Apache as reverse proxy for Sunstone.....but no_vnc?

I have a separate apache server that i’m using to reverse in https the opennebula FE;
all work well, but when i try to open vm consoles under novnc or spice, nothing appear.

ATM the apache server configuration reverse proxying OpennebulaFE is:

ServerName myserver

ProxyPreserveHost Off

RewriteEngine on
RewriteRule ^(.*)+(nebula)$ %{REQUEST_URI}/ [R=301,L]

SSLEngine on
SSLCertificateFile /etc/pki/certs/xxxx.crt
SSLCertificateKeyFile /etc/pki/private/xxxxx.key
SSLCertificateChainFile /etc/pki/certs/xxxxxxxx.pem

<Location /nebula>

I read about ws://xxxxx/:29876 websockify settings… but nothing worked for me.

( - apache reverseproxy)—
( - opennebulaFE -sunstone)—
( - opennebula node kvm-hypervisor)

Any ideas ??



Dirty trick.

Set a persistent ssh tunneled port from your Apache proxy to your sunstone

Set this in autostart eventually in a screen session at startup

autossh -f -M 0 -N -i /path/to/youruser/id_rsa -o ExitOnForwardFailure=yes -o ServerAliveInterval=30 -o ServerAliveCountMax=3 -L 29876:localhost:29876 user@yoursunstoneserver

And your vnc will work.

autossh will keep the tunnel up even in network loss


If someone has better suggestions those are welcome, tried (not hard, but lazily) to proxy the websocket of the vncproxy with nginx but did not managed to get it working (yet).
So I’m still using autossh tunnel since is working fine for my needs, not elegant but working.

Grazie !! Thank you Lorenzo…i will try this workaround waiting a solution for ProxyPass.


What about this?