noVNC Failed to connect to server & Shell doesn't connect

Greetings,

Having some issues getting my virtual desktop or shell working after grabbing a node. Tried some of the solutions already posted but no go. Seems the websocket connection isn’t reaching the node in either case so not sure where to configure to allow the traffic (if that’s the issue).

Here’s from the virtual desktop

Here’s from the shell:

Any help is appreciated, thanks.

Are you using a proxy or something in the middle? Seems like something in the middle doesn’t like that you’ve changed scheme from https to wss.

This node pretty much just for ondemand so everthing in place now is just the ood install. I may have misconfigured something. Where can i check where i changed the protocol?

When i check the connection.yml file i see that it properly sets up the node name and the port number with the passwords to get in, but if i check the ood node for traffic, i don’t actually see any traffic leaving the node to the compute. I can see allocated compute is listening on the correct port and i can telnet to it.

Something is blocking websocket requests as you indicate.

It’s either a plugin in your browser or an intermediary in your network like a proxy or a firewall.

Well i found that my issue was a typo. For the setting rnode i had ‘rnode’ instead of ‘/rnode’

Now i have:

node_uri: '/node'

rnode_uri: '/rnode'

And the virtual desktop works. The shell app to the node still gives a websocket error. Is there an option i’m missing to allow it connect to the shell app like with the virtual desktop?

Looking at the shell button issue i got the same error as this post SSH to node from "My Interactive Sessions" screen (clicking blue [>_nodename.cluster] button) not working - #12 by novosirj

Screen Shot 2021-12-07 at 8.08.34 PM

In my /etc/ood/config/apps/shell/env I have the hostname of the webhost frontend they connect to. Still getting the error. Is this correct or something i’m missing?

OOD_SSHHOST_ALLOWLIST="portal.arc.utsa.edu"

Nope, you need to specify any of the same hosts that a desktop session could end up on, eg. your compute nodes. It’s the hosts that you’re allowed to SSH to, not the hosts they’ll allow SSH from. There’s an example from OSC there in that same thread with lots of wildcards, etc. in it. Basically, the hostname inside the blue button needs to appear in OOD_SSHHOST_ALLOWLIST= for any possibly hostname that you want SSH to work for, the OOD host needs to know how to resolve that name, and SSH has to work to that node as the logged in user without a password, IIRC.

A personal wishlist item of mine is for it to be able to pull from host_regex from /etc/ood/config/ood_portal.yml, at least if directed/so as not to need to maintain two different lists.

hmm ok, we have compute, big mem and gpu nodes so i did the regex in /etc/ood/config/apps/shell/env like this:

OOD_SSHHOST_ALLOWLIST="c[0-9][0-9][0-9][0-9]:b[0-9][0-9][0-9][0-9]:gpu[0-9][0-9][0-9][0-9]"

Still getting the same thing. Does the host_regex in ood_portal.yml have to match? I left the match all ‘[^/]+’ in that one.

Edit: Nevermind, i fat fingered it and added an extra digit to the glob. We have three digits on our nodes not four. Changed it to this and all good. Thanks!

OOD_SSHHOST_ALLOWLIST="c[0-9][0-9][0-9]:b[0-9][0-9][0-9]:gpu[0-9][0-9][0-9]"
1 Like