Anxbbq commented on issue #8349: URL: https://github.com/apache/cloudstack/issues/8349#issuecomment-1857628277
> @rajujith This issue boils down to the use case of ACS. > > 1. Modern large scale deployments won't allow ACS to be a front facing infrastructure unit. ACS will be hidden behind hardware (NetScaler, F5, Nicara) or software Edge/Application load balancers. > 2. IPv4 is a scarce resource and its price only keeps growing. It's expensive to get a formidable range here in Russia and virtually impossible to buy own. > 3. In my case, I have ALB in front of ACS and use a subdomain routing to access it, e.g `acs.example.com/ui -> cloudstack.ip.local:8080/client` > 4. In my case, I have ALB in front of ACS and use RFC 1918 for all ACS ranges, including `public`. > That's why `CPVM` link looks like this: `http://192.168.1.21/resource/noVNC/vnc.html?autoconnect=true&port=8080&token=oW2Df...` which can't connect to an application VM in a `vpc subnet` > > My network map looks like below. I imagine a similar setup to be used in most modern deployments with limited IPv4 range, server and cloud resources  I deployed cloudstack on a remote machine, and allocated private IP to the vms, and i cant access the vm console through UI on my own computer. Now I have solved this using nginx to proxy noVnc and websocket in consoleProxy. **1**,change the port of management-server to 8088(anyone else except 8080,because the websocket in CPVM use this port as default) **2**, config the nginx (server part) like, ` server { listen 8080; server_name acs.example.com; location /websockify { proxy_pass http://192.168.xxx.xxx:8080/websockify; # IP address of Console Proxy proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection 'upgrade'; proxy_set_header Host $host; proxy_set_header Sec-WebSocket-Extensions $http_sec_websocket_extensions; proxy_set_header Sec-WebSocket-Key $http_sec_websocket_key; proxy_set_header Sec-WebSocket-Protocol $http_sec_websocket_protocol; proxy_set_header Sec-WebSocket-Version $http_sec_websocket_version; } } server { listen 80; server_name acs.example.com; root /usr/share/nginx/html; location / { proxy_pass http://192.168.xxx.xxx; # IP of Console Proxy proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $host; } } ` **3**, edit /etc/hosts, add this, `10.122.xxx.xxx (the public ip of the machine where the management server deployed) asc.example.com` **4**, if use another computer to access the vm console,make sure it can access the machine which cloudstack deployed, then add `10.122.xxx.xxx asc.example.com` to the computer's hosts mapping file. **5** set the Globle param "consoleproxy.url.domain"= acs.example.com if the configuration is correct, we can access the vm console. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
