I am on CD 10.3 and have setup the CD for public/internet access (behind firewall and LB)
In the documentations is mentioned that the port that needs to be open for WEB UI is only incoming connections - 443 HTTPS
But i don't see anywhere regarding the console proxy port 8443. I haven't open this port yet and the ability to view vm console isn't working.
Does this port also needs to be open only for incoming connections ? or in + out ?
Or am i missing something ?
If there is a requirement for console access from the public network, in that case, we need to have a DNAT rule
Isn't it standard to provide the ability to use the VM console feature, so that tenants can see the console view of their VM ?
I find it weird that regarding this there is not much info given in the documentation.
It depends upon what is the correct requirement for Tenants and who is managing the platform. Keep in mind that if there is no IP connection to reach VMs due to whatever reason and the console is also blocked, the tenant will always end up reaching out to the provider.