====== 02 OpenStack base Console ====== ===== Console Proxy ===== [[https://blog.gnuoy.eu/2014/09/openstack-guest-console-access-with-juju.html]] ===== JuJu Gui ===== JuJu Guiから nova-cloud-controller で console-proxy-ip をグローバルのアドレスに変更(hogehoge.comなど) 今回は、下記に変更 100.100.100.250 ==== console-proxy-ipを変更するとConsoleのアドレスが下記のように変わる ==== @maasvm-dev:~$ nova get-vnc-console 4334cf29-a393-4ac5-baa0-f9fb49df6da8 novnc +-------+-----------------------------------------------------------------------------------------------+ | Type | Url | +-------+-----------------------------------------------------------------------------------------------+ | novnc | https://192.168.0.200:6080/vnc_auto.html?path=%3Ftoken%3Dadd8b447-9751-4b50-8f95-5cb92dd60f57 | +-------+-----------------------------------------------------------------------------------------------+ Change console-proxy-ip local => 100.100.100.250.250 @maasvm-dev:~$ nova get-vnc-console 4334cf29-a393-4ac5-baa0-f9fb49df6da8 novnc +-------+-------------------------------------------------------------------------------------------------+ | Type | Url | +-------+-------------------------------------------------------------------------------------------------+ | novnc | https://100.100.100.250:6080/vnc_auto.html?path=%3Ftoken%3Dfaa90f3a-74d1-4ad6-a402-4268b28f282d | +-------+-------------------------------------------------------------------------------------------------+ ==== 後はリバースプロキシ ==== 下記のようにつなげてあげる 100.100.100.250:6080 -> 192.168.0.200:6080 === リバースプロキシ例 === [[06_virtualization:05_container:09_reverse_proxy]] server { server_name proxy.hogehoge.com; listen 6080 ssl http2 ; # access_log /var/log/nginx/access.log vhost; ssl_session_timeout 5m; ssl_session_cache shared:SSL:50m; ssl_session_tickets off; ssl_certificate /etc/nginx/certs/proxy.hogehoge.com.crt; ssl_certificate_key /etc/nginx/certs/proxy.hogehoge.com.key; ssl_dhparam /etc/nginx/certs/proxy.hogehoge.com.pem; ssl_stapling on; ssl_stapling_verify on; ssl_trusted_certificate /etc/nginx/certs/proxy.hogehoge.com.chain.pem; add_header Strict-Transport-Security "max-age=31536000" always; include /etc/nginx/vhost.d/default; location / { proxy_pass https://192.168.0.200:6080; } } {{tag>OpenStack}}