Implemented usage vnc+tls (refactor)
Enable transport + authentication for VNC over TLS
---------------------
By default communication between nova-novncproxy and qemu service is
unsecure.
compute:
qemu:
vnc:
tls:
enabled: True
controller:
novncproxy:
# This section responsible for communication between noVNC proxy and
client machine
tls:
enabled: True
# This section responsible for communication between nova-novncproxy
and qemu service
vencrypt:
tls:
enabled: True
You able to set custom certificates in pillar:
nova:
compute:
qemu:
vnc:
tls:
cacert (certificate content)
cert (certificate content)
key (certificate content)
nova:
controller:
novncproxy:
tls:
server:
cert (certificate content)
key (certificate content)
vencrypt:
tls:
cacert (certificate content)
cert (certificate content)
key (certificate content)
You can read more about it here:
https://docs.openstack.org/nova/queens/admin/remote-console-access.html
Enable communication between noVNC proxy and client machine over TLS
---------------------
By default communication between noVNC proxy and client machine is
unsecure.
controller:
novncproxy:
tls:
enabled: True
nova:
controller:
novncproxy:
tls:
server:
cert (certificate content)
key (certificate content)
You can read more about it here:
https://docs.openstack.org/mitaka/config-reference/dashboard/configure.html
Related-Prod: PROD-19979
Change-Id: Ia865d936bc9222eb400a73a0a0ab7ca1ffa4bf28
5 files changed