Hello.
El 05/06/13 06:33, Julien Groselle escribió:
Just one point failed :
The web browser send a request to our proxy which redirect us on a
proxmox node. And if I open a VM Console, proxmox send the request to
the proxy and not to my web browser.
Yes, this is a issue that comes not from a bug, but from design.
I'm not sure what do you mean by "proxmox send the request". My whole
impression is that the web browser implements a VNC client and try to
connect to Proxmox. In your case, instead it connects to the reverse
proxy which of course has no VNC server listening.
I have solved this myself via NAT:
- My reverse proxy has a public IP and a private IP. It has enabled IP
forwarding and fairly simple iptables setup.
- Reverse proxy accepts incoming connections from outside at ports
5900:6000 and DNAT them to the chosen Proxmox node (same that acts as
web backend).
- Reverse proxy accepts forwarding from Proxmox node to outside and does
SNAT on it's external interface.
- The Proxmox node is forced to route outgoing packets from VNC server
via the reverse proxy. This may be done just setting default route or
tricking policy based routing, both work.
The load balance is not possible with this setup, at least not
automatically. But Proxmox's IP is not exposed to the evil Internets.
Greetings.
--
Alexandre Kouznetsov
_______________________________________________
pve-user mailing list
[email protected]
http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
