The ungleich VM console » History » Revision 2
Revision 1 (Jin-Guk Kwon, 02/02/2020 03:05 PM) → Revision 2/6 (Jin-Guk Kwon, 02/02/2020 03:06 PM)
h1. The ungleich VM console
{{toc}}
h2. 1. System Architecture
This service supports accessing console of your VM through guacamole service.
And To log-in VM console web needs datacenterlight.ch account. User's accounts are syncronized with LDAP.
!archi.png!
h2. 2. Set guacamole server
- run cdist
<pre>
cd ~/.cdist; git pull; cdist config -bj7 -p9 -vv desktop.ungleich.ch
</pre>
- in manifest
<pre>
……
desktop.ungleich.ch)
__guacamole_centos --ldap-hostname 'ldap server url' \
--ldap-port '636' \
--ldap-encryption-method 'ssl' \
--ldap-user-base-dn 'ou=XXX,dc=ungleich,dc=ch' \
--ldap-search-bind-password ‘refer to pass' \
--ldap-search-bind-dn 'cn=XXXXX,dc=ungleich,dc=ch' \
--ldap-username-attribute 'uid' \
--postgresql-hostname 'localhost' \
--postgresql-username 'USER name' \
--postgresql-database 'DB-name' \
--postgresql-port 'XXXX' \
--postgresql-password 'password' \
--TOTP \
--guacd-db 'postgresql'
</pre>
h2. 3. Create VNC connection for VM
!g_con.png!
h3. 1) install postgresql on opennebual server
<pre>
apt install postgresql-client
</pre>
h3. 2) config postgresql for accessing from external host(%{color:blue}This is excuted by cdist%)
- vi /var/lib/pgsql/data/postgresql.conf on guacamole server(desktop)
<pre>
listen_addresses = '*'
</pre>
- vi /var/lib/pgsql/data/pg_hba.conf on guacamole server(desktop)
<pre>
host all all opennbula server address trust
</pre>
- Restart postgresql
<pre>
systemctl restart postgresql
</pre>
h3. 3) set vnc connection automatically on opennebula server
h4. (1) vnc connection script
- vm_list_dual_uid : create VM list file(uid, email, VM Number, host, VNC port) (https://code.ungleich.ch/ungleich-public/ungleich-tools/blob/master/vm_list_dual_uid)
- create-guacamole-session-ldap-db : create VNC connection on desktop (https://code.ungleich.ch/ungleich-public/ungleich-tools/blob/master/create-guacamole-session-ldap-DB)
h4. (2) create crontab
<pre>
crontab -e
</pre>
<pre>
15 0,2,4,6,8,10,12,14,16,18,20,22 * * * ./vm_list_dual_uid #create vm_list
45 0,2,4,6,8,10,12,14,16,18,20,22 * * * ./create-guacamole-session-ldap-db vm_vnc_list #create vm_list
</pre>
h2. 4. Monitoring VNC console
- We are monitoring VNC console with prometheus.
- run cdist __dcl_monitoring_server(update prometheus.yml)
h2. %{color:blue}※User VM information is synchronized with the VM VNC console every hour. If you create VM right now, you can access VM VNC console after one hour.(vnc connection script takes about 7~8 minutes.)%