Re: [foreman-dev] vmware html5 console support
For us, being prompted for a password is not a dealbreaker. I have a pet project to investigate using vcenter SSO for 3rd party logins down the line, so that might be something that can benefit foreman as well. Mike E. On Tuesday, May 9, 2017 at 4:56:09 AM UTC-5, Timo Goebel wrote: > > > Am Montag, 8. Mai 2017 18:27:58 UTC+2 schrieb Michael Eklund: >> >> I would be happy to help with testing. IMO this is a killer feature. >> > > I created some code to test this. [1] Unfortunately pre-authentication > does not work with vsphere > 6 as it always requires SSO. > > Great idea, but it does not work. > > Timo > > [1] https://gist.github.com/timogoebel/c8a915dc4fae9b79c8733cc7a2796038 > -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [foreman-dev] vmware html5 console support
Am Montag, 8. Mai 2017 18:27:58 UTC+2 schrieb Michael Eklund: > > I would be happy to help with testing. IMO this is a killer feature. > I created some code to test this. [1] Unfortunately pre-authentication does not work with vsphere > 6 as it always requires SSO. Great idea, but it does not work. Timo [1] https://gist.github.com/timogoebel/c8a915dc4fae9b79c8733cc7a2796038 -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [foreman-dev] vmware html5 console support
If you have not found it here is an article about generating a auth'd ticket with example perl script. http://www.virtuallyghetto.com/2013/09/how-to-generate-pre-authenticated-html5.html On Monday, May 8, 2017 at 10:48:36 AM UTC-5, Timo Goebel wrote: > > Mike, > > This sound very interesting. If I got that right, you can even gerate a > pre-authenticated console url that is valid only once. [1] > > Foreman could use the compute resource's permission to generate such a > link and then redirect the user to that url without leaking the compute > resource's credentials. > > If you're fine with this and time allows, I'll try to create a PR for > this. Would you be able to test this? > > Timo > > -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [foreman-dev] vmware html5 console support
looks like the link is simplified further if you are using the remote client as well: vmrc://vcenter.example.com/?moid=vm-221 You only need the vm.mo_ref. Though you will be prompted for vcenter username/password. they support linux, mac, and windows and it can be downloaded here: https://my.vmware.com/en/web/vmware/details?downloadGroup=VMRC90=491 On Monday, May 8, 2017 at 10:48:36 AM UTC-5, Timo Goebel wrote: > > Mike, > > This sound very interesting. If I got that right, you can even gerate a > pre-authenticated console url that is valid only once. [1] > > Foreman could use the compute resource's permission to generate such a > link and then redirect the user to that url without leaking the compute > resource's credentials. > > If you're fine with this and time allows, I'll try to create a PR for > this. Would you be able to test this? > > Timo > > -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [foreman-dev] vmware html5 console support
I would be happy to help with testing. IMO this is a killer feature. On Monday, May 8, 2017 at 10:48:36 AM UTC-5, Timo Goebel wrote: > > Mike, > > This sound very interesting. If I got that right, you can even gerate a > pre-authenticated console url that is valid only once. [1] > > Foreman could use the compute resource's permission to generate such a > link and then redirect the user to that url without leaking the compute > resource's credentials. > > If you're fine with this and time allows, I'll try to create a PR for > this. Would you be able to test this? > > Timo > > -- You received this message because you are subscribed to the Google Groups "foreman-dev" group. To unsubscribe from this group and stop receiving emails from it, send an email to foreman-dev+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[foreman-dev] vmware html5 console support
I am interested in support for the html5 console for vmware in place of the
vnc console. I have a proof of concept of sorts by overwriting the
vm_console call in compute_resources_vms_helper.rb. The jist of it is a
url that looks like this:
html5_link =
"https://#{vcenter_url}:9443/vsphere-client/webconsole.html?vmId=#{vm.mo_ref}=#{vm.name}=#{server_guid}=en_US=#{vcenter_url}:443=cst-VCT=#{cert_sha1_thumbprint};
The vm variables are all natively supported. I am not sure if the server
guid and server certificate sha1 thumbprint are collected.
This should be supported in vcenter 6+, possibly 5.5+. I would be happy to
work on a better implementation then my hack, if there is interest and I
could get some guidance on what might be the best way to implement this.
Thanks,
Mike E.
--
You received this message because you are subscribed to the Google Groups
"foreman-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to foreman-dev+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
