[Openstack] Horizon + vncproxy: ports 443+6080, and restrictive firewalls: best practise?
Don Waterloo
don.waterloo at gmail.com
Tue Dec 2 13:54:37 UTC 2014
So my setup is pretty vanilla. Horizon runs on port 443 front-ended by nginx
(all services on my system are ssl).
On the same host runs vncproxy on port 6080 (ssl).
The problem I run into is, in some environments, the local firewall only
allows
port 443 out (e.g. some guest wifi locations). This means that generally
horizon works, but the console times out.
Now of course I could force the users to VPN to somewhere and then use
it, but that adds latency and complexity. I would prefer if I could find a
way
to run vncproxy through the nginx.
Is anybody doing this? announcing the vncproxy on the same port as
horizon? If so, how?
I see that nginx (e.g. http://nginx.com/blog/websocket-nginx/) has some
support
for websocket proxy, but I was unsuccessful in getting this to work.
Any suggestions from someone else who has hit this issue?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20141202/75b02399/attachment.html>
More information about the Openstack
mailing list