The VNC Proxy is an OpenStack component that allows users of the Compute service to access their instances through VNC clients.
The VNC console connection works as follows:
User connects to API and gets an access_url like
http://.ip:port/?token=xyzUser pastes URL in browser or as client parameter.
Browser/Client connects to proxy.
Proxy talks to nova-consoleauth to authorize the user's token, and then maps the token to the private host and port of an instance's VNC server. The compute host specifies the address the proxy should use to connect via the
nova.confoption vncserver_proxyclient_address. In this way, the vnc proxy works as a bridge between the public network, and the private host network.Proxy initiates connection to VNC server, and continues proxying until the session ends.
The proxy also performs the required function of tunneling the VNC protocol over Websockets so that the noVNC client has a way to talk VNC. Note that in general, the VNC proxy performs multiple functions:
