[ovirt-users] Ovirt Engine WAN security

Alon Bar-Lev alonbl at redhat.com
Fri Dec 19 08:38:54 UTC 2014


Hello,

Ovirt engine->vdsm communication cannot be exposed to the public Internet.
vdsm was not designed to be opened to the public.
You should use VPN between the engine and hosts, and add firewall to allow http/https access to engine.
Using novnc and websocket proxy will enable you to reroute the display communication via the engine as well.

Regards,
Alon

----- Original Message -----
> From: "Donny Davis" <donny at cloudspin.me>
> To: users at ovirt.org
> Sent: Friday, December 19, 2014 12:25:45 AM
> Subject: [ovirt-users] Ovirt Engine WAN security
> 
> 
> 
> I would like to inquire if anyone is using the ovirt engine to control remote
> datacenters, and if so.. How are you securing it. I realize you cannot
> devulge trade secrets or your actual setup.. Just general info, like we are
> using vpn, or SSH..
> 
> 
> 
> Thanks for any info anybody can provide.
> 
> Donny D
> 
> _______________________________________________
> Users mailing list
> Users at ovirt.org
> http://lists.ovirt.org/mailman/listinfo/users
> 



More information about the Users mailing list