Re: [rdo-list] gui port
That works. But not seeing the dashboard . Getting "resource not found". I
am using osp 8.
-Paras.
On Tue, May 17, 2016 at 1:52 PM, Dan Sneddon <dsneddon(a)redhat.com> wrote:
On 05/16/2016 11:13 AM, Paras pradhan wrote:
> How do we access the undercloud dashboard?
>
>
> _______________________________________________
> rdo-list mailing list
> rdo-list(a)redhat.com
> https://www.redhat.com/mailman/listinfo/rdo-list
>
> To unsubscribe: rdo-list-unsubscribe(a)redhat.com
>
The undercloud dashboard listens on port 8080 on the control plane
interface (br-ctlplane). This IP may not be reachable remotely,
especially if the default route on the Undercloud is a different
interface, or if the Undercloud is actually a VM running in a virt-host.
In those cases, I usually set up local port forwarding via SSH. This
allows me to access the Horizon dashboard, and provides encryption so
the username/password doesn't traverse the wire in cleartext (when not
running SSL on the Undercloud).
ssh -L 9000:<br-ctlplane_ip>:8080 stack@undercloud_external_ip
Then you can connect to http://localhost:9000/ to access the dashboard.
You can even nest these if you are using a virtualized Undercloud:
>From virt-host:
ssh -L 9500:<br-ctlplane_ip>:8080 stack@undercloud_external_ip
>From your workstation:
ssh -L 9000:localhost:9500 stack@virt-host
Then when you connect to port 9000 locally it gets forwarded to port
9050 on the virt-host, which is a tunnel to port 8080 on the Undercloud VM.
You can add "-nNT" before the -L in the ssh commands if you just want
to create the tunnel without connecting to a remote shell when you
issue the ssh command.
The other (potentially less secure) option is to reconfigure Apache on
the Undercloud to listen on all interfaces, and then connect directly
to the IP on the Undercloud interface with the default route. A similar
option is to disable reverse path filtering [1], and then connect
directly to the br-ctlplane interface. This will only work if the
Undercloud is directly reachable (usually not possible if using a VM
undercloud). These methods should only be used in production when SSL
is enabled, because the passwords shouldn't be sent in the clear.
[1] - https://access.redhat.com/solutions/53031
--
Dan Sneddon | Principal OpenStack Engineer
dsneddon(a)redhat.com | redhat.com/openstack
650.254.4025 | dsneddon:irc @dxs:twitter
_______________________________________________
rdo-list mailing list
rdo-list(a)redhat.com
https://www.redhat.com/mailman/listinfo/rdo-list
To unsubscribe: rdo-list-unsubscribe(a)redhat.com
Attachments:
- attachment.html (text/html — 4.0 KB)