RHEL 9 OpenNebula Sunstone noVNC Issues

Community Support General
1

I just migrated my front-end from a RHEL 8 server to a RHEL 9 server. Everything works as expected except for the VNC connections to the VMs. opennebula-novnc starts and is running without issue. I synced all of my config files, where necessary, from the old host to the new one, including my proxy config and everything.

When I attempt to launch a VNC session, it opens the new page with “Failed” and then prints two lines to /var/log/one/novnc.log:
handler exception: [Errno 2] No such file or directory
handler exception: [Errno 2] No such file or directory

I’m at a loss where the issue could lie since the RHEL 8 instance worked just fine. The specific errors appear to be python-related, but again, not sure where.

Here is some useful config files that are identical between the RHEL 8 server and RHEL 9:

/etc/lighttpd/conf.d/proxy.conf

proxy.server = ( “” =>
(“” =>
(
“host” => “127.0.0.1”,
“port” => 9869
)
)
)

SSL engine

ssl.engine = “enable”
ssl.pemfile = “/etc/lighttpd/server.pem”

ssl.honor-cipher-order = “enable”
ssl.cipher-list = “EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH”
ssl.use-compression = “disable”

server.modules += ( “mod_setenv” )

setenv.add-response-header = (
“Strict-Transport-Security” => “max-age=63072000; includeSubDomains; preload”,
“X-Frame-Options” => “DENY”,
“X-Content-Type-Options” => “nosniff”,
“X-XSS-Protection” => “1; mode=Block”
)
ssl.use-sslv2 = “disable”
ssl.use-sslv3 = “disable”

/etc/lighttpd/modules.conf

server.modules = (
“mod_access”,
“mod_alias”
)
include conf_dir + “/conf.d/proxy.conf”

/etc/lighttpd/lighttpd.conf

include conf_dir + “/modules.conf”
server.port = 443

/etc/one/sunstone-server.conf

:vnc_proxy_port: 29876
:vnc_proxy_support_wss: yes
:vnc_proxy_cert: /etc/lighttpd/server.pem
:vnc_proxy_key:
:vnc_proxy_ipv6: false
:vnc_request_password: false
:allow_vnc_federation: no
#:private_fireedge_endpoint: http://localhost:2616 < if I uncomment this, VNC gets a tunnel error
:public_fireedge_endpoint: http://localhost:2616

And to add, the proxy works just fine too. I connect to the web UI through the proxy.

2

Self-solved. The sunstone-server.conf is misleading (at least for RHEL 9). On RHEL 8, I ran the proxy_cert with both the key and the cert in one file and set that in sunstone-server.conf. In RHEL 9, that doesn’t appear to work. I bolded the statement in the config file below.

This is what I changed from above, I split the server.pem file into a .crt and .key file:
#cert: Certificate to encrypt wss connections.
#key: Key for wss connections. Only necessary if not included in cert.
:vnc_proxy_cert: /etc/lighttpd/server.crt
:vnc_proxy_key: /etc/lighttpd/server.key