How To use noVNC on DilOS

It is possible to access the VNC console form the WEB browser and without having VNC client installed. For that purpose websockify proxy is used (formerly named wsproxy) and it part of the noVNC project. At the most basic level, websockify just translates WebSockets traffic to normal socket traffic. Websockify accepts the WebSockets handshake, parses it, and then begins forwarding traffic between the client and the target in both directions.

In this example we will configure the access to qemu-kvm virtual machine console using noVNC service:  

The installation procedure is quite simple:

1. Install websockify package
root@dilos:~# apt -y install novnc python-websockify
2. Generate SSL Certs
root@dilos:~# openssl req -x509 -nodes -newkey rsa:2048 -keyout ~/.ssh/novnc.pem -out ~/.ssh/novnc.pem -days 365
3. Run noVNC proxy service
root@dilos:~# websockify --web=/usr/share/novnc/ --cert=/root/.ssh/novnc.pem 6080 localhost:5900 -D

Where:

--web - doc root for mini-webserver in wensockify (default path is: /usr/share/novnc)

--certs - the certificates that has been generated on step 2.

6080 - points the port that is listen for incoming connections from clients

localhost:5900 - points to VNC host and port where where redirect incoming requests to

-D - to run service in a daemon mode. For testing purposes, this option can be replaced with -v option, that run instruct service to run in verbose mode and produce diagnostic output on console. 

4. Run qemu-kvm machine
root@dilos:~# /smartdc/bin/qemu-system-x86_64 -enable-kvm -smp 4 -m 8192 \
-drive file=/dev/zvol/rdsk/rpool/kvm/con4,if=virtio,index=0,media=disk,boot=on,id=disk0 \
-bios /smartdc/share/qemu/extboot.bin -vnc 0.0.0.0:0,password -monitor stdio \
-device virtio-net-pci,netdev=n1,mac=02:08:20:80:8e:d3 \
-netdev user,id=n1,net=192.168.11.0/24

Where:

 -vnc 0.0.0.0:0,password - configure VNC service listen on any host address (0.0.0.0) and port 5900 (in a format 590X, where :0 is 5900, :1 is 5901 and etc ...). Password authentification (the  "password" option) must be used here as a requirement  for noVNC service . 

5. Set up VNC password in qemu monitor
(qemu) change vnc password
Password: **
(qemu)

Now you are able to connect to VNC console of the host with your browser. Open URL https://YOUR_HOST:6080/vnc.html

Enter the password we set up on previous step and you will get connected to VNC console.