Hello Lukas, vm console is working kvm guests when I added kvm host to foraman. I could open vm consle with unencrypted option for kvm guest when using spice instead of vnc for libvirt compute resource.. Is there any option to get vm console for vm guests in vmware compute resource with unencrypted connection? Please help me.
[image: Inline image 1] Thanks Laxman On Wed, May 3, 2017 at 8:12 PM, laxman veeturi <[email protected]> wrote: > 192.168.1.16 is my esxi6 host. > i opened ports from 5901 to 5964 on esxi host. > websocket process shows as below: > > [root@ol07frm00 ~]# ps -ef | grep -i web > foreman 8358 1 0 20:06 ? 00:00:00 /usr/bin/python > /usr/share/foreman/extras/noVNC/websockify.py --daemon --idle-timeout=120 > --timeout=120 5916 192.168.1.16:5908 --cert > /etc/puppetlabs/puppet/ssl/certs/ol07frm00.lax.com.pem > --key /etc/puppetlabs/puppet/ssl/private_keys/ol07frm00.lax.com > > I could telnet from my windows workstation to foreman server with port > 5916. But I couldn't telnet from foreman server to > esxi host with port 5908. > > /var/log/foreman/production.log showa as below: > > 2017-05-03 20:06:34 7ee97c1e [app] [D] Starting VNC Proxy: > /usr/share/foreman/extras/noVNC/websockify.py --daemon --idle-timeout=120 > --timeout=120 5916 192.168.1.16:5908 --cert > /etc/puppetlabs/puppet/ssl/certs/ol07frm00.lax.com.pem > --key /etc/puppetlabs/puppet/ssl/private_keys/ol07frm00.lax.com.pem > 2017-05-03 20:06:34 7ee97c1e [app] [D] VNCProxy Error: WebSocket server > settings: > | > 2017-05-03 20:06:34 7ee97c1e [app] [D] VNCProxy Error: - Listen on :5916 > | > 2017-05-03 20:06:34 7ee97c1e [app] [D] VNCProxy Error: - Flash security > policy server > | > 2017-05-03 20:06:34 7ee97c1e [app] [D] VNCProxy Error: - SSL/TLS support > | > 2017-05-03 20:06:34 7ee97c1e [app] [D] VNCProxy Error: - Backgrounding > (daemon) > | > 2017-05-03 20:06:34 7ee97c1e [app] [D] Cache read: websockets_encrypt > 2017-05-03 20:06:34 7ee97c1e [app] [I] Rendered > hosts/console/vnc.html.erb within layouts/application (14.2ms) > 2017-05-03 20:06:34 7ee97c1e [app] [I] Rendered > layouts/_application_content.html.erb (2.6ms) > 2017-05-03 20:06:34 7ee97c1e [app] [D] Cache read: use_gravatar > 2017-05-03 20:06:34 7ee97c1e [app] [I] Rendered > home/_user_dropdown.html.erb (8.1ms) > 2017-05-03 20:06:34 7ee97c1e [app] [D] Cache read: > views/tabs_and_title_records-3 ({:skip_digest=>true}) > 2017-05-03 20:06:34 7ee97c1e [app] [I] Read fragment > views/tabs_and_title_records-3 (1.3ms) > 2017-05-03 20:06:34 7ee97c1e [app] [I] Rendered home/_topbar.html.erb > (55.9ms) > 2017-05-03 20:06:34 7ee97c1e [app] [I] Rendered layouts/base.html.erb > (64.6ms) > 2017-05-03 20:06:34 7ee97c1e [app] [I] Completed 200 OK in 1260ms (Views: > 88.7ms | ActiveRecord: 6.0ms) > > My esxi configureation for vnc as below: > > [root@esxi00:~] more /etc/vmware/firewall/vnc.xml > <ConfigRoot> > <service id='0032'> > <id>VNC</id> > <rule id = '0000'> > <direction>inbound</direction> > <protocol>tcp</protocol> > <porttype>dst</porttype> > <port> > <begin>5901</begin> > <end>5964</end> > </port> > </rule> > <enabled>true</enabled> > </service> > </ConfigRoot> > [root@esxi00:~] more /etc/rc.local.d/local.sh > #!/bin/sh > > # local configuration options > > # Note: modify at your own risk! If you do/use anything in this > # script that is not part of a stable API (relying on files to be in > # specific places, specific tools, specific output, etc) there is a > # possibility you will end up with a broken system after patching or > # upgrading. Changes are not supported unless under direction of > # VMware support. > > # Note: This script will not be run when UEFI secure boot is enabled. > /bin/cp /vmfs/volumes/esxi00/vnc.xml /etc/vmware/firewall/ > /bin/esxcli network firewall refresh > > exit 0 > [root@esxi00:~] esxcli network firewall ruleset list | grep VNC > VNC true > > > Thanks > Laxman > > > On Wed, May 3, 2017 at 7:32 AM, Lukas Zapletal <[email protected]> wrote: > >> Actually you can tell the port from the command line, no need of lsof: >> >> foreman 35142 1 0 19:40 ? 00:00:00 /usr/bin/python >>>> /usr/share/foreman/extras/noVNC/websockify.py --daemon >>>> --idle-timeout=120 --timeout=120 5923 192.168.1.16:5961 --cert >>>> /etc/puppetlabs/puppet/ssl/certs/ol07frm00.lax.com.pem --key >>>> /etc/puppetlabs/puppet/ssl/private_keys/ol07frm00.lax.com.pem >>>> >>> >> Telnet 5923 and not 5961 for this instance. Note the process is killed >> after 2 minutes when there is no traffic. >> >> -- >> Later, >> Lukas @lzap Zapletal >> >> -- >> You received this message because you are subscribed to a topic in the >> Google Groups "Foreman users" group. >> To unsubscribe from this topic, visit https://groups.google.com/d/to >> pic/foreman-users/cat9E877BbU/unsubscribe. >> To unsubscribe from this group and all its topics, send an email to >> [email protected]. >> To post to this group, send email to [email protected]. >> Visit this group at https://groups.google.com/group/foreman-users. >> For more options, visit https://groups.google.com/d/optout. >> > > -- You received this message because you are subscribed to the Google Groups "Foreman users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/foreman-users. For more options, visit https://groups.google.com/d/optout.
