cloudstack icon indicating copy to clipboard operation
cloudstack copied to clipboard

VM Console not working for noVNC using cloudstack UI 4.19.0

Open yashi4engg opened this issue 1 year ago • 8 comments

ISSUE TYPE
  • Other
COMPONENT NAME
CLOUDSTACK VERSION
CONFIGURATION
OS / ENVIRONMENT
SUMMARY

Console not working . We have mysql ssl enabled and console proxy ssl is disabled for now.

Failed to connect/access token expired.

While checking logs on CCVM ..we see vnc auth failed.

2024-02-13 16:12:12,926 INFO [vnc.security.VncTLSSecurity] (Thread-86:null) Processing VNC TLS security 2024-02-13 16:12:12,930 INFO [utils.nio.Link] (Thread-86:null) Conf file found: /usr/local/cloud/systemvm/conf/agent.properties 2024-02-13 16:12:12,964 INFO [vnc.security.VncAuthSecurity] (Thread-83:null) Finished VNCAuth security 2024-02-13 16:12:12,966 ERROR [consoleproxy.vnc.NoVncClient] (Thread-83:null) Connection to VNC server failed: wrong password. 2024-02-13 16:12:12,966 ERROR [consoleproxy.vnc.NoVncClient] (Thread-83:null) Connection to VNC server failed: wrong password. - Reason: Authentication failed 2024-02-13 16:12:13,164 INFO [vnc.security.VncAuthSecurity] (Thread-86:null) VNC server requires password authentication 2024-02-13 16:12:13,184 INFO [vnc.security.VncAuthSecurity] (Thread-86:null) Finished VNCAuth security

STEPS TO REPRODUCE

EXPECTED RESULTS

ACTUAL RESULTS

yashi4engg avatar Feb 13 '24 16:02 yashi4engg

@yashi4engg could you share the cloudstack and hypervisor type and version where this issue is observed?

rajujith avatar Feb 14 '24 04:02 rajujith

@rajujith -- cloudstack version 4.19 , Hypervisor - KVM with OEL8 ,

We have mysql and cloudstack mgmt installed on same node where mysql is ssl enabled.

yashi4engg avatar Feb 14 '24 14:02 yashi4engg

can you destroy CPVM and retry ? @yashi4engg

weizhouapache avatar Feb 15 '24 08:02 weizhouapache

@weizhouapache -- I tried that but still not working and getting same error.

yashi4engg avatar Feb 15 '24 16:02 yashi4engg

@weizhouapache -- I tried that but still not working and getting same error.

@yashi4engg do all vms have the same issue ? or only a specific vm ?

weizhouapache avatar Feb 15 '24 17:02 weizhouapache

@weizhouapache -- All VMs facing same issue .

yashi4engg avatar Feb 15 '24 17:02 yashi4engg

@weizhouapache -- All VMs facing same issue .

@yashi4engg can you check if all packages (management, agent) and systemvm template have all been upgraded to 4.19.0 ? what hypervisor and OS distribution do you use ?

weizhouapache avatar Feb 15 '24 17:02 weizhouapache

All packages for 4.19 as this is new setup with 4.19 .

KVM hypervisors with OEL8.9. mysql is ssl enabled.

yashi4engg avatar Feb 15 '24 17:02 yashi4engg

@weizhouapache WE have enabled FIPS for hosts and cloudstack and then it started giving VNc console errors.

yashi4engg avatar Mar 21 '24 13:03 yashi4engg

@weizhouapache WE have enabled FIPS for hosts and cloudstack and then it started giving VNc console errors.

Each cloudstack VM has a VNC password. unfortunately it is not supported in FIPS mode.

please refer to https://people.redhat.com/pbonzini/qemu-test-doc/_build/html/topics/vnc_005fsecurity.html#vnc_005fsec_005fpassword

weizhouapache avatar Mar 21 '24 14:03 weizhouapache

FIPS isn't a support config yet I think @yashi4engg cc @weizhouapache can advise.

rohityadavcloud avatar Apr 30 '24 13:04 rohityadavcloud