Hi, On Thu, Jan 14, 2021 at 5:51 AM tommy <sz_cui...@163.com> wrote: > > I encountered a question about using web console(local vnc remote viewer) to > connect to VM. > > > > The engine-vm can be accessed using this methord, but other VM in other > DataCenters or other Clusters can not be accessed, when I tried to connect , > the remote viewer program auto abend quickly. > > > > > > > > The follow file is the connect file for vm that can connect using remote > viewer: > > > > [virt-viewer] > > type=vnc > > host=192.168.10.41 > > port=5900 > > password=rdXQA4zr/UAY > > # Password is valid for 120 seconds. > > delete-this-file=1 > > fullscreen=0 > > title=HostedEngine:%d > > toggle-fullscreen=shift+f11 > > release-cursor=shift+f12 > > secure-attention=ctrl+alt+end > > versions=rhev-win64:2.0-160;rhev-win32:2.0-160;rhel8:7.0-3;rhel7:2.0-6;rhel6:99.0-1 > > newer-version-url=http://www.ovirt.org/documentation/admin-guide/virt/console-client-resources > > > > [ovirt] > > host=ooeng.tltd.com:443 > > vm-guid=76f99df2-ef79-45d9-8eea-a32b168f9ef3 > > sso-token=4Up7TfLLBjSuQgPkQvRz3D-fUGZWZg4ynApe2Y7ylkARCFwQWsfEr3dU8FjlK8esctm3Im4tz80mE1DjrNT3XQ > > admin=1 > > ca=-----BEGIN > CERTIFICATE-----\nMIIDqDCCApCgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwPzELMAkGA1UEBhMCVVMxETAPBgNVBAoM\nCHRsdGQuY29tMR0wGwYDVQQDDBRvb2VuZy50bHRkLmNvbS4xNzczMDAeFw0yMTAxMTAxNjE1NDda\nFw0zMTAxMDkxNjE1NDdaMD8xCzAJBgNVBAYTAlVTMREwDwYDVQQKDAh0bHRkLmNvbTEdMBsGA1UE\nAwwUb29lbmcudGx0ZC5jb20uMTc3MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg\nYT9S7hWiXQUzAqFQKbg2nMjwyHDmb/JmKeJAUVZqNKRg1q80IpWyoM12Zw0nX1eTwMnVY/JtJON4\n13PoEC3So8nniGt+wtHr44ysvCWfU0SBk/ZPnKmQ58o5MlSkidHwySChXfVPYLPWeUJ1JUrujna/\nCbi5bmmjx2pqwLrZXX8Q5NO2MRKOTs0Dtg16Q6z+a3cXLIffVJfhPGS3AkIh6nznNaDeH5gFZZbd\nr3DKE4xrpdw/7y6CgjmHe4vwGxOIyE+gElZ/lVtqznLMwohz7wgtgsDA36277mujNyMjMbrSFheu\n5WfbIa9VVSZWEkISVq6eswLOQ1IRaFyJsFN9AgMBAAGjga0wgaowHQYDVR0OBBYEFDYEqJOMqN8+\nQhCP7DAkqF3RZMFdMGgGA1UdIwRhMF+AFDYEqJOMqN8+QhCP7DAkqF3RZMFdoUOkQTA/MQswCQYD\nVQQGEwJVUzERMA8GA1UECgwIdGx0ZC5jb20xHTAbBgNVBAMMFG9vZW5nLnRsdGQuY29tLjE3NzMw\nggIQADAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEA\nAKs0/yQWkoOkGcL0PjF9ijekdMmjrLZGyh5uLot7h9s/Y2+5l9n9IzEjjx9chi8xwt6MBsR6/nBT\n/skcciv2veM22HwNGjdrHvhfbZFnZsGe2TU60kGzKjlv1En/8Pgd2aWBcwTlr+SErBXkehNEJRj9\n1saycPgwS4pHS04c2+4JMhpe+hxgsO2+N/SYkP95Lf7ZQynVsN/SKx7X3cWybErCqoB7G7McqaHN\nVWw+QNXo5islWUXqeDc3RcnW3kq0XUEzEtp6hoeRcLKO99QrAW31zqU/QY+EeZ6Fax1O/jrDafZn\npTs0KJFNgeVnUhKanB29ONy+tmnUmTAgPMaKKw==\n-----END > CERTIFICATE-----\n > > > > the firewall list of the host 192.168.10.41 is: > > > > [root@ooengh1 ~]# firewall-cmd --list-all public (active) > > target: default > > icmp-block-inversion: no > > interfaces: bond0 ovirtmgmt > > sources: > > services: cockpit dhcpv6-client libvirt-tls ovirt-imageio ovirt-vmconsole > snmp ssh vdsm > > ports: 6900/tcp 22/tcp 6081/udp > > protocols: > > masquerade: no > > forward-ports: > > source-ports: > > icmp-blocks: > > rich rules: > > > > > > > > > > > > > > > > the follow file is the connect file that vm that cannot connect using remote > viewer: > > > > [virt-viewer] > > type=vnc > > host=ohost1.tltd.com > > port=5900 > > password=4/jWA+RLaSZe > > # Password is valid for 120 seconds. > > delete-this-file=1 > > fullscreen=0 > > title=testol:%d > > toggle-fullscreen=shift+f11 > > release-cursor=shift+f12 > > secure-attention=ctrl+alt+end > > versions=rhev-win64:2.0-160;rhev-win32:2.0-160;rhel8:7.0-3;rhel7:2.0-6;rhel6:99.0-1 > > newer-version-url=http://www.ovirt.org/documentation/admin-guide/virt/console-client-resources > > > > [ovirt] > > host=ooeng.tltd.com:443 > > vm-guid=2b0eeecf-e561-4f60-b16d-dccddfcc852a > > sso-token=4Up7TfLLBjSuQgPkQvRz3D-fUGZWZg4ynApe2Y7ylkARCFwQWsfEr3dU8FjlK8esctm3Im4tz80mE1DjrNT3XQ > > admin=1 > > ca=-----BEGIN > CERTIFICATE-----\nMIIDqDCCApCgAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwPzELMAkGA1UEBhMCVVMxETAPBgNVBAoM\nCHRsdGQuY29tMR0wGwYDVQQDDBRvb2VuZy50bHRkLmNvbS4xNzczMDAeFw0yMTAxMTAxNjE1NDda\nFw0zMTAxMDkxNjE1NDdaMD8xCzAJBgNVBAYTAlVTMREwDwYDVQQKDAh0bHRkLmNvbTEdMBsGA1UE\nAwwUb29lbmcudGx0ZC5jb20uMTc3MzAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCg\nYT9S7hWiXQUzAqFQKbg2nMjwyHDmb/JmKeJAUVZqNKRg1q80IpWyoM12Zw0nX1eTwMnVY/JtJON4\n13PoEC3So8nniGt+wtHr44ysvCWfU0SBk/ZPnKmQ58o5MlSkidHwySChXfVPYLPWeUJ1JUrujna/\nCbi5bmmjx2pqwLrZXX8Q5NO2MRKOTs0Dtg16Q6z+a3cXLIffVJfhPGS3AkIh6nznNaDeH5gFZZbd\nr3DKE4xrpdw/7y6CgjmHe4vwGxOIyE+gElZ/lVtqznLMwohz7wgtgsDA36277mujNyMjMbrSFheu\n5WfbIa9VVSZWEkISVq6eswLOQ1IRaFyJsFN9AgMBAAGjga0wgaowHQYDVR0OBBYEFDYEqJOMqN8+\nQhCP7DAkqF3RZMFdMGgGA1UdIwRhMF+AFDYEqJOMqN8+QhCP7DAkqF3RZMFdoUOkQTA/MQswCQYD\nVQQGEwJVUzERMA8GA1UECgwIdGx0ZC5jb20xHTAbBgNVBAMMFG9vZW5nLnRsdGQuY29tLjE3NzMw\nggIQADAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjANBgkqhkiG9w0BAQsFAAOCAQEA\nAKs0/yQWkoOkGcL0PjF9ijekdMmjrLZGyh5uLot7h9s/Y2+5l9n9IzEjjx9chi8xwt6MBsR6/nBT\n/skcciv2veM22HwNGjdrHvhfbZFnZsGe2TU60kGzKjlv1En/8Pgd2aWBcwTlr+SErBXkehNEJRj9\n1saycPgwS4pHS04c2+4JMhpe+hxgsO2+N/SYkP95Lf7ZQynVsN/SKx7X3cWybErCqoB7G7McqaHN\nVWw+QNXo5islWUXqeDc3RcnW3kq0XUEzEtp6hoeRcLKO99QrAW31zqU/QY+EeZ6Fax1O/jrDafZn\npTs0KJFNgeVnUhKanB29ONy+tmnUmTAgPMaKKw==\n-----END > CERTIFICATE-----\n > > > > > > the firewall list of the host ohost1.tltd.com(192.168.10.160) is: > > > > [root@ohost1 ~]# firewall-cmd --list-all public (active) > > target: default > > icmp-block-inversion: no > > interfaces: bond0 ovirtmgmt > > sources: > > services: cockpit dhcpv6-client libvirt-tls ovirt-imageio ovirt-vmconsole > snmp ssh vdsm > > ports: 22/tcp 6081/udp > > protocols: > > masquerade: no > > forward-ports: > > source-ports: > > icmp-blocks: > > rich rules: > > > > > > Please give me some advice,thanks.
This seems correct, basically, assuming your client correctly resolves ohost1.tltd.com. Please check/share relevant logs. Try e.g. to run remote-viewer manually with --debug and --verbose. Also check with a sniffer (tcpdump/wireshark) that the client indeed tries to connect to the correct host. If all looks fine, check with a sniffer on the host that the connection is accepted, and relevant logs - mainly qemu (in /var/log/libvirt/qemu), although I am not sure it logs connections by default. Good luck and best regards, -- Didi _______________________________________________ Devel mailing list -- devel@ovirt.org To unsubscribe send an email to devel-le...@ovirt.org Privacy Statement: https://www.ovirt.org/privacy-policy.html oVirt Code of Conduct: https://www.ovirt.org/community/about/community-guidelines/ List Archives: https://lists.ovirt.org/archives/list/devel@ovirt.org/message/UAJVR2ELFFEDPEIQJ7BKWQQ7GOEFEFC5/