====== 02 OpenStack base Console ======
===== Console Proxy =====
[[https://blog.gnuoy.eu/2014/09/openstack-guest-console-access-with-juju.html]]
===== JuJu Gui =====
JuJu Guiから
nova-cloud-controller で console-proxy-ip をグローバルのアドレスに変更(hogehoge.comなど)
今回は、下記に変更
100.100.100.250
==== console-proxy-ipを変更するとConsoleのアドレスが下記のように変わる ====
@maasvm-dev:~$ nova get-vnc-console 4334cf29-a393-4ac5-baa0-f9fb49df6da8 novnc
+-------+-----------------------------------------------------------------------------------------------+
| Type | Url |
+-------+-----------------------------------------------------------------------------------------------+
| novnc | https://192.168.0.200:6080/vnc_auto.html?path=%3Ftoken%3Dadd8b447-9751-4b50-8f95-5cb92dd60f57 |
+-------+-----------------------------------------------------------------------------------------------+
Change console-proxy-ip local => 100.100.100.250.250
@maasvm-dev:~$ nova get-vnc-console 4334cf29-a393-4ac5-baa0-f9fb49df6da8 novnc
+-------+-------------------------------------------------------------------------------------------------+
| Type | Url |
+-------+-------------------------------------------------------------------------------------------------+
| novnc | https://100.100.100.250:6080/vnc_auto.html?path=%3Ftoken%3Dfaa90f3a-74d1-4ad6-a402-4268b28f282d |
+-------+-------------------------------------------------------------------------------------------------+
==== 後はリバースプロキシ ====
下記のようにつなげてあげる
100.100.100.250:6080 -> 192.168.0.200:6080
=== リバースプロキシ例 ===
[[06_virtualization:05_container:09_reverse_proxy]]
server {
server_name proxy.hogehoge.com;
listen 6080 ssl http2 ;
# access_log /var/log/nginx/access.log vhost;
ssl_session_timeout 5m;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_certificate /etc/nginx/certs/proxy.hogehoge.com.crt;
ssl_certificate_key /etc/nginx/certs/proxy.hogehoge.com.key;
ssl_dhparam /etc/nginx/certs/proxy.hogehoge.com.pem;
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/nginx/certs/proxy.hogehoge.com.chain.pem;
add_header Strict-Transport-Security "max-age=31536000" always;
include /etc/nginx/vhost.d/default;
location / {
proxy_pass https://192.168.0.200:6080;
}
}
{{tag>OpenStack}}