Description of problem: User should be able to change the port number of NoVnc. As per one of the customer, using port 6100 is not feasible due to their environment Network restrictions. Version-Release number of selected component (if applicable): RHV 4.2
As a workaround, We have provided below steps to change the port number. 1) engine-config -s WebSocketProxy=<FQDN>:<PORT> 2) Edit /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf Change PROXY_PORT=6100 to your desired PORT number. PROXY_PORT=<PORT> 3) Edit /usr/share/ovirt-engine/engine.ear/services.war/novnc-main.jsp Search and Change Port number 6100 to your desired port number. Most probably, You should find it on line 214 as below: ~~~ var url = new URL('wss://' + getHost() + ':6100/' + path); ~~~ 4) Allow port 6200 in firewalld Edit /etc/firewalld/services/ovirt-websocket-proxy.xml Change the port 6100 to your desired port <port protocol="tcp" port="<PORT>"/> Once added, reload the firewalld # firewall-cmd --reload 5) Once above changes are made successfully, restart below services: # systemctl restart ovirt-engine # systemctl restart ovirt-websocket-proxy 6) Need to re-import the certificates when you open the noVNC console of the VM. Need a simple way to change the port number for end user customer. Specially editing /usr/share/ovirt-engine/engine.ear/services.war/novnc-main.jsp is not feasible.
Should be a trivial change to eliminate step 3. The rest would remain, should be ok as a kbase
Verified on: ovirt-engine-4.2.6.4-0.0.master.20180823141941.gitb3a5b18.el7.noarch ovirt-engine-websocket-proxy-4.2.6.4-0.0.master.20180823141941.gitb3a5b18.el7.noarch ovirt-engine-setup-plugin-websocket-proxy-4.2.6.4-0.0.master.20180823141941.gitb3a5b18.el7.noarch Steps: 1. Connect to the engine via SSH. 2. Run: # engine-config -s WebSocketProxy=<FQDN>:<PORT> where FQDN is the engine FQDN and PORT is the new desired port. -Verify the change by running: # engine-config -g WebSocketProxy WebSocketProxy: <FQDN>:<PORT> version: general 3. Edit /etc/ovirt-engine/ovirt-websocket-proxy.conf.d/10-setup.conf Change PROXY_PORT=6100 to your desired PORT number. PROXY_PORT=<PORT> 4. Edit /etc/firewalld/services/ovirt-websocket-proxy.xml Change the port 6100 to your desired port <port protocol="tcp" port="<PORT>"/> 4a. Run: # firewall-cmd --reload 5. Run: # systemctl restart ovirt-engine # systemctl restart ovirt-websocket-proxy 6. Verify listening port: Run: # lsof -u ovirt -Pnc '/^.*python.*proxy/' | egrep 'IP.*LISTEN' ovirt-web 4755 ovirt 4u IPv4 5083008 0t0 TCP *:<PORT> (LISTEN) # netstat -plnt | grep ':<PORT>' tcp 0 0 0.0.0.0:<PORT> 0.0.0.0:* LISTEN 4755/python 7. Create a new VM, Console set to noVNC. 8. Start the VM. 9. Open console to the VM. Results: The new port is set correctly, and the noVNC console works on the new port. The web url is change by the port: https://<FQDN>/ovirt-engine/services/novnc-main.jsp?host=<FQDN>&port=<PORT>&title=<VM NAME>%20-%20noVNC Additional note: For noVNC before invoking the noVNC console the user need to confirm certificate. Can be done with: https://<FQDN>/ovirt-engine/ Click on CA Certificate under Downloads and confirm.
WARN: Bug status wasn't changed from MODIFIED to ON_QA due to the following reason: [Found non-acked flags: '{'rhevm-4.2.z': '?'}', ] For more info please contact: rhv-devops: Bug status wasn't changed from MODIFIED to ON_QA due to the following reason: [Found non-acked flags: '{'rhevm-4.2.z': '?'}', ] For more info please contact: rhv-devops
QE verification bot: the bug was verified upstream
*** Bug 1463277 has been marked as a duplicate of this bug. ***
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHEA-2019:1085