Openstack accessing instance through console use public domain instead of ip address

OpenStack LogoBy default, we can access the Openstack instance use VNC client or console on dashboard through IP address. In this case, my OpenStack was installed behind DMZ using private IP address and the problem appear when I clicked “click here to show only console”.The problem was caused by nova.conf that use IP management ( which is not reachable from outside (internet). Here is my network topology for OpenStack single node, anyway I use this configuration to prepare for multinode installation.

OpenStack Topology

In my scenario, I need to configure destination nat on ASA firewall like this:

object network external-ostack-dashboard
object network dashboard-openstack
nat (dmz,outside) static external-ostack-dashboard service tcp www www
nat (dmz,outside) static external-ostack-dashboard service tcp 6080 6080 

Oh, I forget to mention that I want to use to access OpenStack dashboard and console from the internet, so I need to add on /etc/hosts, please see below:

# cat /etc/hosts localhost localhost.localdomain
::1 localhost localhost.localdomain localhost6

After all, I run the packstack to install OpenStack services and I assume there is no problem. Then finally I need to change VNC configuration on nova.conf like this:

[[email protected] ~(keystone_admin)]#vi /etc/nova/nova.conf
#default novncproxy_base_url=
#default vncserver_proxyclient_address=

Then restart nova compute service use the following command:

[[email protected] ~(keystone_admin)]# systemctl restart openstack-nova-compute.service

And now I’m able to access the instance through vnc client and full screen mode from dashboard use public domain (


Leave a Reply

Your email address will not be published. Required fields are marked *