As part of the blueprint https://blueprints.launchpad.net/nova/+spec/serial-ports we introduced an API extension and a websocket proxy binary. The problem with the 2 is that a lot of the stuff was copied verbatim from the novnc-proxy API and service which relies heavily on the internal implementation details of NoVNC and python-websockify libraries.
We should not ship a service that will proxy websocket traffic if we do not acutally serve a web-based client for it (in the NoVNC case, it has it's own HTML5 VNC implementation that works over ws://). No similar thing was part of the proposed (and accepted) implementation. The websocket proxy based on websockify that we currently have actually assumes it will serve static content (which we don't do for serial console case) which will then when excuted in the browser initiate a websocket connection that sends the security token in the cookie: field of the request. All of this is specific to the NoVNC implementation (see: https://github.com/kanaka/noVNC/blob/e4e9a9b97fec107b25573b29d2e72a6abf8f0a46/vnc_auto.html#L18) and does not make any sense for serial console functionality.
The proxy service was introduced in https://review.openstack.org/#/c/113963/
In a similar manner - the API that was proposed and implemented (in https://review.openstack.org/#/c/113966/) that gives us back the URL with the security token makes no sense for the same reasons outlined above.
We should revert at least these 2 patches before the final Juno release as we do not want to ship a useless service and commit to a useles API method.
We could then look into providing similar functionality through possibly something like https://github.com/chjj/term.js which will require us to write a different proxy service.
Fix proposed to branch: master
Review: https:/