/conf.d/supervisord.conf']) instance = client.containers.get(data['name']) instance.start() except docker.errors.APIError as message: return jsonify({"status": "error", "message": b64encode('容器操作失败.'.encode('utf-8')).decode(), "message2": bytes.decode(message)}) return jsonify({"status": "success", "message": None})
@app.route("/ipmi/docker/vnc/remove", methods=['POST']) def docker_remove(): data = json.loads(request.get_data(as_text=True)) if check_auth(data['UUID'], request.remote_addr) is False: return jsonify({"status": "error", "message": b64encode('授权UUID或IP错误.'.encode('utf-8')).decode()}) try: client = docker.from_env() except Exception as message: return jsonify({"status": "error", "message": b64encode('容器服务连接失败.'.encode('utf-8')).decode(), "message2": message}) print(data) docker_name = data['name'] try: instance = client.containers.get(docker_name) instance.remove(force=True) except docker.errors.APIError as message: return jsonify({"status": "error", "message": b64encode('容器操作失败.'.encode('utf-8')).decode(), "message2": message}) return jsonify({"status": "success", "message": None})
@app.route("/ipmi/docker/vnc/list", methods=['POST']) def docker_list(): data = json.loads(request.get_data(as_text=True)) if check_auth(data['UUID'], request.remote_addr) is False: return jsonify({"status": "error", "message": b64encode('授权UUID或IP错误.'.encode('utf-8')).decode()}) try: client = docker.from_env() except Exception as message: return jsonify({"status": "error", "message": b64encode('容器服务连接失败.'.encode('utf-8')).decode(), "message2": message}) print(data) containers_list = client.containers.list(all=True) docker_list = [] for container in containers_list: docker_list.append({'name': container.name, 'status': container.status}) return jsonify({"status": "success", "docker_list": docker_list})
@app.route("/ipmi/download/jnlp", methods=['POST']) def download_jnlp(): data = json.loads(request.get_data(as_text=True)) if check_auth(data['UUID'], request.remote_addr) is False: return jsonify({"status": "error", "message": b64encode('授权UUID或IP错误.'.encode('utf-8')).decode()}) try: client = docker.from_env() except Exception as message: return jsonify({"status": "error", "message": b64encode('容器服务连接失败.'.encode('utf-8')).decode(), "message2": message}) print(data) docker_name = data['name'] ipmi_ip = data['ipmi_ip'] jnlp_file_data = data['jnlp_data'] jnlp_file = '/home/novnc/tmp/' + ipmi_ip + '.jnlp' docker_file = docker_name + ':/root/start.jnlp' if jnlp_file_data is None: return jsonify({'status': 'error', "message": b64encode('JNLP文件错误,请重置后再次重试.'.encode('utf-8')).decode(), "message2": 'JNLP file is none'}) with open(jnlp_file, 'w') as file: data_jnlp = b64decode(jnlp_file_data).decode() file.write(data_jnlp) try: instance = client.containers.get(docker_name) if str(instance.top()).find('/bin/java') > 0: instance.restart() call(['/usr/bin/docker', 'cp', jnlp_file, docker_file]) instance.exec_run(['/root/jre1.6.0_45/bin/javaws', '/root/start.jnlp'], stdout=False, stderr=False) Thread(target=check_java, args=(docker_name, )).start() except Exception as message: return jsonify({"status": "error", "message": b64encode('JNLP文件运行失败,请重置后再连接.'.encode('utf-8')).decode(), "message2": message}) return jsonify({"status": "success"})
@app.route("/ipmi/api", methods=['POST']) def status(): data = json.loads(request.get_data(as_text=True)) if check_auth(data['UUID'], request.remote_addr) is False: return jsonify({"status": "error", "message": b64encode('授权UUID或IP错误.'.encode('utf-8')).decode()}) return jsonify({'status': 'success'})
if name == 'main':
app.run(host='0.0.0.0', port=9102, ssl_context='adhoc')
EOF
tar zxvf websockify.tar.gz
systemctl enable docker
systemctl start docker
docker_list=docker ps -a -q
if [ -n "$docker_list" ];then
docker rm -f ${docker_list}
fi
images_list=docker images | grep xzxzxz |awk '{print $3}'
if [ -n "$images_list" ];then
docker rmi -f ${images_list}
fi
supervisorctl -c /etc/supervisord.conf stop all > /dev/null
docker build -t xzxzxz/ubuntu_vnc:java6_ipmi .
systemctl enable supervisord
systemctl start supervisord
systemctl enable firewalld
systemctl start firewalld
firewall-cmd --zone=public --add-port=9102/tcp --permanent
firewall-cmd --zone=public --add-port=9103/tcp --permanent
firewall-cmd --reload
How can I help? This project uses a qt-based browser to display noVNC and to access the Java Webstart application inside the docker container. I think you could remove the Qt part and directly embed noVNC into your PHP generated website after you started a Docker container somewhere on the server side. Please feel free to reuse parts of our code since it is under MIT license.
we just no understand how to use php running this .
This project has two parts: a Docker container which isolates Java and which uses noVNC as an interface. The other part is a Python script to be more convenient for the end user (setting up Docker, presenting a command line interface etc.). I think you could remove the Python part completely, setup Docker in your PHP application (for example with a setup script which is similar to kvm.py and is called by PHP exec or a similar function). However, I am not a PHP programmer. Maybe there is a better way of doing this.
tks,IngoHeimbach
hi happy new year. so do you this docker running demo let me see. tks
php how to config this? this good produckt. we how to use php website config this nojava-ipmi-kvm