====== 02 OpenStack base Console ======

===== Console Proxy =====

[[https://blog.gnuoy.eu/2014/09/openstack-guest-console-access-with-juju.html]]


===== JuJu Gui =====

JuJu Guiから
nova-cloud-controller で console-proxy-ip をグローバルのアドレスに変更（hogehoge.comなど）

今回は、下記に変更
100.100.100.250

==== console-proxy-ipを変更するとConsoleのアドレスが下記のように変わる ====

<code>
@maasvm-dev:~$ nova get-vnc-console 4334cf29-a393-4ac5-baa0-f9fb49df6da8 novnc
+-------+-----------------------------------------------------------------------------------------------+
| Type  | Url                                                                                           |
+-------+-----------------------------------------------------------------------------------------------+
| novnc | https://192.168.0.200:6080/vnc_auto.html?path=%3Ftoken%3Dadd8b447-9751-4b50-8f95-5cb92dd60f57 |
+-------+-----------------------------------------------------------------------------------------------+

Change console-proxy-ip local => 100.100.100.250.250

@maasvm-dev:~$ nova get-vnc-console 4334cf29-a393-4ac5-baa0-f9fb49df6da8 novnc
+-------+-------------------------------------------------------------------------------------------------+
| Type  | Url                                                                                             |
+-------+-------------------------------------------------------------------------------------------------+
| novnc | https://100.100.100.250:6080/vnc_auto.html?path=%3Ftoken%3Dfaa90f3a-74d1-4ad6-a402-4268b28f282d |
+-------+-------------------------------------------------------------------------------------------------+
</code>

==== 後はリバースプロキシ ====

下記のようにつなげてあげる
100.100.100.250:6080 -> 192.168.0.200:6080


=== リバースプロキシ例 ===

[[06_virtualization:05_container:09_reverse_proxy]]

<code>
server {
	server_name proxy.hogehoge.com;
	listen 6080 ssl http2 ;
#	access_log /var/log/nginx/access.log vhost;
	ssl_session_timeout 5m;
	ssl_session_cache shared:SSL:50m;
	ssl_session_tickets off;
	ssl_certificate /etc/nginx/certs/proxy.hogehoge.com.crt;
	ssl_certificate_key /etc/nginx/certs/proxy.hogehoge.com.key;
	ssl_dhparam /etc/nginx/certs/proxy.hogehoge.com.pem;
	ssl_stapling on;
	ssl_stapling_verify on;
	ssl_trusted_certificate /etc/nginx/certs/proxy.hogehoge.com.chain.pem;
	add_header Strict-Transport-Security "max-age=31536000" always;
	include /etc/nginx/vhost.d/default;
	location / {
		proxy_pass https://192.168.0.200:6080;
	}
}
</code>
{{tag>OpenStack}}