I am looking to try to use Open OnDemand as a portal to interface with specific hosts/PCs that are not cluster worker nodes and already have a VNC server running. Are there recommendations for how to serve up NoVNC connections to non-cluster VNC servers?
I was looking to wrap the destination VNC server address via NoVNC (either via ‘novnc_proxy’ or ‘websockify’) to translate the TCP port to a websocket, then connect to that with a redirect from a Flask passenger app.
If I run a ‘novnc_proxy’ on the OOD host node, the user can be redirected to that port of the the NoVNC proxy, but this isn’t protected directly like the PUN environment - it would be directly reachable at that port.
OOD has managed with the Per User Nginx (PUN) environments that each user has their own environment in a separate proxy connection through the same overall webserver. (Security — Open OnDemand 3.1.0 documentation)
Is it similarly possible to have external VNC servers also be connected in a secure way with the NoVNC client in a PUN session? Any suggestions how best to do this?
Matt and I have discussed this out of band but will post some context here for anyone in the future who might come across this thread.
I have an example of a containerized OOD setup with an example Flask app that does a simple redirect to a websockify opened port on the host machine that proxys to a vnc server listening on a remote host here: GitHub - mghpcc/SciEdge: OpenOnDemand Work
To Matt’s specific question here, the url magic I used was to redirect to: https://<ood-hostname>/rnode/localhost/vnc.html?host=<ood-hostname>/node/localhost/6901&autoconnect=true
Keep in mind that this setup assumes you have spun up a websockify process on the host machine with something like websockify 6901 <other hostname here>:5901
Thanks Morgan for the help here and off the forum as well. Morgan’s GitHub is quite helpful for seeing how to adapt as an App to provide the VNC link.
I was able to get a VNC connection working towards a non-cluster host that is running TigerVNC and on the OOD host node I was using the noVNC package (GitHub - novnc/noVNC: VNC client web application) and the utils/novnc_proxy. I think also the websockify works as similarly.
I have an OOD-host, running the Apache/Open OnDemand setup.
I have a remote-host Linux VM, running TigerVNC server.
On the OOD host node I am using: ./novnc_proxy --listen :PORT1 --vnc remote-host:PORT2
Confirmed that this also will work: websockify localhost:PORT1 remote-host:PORT2
this works as a daemon with -D argument as websockify localhost:PORT1 remote-host:PORT2 -D
rnode_uri: setting above would enable the reverse proxy with the relative path to find that local port that is wrapped by websockify and the NoVNC client at the vnc.html.
There is also the ‘node_uri’ which could reverse proxy with a full URI path and could probably work as well with slight changes to specify the address for the vnc.html.