VNC noVNC ready: native WebSockets, canvas rendering Error?

What is this error means? How to overcome this error?

1 Like

Hi there!,
though it may not be related, just to discard other problems…

In your opennebula frontend… is the noVNC proxy server started and listening? You may run ss -ntap | grep 29876 and check if that port is listening…

Also check if you have an exception in your firewall for that 29876/tcp port if you’re using any.


Even I got the same error:
This is message i got when i typed your command in terminal

What to do now?

that means the noVNC proxy is listening, that’s good.

I’d check if your frontend’s firewall allows traffic to port 29876/tcp. If you have no firewall or that port is allowed then I’d check if tcp ports 5900 onwards are allowed in opennebula’s node from your frontend’s. The noVNC server is listening on the 29876 port and then it proxies VNC sessions to the nodes/hypervisors so that traffic must be allowed by the firewall. Check it out and if that’s not the problem will continue the troubleshooting.


1 Like

This is message i got when i typed your command in terminal

What to do now?

that means that 5900 port is listening so you have a virtual machine with VNC port ready for incoming connections, but you have to check if you have a firewall running that could be blocking the connection.

What operating system are you running on that host? And what is the virtual machine ID you want to open the VNC connection? The VNC ports starts on 5900. If you want to connect to VM #4 the port should be 5904, if VM is #22 the port should be 5922 and so on.


OS is centos 7 and VM ID is 0. How to check and change port to the VNC connection?

well in CentOS 7 try the following.

firewall-cmd --state, is it running? Both in frontend and nodes?

If it’s running change with the IP address of your frontend and try executing these lines just to be sure that the firewall ports are allowed.

firewall-cmd --zone=public --add-rich-rule=‘rule family=“ipv4” source address=“” port protocol=“tcp” port=“5900-6000” accept’ --permanent
firewall-cmd --reload

What if firewall shows not running. What to do now?

Ok! so firewalld is not running. What about iptables just to be sure? What’s shown if you run: systemctl status iptables

If it says not-found… try to check if you can reach 5900 port on the node from the frontend. You can install nmap in the frontend: yum install nmap and try to run: nmap -p 5900 X.X.X.X changing X.X.X.X with the IP of your node, let’s see what happens.


I have the same error, and after this error I have: VNC Failed to connect to server (code: 1006).

Any idea?

Hi there!
what have you tried?, in this post I’ve put many different troubleshooting steps so it would be helpful to know what you’ve tried already so we know what can be discarded.

Just to sum up, this is what happens usually (I hope I’m right :slight_smile: )

  • If the VM machine is running…
  • The VNC button in Sunstone tries to open a connection against 29876/tcp port where the noVNC proxy is listening.
  • Then VNC proxy in the frontend tries to open a connection against 59XX port on the node/hypervisor where XX is the ID of the VM.

Are you using KVM as hypervisor or vCenter?

Are you using Apache or NGINX in front of Sunstone? Using SSL/TLS?



Yes, I read the solution of this post, but I continue with the problem… :frowning:

-The VM is running
-If i execute ss -ntap | grep 29876 , result is that LISTEN
-Before importing virtual machines to opennebula, I set this in the .vmx:
remotedisplay.vnc.enabled TRUE
remotedisplay.vnc.port 5901

For each machine I change the port number. But the XX of port (59XX) is aleatori and not the ID of VM.

I have 3 esx and a vCenter. I have to open any port on a vCenter? Or only gdb server on esx? Actually, I only opened gdb server.

I’m not using ssl/tls.

It’s strange, because at the moment I have imported 2 machines, I can connect to one of them and the other not.


Hi there,
thanks for your feedback, I’ll try to help but I’m beginning my journey with OpenNebula and vCenter so I’m not sure of what could be happening… hope I don’t give you wrong advices.

According to the docs, you should only have to configure the ESX servers (

“To enable VNC functionality, repeat the following procedure for each ESX:
In the vSphere client proceed to Home -> Inventory -> Hosts and Clusters
Select the ESX host, Configuration tab and select Security Profile in the Software category
In the Firewall section, select Edit. Enable GDB Server, then click OK
Make sure that the ESX hosts are reachable from the OpenNebula Front-end”

So, I’d try to check that the frontend can connect to any of the ESX hosts, maybe a DNS error? Are both machines running in the same host? If they run in different ESX hosts maybe you forgot to enable GDB Server…

As you are working with VMWare as hypervisor… are you using vOneCloud? ( In that case you may try this forum instead:


Hi again Sergi,
I’ve been looking for more info in the docs. Check that VMWare Tools is installed in any VM, maybe that’s why you can open a connection to one VM and failing with the other VM.


Hi All,

I have the gdb server enabled on all esx’s within vcenter.

I think that I have a problem in .vmx configuration.

When you importing a machine, you have all fields as well?

remotedisplay.vnc.enabled TRUE
remotedisplay.vnc.port 5901

I have to put the remotedisplay.vnc.port in all imported machines? Or there is a way for that opennebula sets a random port?


Hi @Sergi

When import the VMs (wilds), you need put manually these configs in each VM.

Remembering to change remotedisplay.vnc.port to each VM

Best regards,


Hi @ccesario,

There is any way for not have to put the port in each VM?

I have to import a lot of virtual machines, and, if i have to put a different port on each VM, it is easy to make mistakes.

Hi @Sergi,

Maybe you can usage PowerCli to automate it.
This is only an example, but you can usage it as based :slight_smile:

This feature request, should solve this kind of problem, easily :slight_smile:



I’m continuing with this error…but, I see that if I enter in portal by name, https://nameOpenneubla, when I try to open a vnc console I have the error. But, if I enter in the portal by ip, https://ip, when I try to open a vnc console I can connect without problem.

Any idea? If i connect to opennebula by ssh and do a ping, by name, to a esx, resolves!