Hello Community, I found out that getting a VM Console from an untrusted network (like Internet) in a purely vSphere environment is no easy task in spite of being requested a lot among the Internet community.
The core idea is simple, develop a Customer Portal available through Internet where you can click in a link and open a console much like a novnc thing.
I can think on some ways of doing this but all of them seems to have an handicap:
- You can open/map your vCenter and hosts internal IP addresses to the Internet and using a split DNS to map a name to a Public IP Address on the Internet side and to an private IP address on the internal side.
o This is a very bearish solution, is not firewall friendly and you are somehow exposing your internal Network.
- You can enable VNC on the vSphere host and in the .vmx file, using noVNC, much like it is done in Openstack nova-novncproxy.
o Is it possible, but in this case you are using a VMware unsupported solution KB1246 (http://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=1246 ).
o Because every .vmx VM file must have a VNC port configured, to access at the same time to two VMs in the same host you must have different ports configured in each .vmx file. Since VMs are jumping (vmotion) between vSphere hosts, how can you be sure that in certain moment there aren’t several VM’s in the same host with the same VNC port configured in its .vmx file?
- A more laboured solution would be to develop a proxy server using Websockets/websockify to bridge VMRC api and a html5 supported browser.
o It seems to be a great effort to develop.
- The most elegant solution would be just to proxying the “new” html5 console available in vCenter5.1/5.5 to the Internet
o Is theoretical perfect but as soon you put a proxy in the middle the html5 console can not be started.
Does anyone have any experience on doing this or have some breakthrough idea that I’m not?
P.S: you could of course use vCloud directory but…
Cheers