The ungleich VM console » History » Version 2
Jin-Guk Kwon, 02/02/2020 03:06 PM
| 1 | 1 | Jin-Guk Kwon | h1. The ungleich VM console |
|---|---|---|---|
| 2 | |||
| 3 | {{toc}} |
||
| 4 | |||
| 5 | h2. 1. System Architecture |
||
| 6 | |||
| 7 | This service supports accessing console of your VM through guacamole service. |
||
| 8 | And To log-in VM console web needs datacenterlight.ch account. User's accounts are syncronized with LDAP. |
||
| 9 | |||
| 10 | !archi.png! |
||
| 11 | |||
| 12 | h2. 2. Set guacamole server |
||
| 13 | |||
| 14 | - run cdist |
||
| 15 | |||
| 16 | <pre> |
||
| 17 | cd ~/.cdist; git pull; cdist config -bj7 -p9 -vv desktop.ungleich.ch |
||
| 18 | </pre> |
||
| 19 | |||
| 20 | - in manifest |
||
| 21 | |||
| 22 | <pre> |
||
| 23 | …… |
||
| 24 | desktop.ungleich.ch) |
||
| 25 | __guacamole_centos --ldap-hostname 'ldap server url' \ |
||
| 26 | --ldap-port '636' \ |
||
| 27 | --ldap-encryption-method 'ssl' \ |
||
| 28 | --ldap-user-base-dn 'ou=XXX,dc=ungleich,dc=ch' \ |
||
| 29 | --ldap-search-bind-password ‘refer to pass' \ |
||
| 30 | --ldap-search-bind-dn 'cn=XXXXX,dc=ungleich,dc=ch' \ |
||
| 31 | --ldap-username-attribute 'uid' \ |
||
| 32 | --postgresql-hostname 'localhost' \ |
||
| 33 | --postgresql-username 'USER name' \ |
||
| 34 | --postgresql-database 'DB-name' \ |
||
| 35 | --postgresql-port 'XXXX' \ |
||
| 36 | --postgresql-password 'password' \ |
||
| 37 | --TOTP \ |
||
| 38 | --guacd-db 'postgresql' |
||
| 39 | </pre> |
||
| 40 | |||
| 41 | h2. 3. Create VNC connection for VM |
||
| 42 | |||
| 43 | !g_con.png! |
||
| 44 | |||
| 45 | h3. 1) install postgresql on opennebual server |
||
| 46 | |||
| 47 | <pre> |
||
| 48 | apt install postgresql-client |
||
| 49 | </pre> |
||
| 50 | |||
| 51 | h3. 2) config postgresql for accessing from external host(%{color:blue}This is excuted by cdist%) |
||
| 52 | |||
| 53 | - vi /var/lib/pgsql/data/postgresql.conf on guacamole server(desktop) |
||
| 54 | |||
| 55 | <pre> |
||
| 56 | listen_addresses = '*' |
||
| 57 | </pre> |
||
| 58 | |||
| 59 | - vi /var/lib/pgsql/data/pg_hba.conf on guacamole server(desktop) |
||
| 60 | |||
| 61 | <pre> |
||
| 62 | host all all opennbula server address trust |
||
| 63 | </pre> |
||
| 64 | |||
| 65 | - Restart postgresql |
||
| 66 | |||
| 67 | <pre> |
||
| 68 | systemctl restart postgresql |
||
| 69 | </pre> |
||
| 70 | |||
| 71 | h3. 3) set vnc connection automatically on opennebula server |
||
| 72 | |||
| 73 | h4. (1) vnc connection script |
||
| 74 | |||
| 75 | - vm_list_dual_uid : create VM list file(uid, email, VM Number, host, VNC port) (https://code.ungleich.ch/ungleich-public/ungleich-tools/blob/master/vm_list_dual_uid) |
||
| 76 | |||
| 77 | - create-guacamole-session-ldap-db : create VNC connection on desktop (https://code.ungleich.ch/ungleich-public/ungleich-tools/blob/master/create-guacamole-session-ldap-DB) |
||
| 78 | |||
| 79 | h4. (2) create crontab |
||
| 80 | |||
| 81 | <pre> |
||
| 82 | crontab -e |
||
| 83 | </pre> |
||
| 84 | |||
| 85 | <pre> |
||
| 86 | 15 0,2,4,6,8,10,12,14,16,18,20,22 * * * ./vm_list_dual_uid #create vm_list |
||
| 87 | 45 0,2,4,6,8,10,12,14,16,18,20,22 * * * ./create-guacamole-session-ldap-db vm_vnc_list #create vm_list |
||
| 88 | </pre> |
||
| 89 | |||
| 90 | h2. 4. Monitoring VNC console |
||
| 91 | |||
| 92 | - We are monitoring VNC console with prometheus. |
||
| 93 | - run cdist __dcl_monitoring_server(update prometheus.yml) |
||
| 94 | |||
| 95 | 2 | Jin-Guk Kwon | h2. %{color:blue}※User VM information is synchronized with the VM console every hour. If you create VM right now, you can access VM console after one hour.(vnc connection script takes about 7~8 minutes.)% |