Encrypted data transfer for noVNC

Available since MOSK 23.1

Parameter

features:nova:console:novnc:tls:enabled

Usage

The noVNC client provides remote control or remote desktop access to guest virtual machines through the Virtual Network Computing (VNC) system. The MOSK Compute service users can access their instances using the noVNC clients through the noVNC proxy server. MOSK uses TLS to secure public-facing VNC access on networks between a noVNC client and noVNC proxy server.

The features:nova:console:novnc:tls:enabled ensures that the data transferred between the instance and the noVNC proxy server is encrypted. Both servers use the VeNCrypt authentication scheme for the data encryption.

To enable the encrypted data transfer for noVNC, use the following structure in the OpenStackDeployment custom resource:

kind: OpenStackDeployment
spec:
  features:
    nova:
      console:
        novnc:
          tls:
            enabled: true