Ask Your Question

Why anybody can access vnc (spice) console on my compute nodes?

asked 2013-12-04 07:55:15 -0500

updated 2013-12-27 14:33:10 -0500

smaffulli gravatar image

Executing vncviewer compute-node:5906 gives me vm console is it normal? How to avoid this?

edit retag flag offensive close merge delete


good one. Do we need vnc on compute node ? It is our choice right ? I have many compute nodes and there is no vnc on those computes. So there is no way to access them using vnc. Hope I'm not missing something from your question.

dheeru gravatar imagedheeru ( 2013-12-04 08:33:21 -0500 )edit

2 answers

Sort by ยป oldest newest most voted

answered 2013-12-04 08:44:47 -0500

I think i've found answer. vm's should only listen localhost

PROXYSERVER (public_ip=, management_ip=
COMPUTESERVER (management_ip=

Your nova-compute configuration file must set the following values:

These flags help construct a connection data structure


This is the address where the underlying vncserver (not the proxy) will listen for connections.

edit flag offensive delete link more

answered 2013-12-04 08:39:10 -0500

updated 2013-12-04 08:48:08 -0500

Vnc is a libvirt option so it is present on all compute nodes

virsh dumpxml instance-0000000001

 graphics type='vnc' port='5900' autoport='yes' listen='' keymap='en-us'>
      listen type='address' address=''/>

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2013-12-04 07:55:15 -0500

Seen: 336 times

Last updated: Dec 27 '13