Kasm template / module
Hi I was trying to the kasm module and desktop enterprise container within envbox template.
I can get the kasmvnc screen to come up but it always says cannot connect to server.
Also I am trying to do this with subdomain = false
Solution:Jump to solution
I updated the host machine to Ubuntu 24.04. When I do this, kasmVNC works as expected without the
security_opts
option.15 Replies
<#1303027009617920010>
Category
Help needed
Product
Coder OSS (v2)
Platform
Linux
Logs
Please post any relevant logs/error messages.
Also I am running in azure aks
hey @Spiked_Grape, could you send a screenshot of the issue?
There is just a red banner at the top of kasm that says failed to connect to server.
What should the settings in kasm be under websocket drop down?
Hi @Spiked_Grape ,
we are facing the same issue when we try to open the KASM connection. We are behind WAP + WAF Kombi so access is protected. But if I use VPN then everything works as excepted. While KASM over WAP + WAF is currently not working we switched to novnc as an alternative solution. I could remember that with a lower version of KASM this was working once a time. Maybe give a try to downgrade KASM.
I said TUN and FUSE to true on envbox. Could that be a problem?
* I set
I don't think so, the issue is likely coming from the fact that you're using subdomain = false
is there no way for you to switch to subdomains?
We have coder enterprise licenses but our environment's cybersecurity team won't let us use wildcards.
I can get to the kasmvnc ui on the path based like /apps/kasm or whatever but kasm isn't connected to the xfce desktop part
We are following the enterprise desktop image and the kasm module etc. I say following because we just ripped out portions of the module due to airgapped environment.
However, I am thinking that maybe for values need to added to this than are in the module
https://www.kasmweb.com/kasmvnc/docs/latest/configuration.html
I see, path-based proxying is insecure due to the fact you can access the cookies from the Coder instance and other
coder_app
s inside any web-based coder_app
, maybe let them know
yes, for noVNC a workaround is needed to make path-based proxying work, I assume KasmVNC has the same issue given it's a fork
let me find it
https://github.com/uwu/basic-env/blob/59d7e8d9b0328ffa59654eb8de79f200a930fcd6/main.tf#L247-L257
try visiting the KasmVNC app and append ?path=<KasmVNC app path>/websockify
Just an FYI, I was having the same issue where everytime I loaded the kasmVNC window, it would show the "Cound not connect to server" error. I had also modififed subdomain to be "false". I do have the option of enabling subdomains, so I did so. kasmVNC now can connect to the VNC server it seems, but the window is entirely black. The only thing I can see is the kasmVNC controls on the left. I'm guessing this is an issue with xfce4, but I'm not sure what.
Hi @BigCheeZ what is your base image? It could be an issue with the DE installed.
HI @Atif , thanks for the reply. I started off with the 'base' and 'desktop' images from here: https://github.com/coder/images/tree/main/images. I did modify the base image by removing the docker packages. I then use the desktop image as the base for my team's development image. This image's dockerfile installs tools needed by the team. This image has been used previously with xfce and noVNC based on a deprecated image from the repo above. That image has been working fine, but I wanted to test out moving to kasmVNC for moving forward.
In the VNC log file I can see these warnings/messages when the vncserver is started.
The server I am running this on does not have a GPU. I wonder if this is causing the issue.
I've got it working now. I think the issue is that the host system I am using is still on Ubuntu 20.04 and there may be a kernel mismatch. As a temporary workaround, I added
security_opts = [ "seccomp:unconfined" ]
to my docker_container resource in TF and now it works. It seems I need to look into upgrading the base OS soon.Solution
I updated the host machine to Ubuntu 24.04. When I do this, kasmVNC works as expected without the
security_opts
option.This is great to know
@Phorcys closed the thread.