[openstack-dev] Use spice-html5proxy to connect to spice tls port

Meghal Gosalia meghal at yahoo-inc.com
Sat Mar 1 00:47:30 UTC 2014


Hi folks,

Has there been any discussion in the community
for using nova-spicehtml5proxy to connect to spice tls port ?

For example, if a vm is booted using qemu by enabling spice_tls mode in qemu.conf,
it enables tls encryption on spice server for that vm.

nova-spicehtml5proxy is based on websockify, which supports ssl wrapped sockets.
It would be great, if nova-spicehtml5proxy could decide based on config param in nova.conf
regarding use of normal sockets or ssl wrapped sockets to connect to spice server.

This would ensure SSL encryption from spice proxy to spice server.
Are there any concerns with this approach ?

Thanks,
Meghal

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140301/56479ac2/attachment.pgp>


More information about the OpenStack-dev mailing list