[resolved] Cannot get on web UI remotely (Centos 7 and opennebula 4.12)

Hello all:
I got OpenNebula 4.12 on Centos 4.12. I can get to the web ui on the local host only.
Here is /etc/open/sunstone-server.conf:
################################################################################

Server Configuration

################################################################################

Directory to store temp files when uploading images

:tmpdir: /var/tmp

OpenNebula sever contact information

:one_xmlrpc: http://localhost:2633/RPC2

Server Configuration

:host: 0.0.0.0
:port: 9869

Place where to store sessions, this value can be memory or memcache

Use memcache when starting multiple server processes, for example,

with passenger

NOTE. memcache needs a separate memcached server to be configured. Refer

to memcached documentation to configure the server.

:sessions: memory

Memcache configuration

:memcache_host: localhost
:memcache_port: 11211
:memcache_namespace: opennebula.sunstone

################################################################################

Log

################################################################################

Log debug level

0 = ERROR, 1 = WARNING, 2 = INFO, 3 = DEBUG

:debug_level: 3

################################################################################

Auth

################################################################################

Authentication driver for incomming requests

sunstone, for OpenNebula’s user-password scheme

x509, for x509 certificates based authentication

opennebula, the authentication will be done by the opennebula core using the

driver defined for the user

:auth: opennebula

Authentication driver to communicate with OpenNebula core

cipher, for symmetric cipher encryption of tokens

x509, for x509 certificate encryption of tokens

:core_auth: cipher

For LDAP auth. Encode credentials sent to OpenNebula. Turns espaces into %20.

This only works with “opennebula” auth.

#:encode_user_password: true

################################################################################

UI Settings

################################################################################

:vnc_proxy_

port: port where the vnc proxy will listen

support_wss: no | yes | only. For yes and only, provide path to

cert and key. “yes” means both ws and wss connections will be

supported.

vnc_proxy_cert: Certificate to encrypt wss connections.

vnc_proxy_key: Key for wss connections. Only necessary if not included in cert.

vnc_proxy_ipv6: Enable ipv6 support for novnc-server

:vnc_proxy_port: 29876
:vnc_proxy_support_wss: no
:vnc_proxy_cert:
:vnc_proxy_key:
:vnc_proxy_ipv6: false

Default language setting

:lang: en_US

Default table order

:table_order: desc

################################################################################

Marketplace

################################################################################

Marketplace username and password

If no credentials are provided, an anonymous client will be used

#:marketplace_username:
#:marketplace_password:

################################################################################

OneFlow

################################################################################

OneFlow endpoint

:oneflow_server: http://localhost:2474/

################################################################################

Default instance types for the cloud view

################################################################################

These types are presented in the cloud view to customize VM Templates. Each

type is defined by:

name: the name of the type

cpu: capacity allocated to the VM for scheduling purposes

vcpu: number of cores

memory: in MB for the VM

description: to help the user pick one, it may include purpose or price.

:instance_types:
- :name: small-x1
:cpu: 1
:vcpu: 1
:memory: 128
:description: Very small instance for testing purposes
- :name: small-x2
:cpu: 2
:vcpu: 2
:memory: 512
:description: Small instance for testing multi-core applications
- :name: medium-x2
:cpu: 2
:vcpu: 2
:memory: 1024
:description: General purpose instance for low-load servers
- :name: medium-x4
:cpu: 4
:vcpu: 4
:memory: 2048
:description: General purpose instance for medium-load servers
- :name: large-x4
:cpu: 4
:vcpu: 4
:memory: 4096
:description: General purpose instance for servers
- :name: large-x8
:cpu: 8
:vcpu: 8
:memory: 8192
:description: General purpose instance for high-load servers

################################################################################

Routes

################################################################################

Array of files containing ruby code to extend the default sunstone-server

routes. These files must be placed inside the custom_routes directory

in the sunstone root dir (/usr/lib/one/sunstone/routes)

Example:

$ ls /usr/lib/one/sunstone/routes

custom.rb other.rb

$ cat /usr/lib/one/sunstone/routes/example.rb

get ‘/custom’ do

body “It works”

end

#:routes:

- custom

- other

:routes:
- oneflow
- vcenter
- support

OK when I reload iptables it works. How do I make this persistant.

CentOS 7 uses the firewalld service for its firewall (although iptables can still be used to list firewall info). These commands should permanently open port 9869:

firewall-cmd --zone=public --add-port=9869/tcp --permanent
firewall-cmd --reload
1 Like

Thanks that fixed it