Bug 1468101

Description of problem:


I am not able to connect to a VNC console for any instance in Horizon. When going on the "console" tab for an instance, the window shows the vnc client but gets an error : "Failed to connect to server (code: 1006)"

After a short debug session, it appears that qemu-kvm binds on 127.0.0.1 for vnc consoles, blocking novncproxy service from connecting to the instance.
This conf is on compute node in /etc/nova/nova.conf (file attached) : vncserver_listen=127.0.0.1

I would like to know how to change this, with which parameter in Director template files, and what are the impact of changing this parameter.


In previous versions, default value for vncserver_listen was 0.0.0.0, allowing qemu-kvm to listen on all interfaces by default.
In OSP 10 (the version we have), default value is now 127.0.0.1, preventing connections from outside.

I also found that : https://bugs.launchpad.net/puppet-nova/+bug/1660099
I understand that a patch has been committed in Newton to change vncserver_listen IP address to internal_api network IP address. This is a real solution for us, but it seems that this solution is not in OSP 10.

We expect this solution to be in OSP 10 because it corresponds to our needs in terms of functionnality (recover access to consoles) and security (limiting to internal_api network).


Steps to Reproduce:
1.
2.
3.

Actual results:

We expect this solution to be in OSP 10 because it corresponds to our needs in terms of functionnality (recover access to consoles) and security (limiting to internal_api network).

Expected results:

We expect this solution to be in OSP 10 because it corresponds to our needs in terms of functionnality (recover access to consoles) and security (limiting to internal_api network).


Additional info: