The ungleich VM console » History » Version 5
Jin-Guk Kwon, 03/03/2020 09:43 AM
1 | 1 | Jin-Guk Kwon | h1. The ungleich VM console |
---|---|---|---|
2 | |||
3 | {{toc}} |
||
4 | |||
5 | h2. 1. System Architecture |
||
6 | |||
7 | This service supports accessing console of your VM through guacamole service. |
||
8 | And To log-in VM console web needs datacenterlight.ch account. User's accounts are syncronized with LDAP. |
||
9 | |||
10 | 5 | Jin-Guk Kwon | !vnc_arch.png! |
11 | 1 | Jin-Guk Kwon | |
12 | h2. 2. Set guacamole server |
||
13 | |||
14 | - run cdist |
||
15 | |||
16 | <pre> |
||
17 | cd ~/.cdist; git pull; cdist config -bj7 -p9 -vv desktop.ungleich.ch |
||
18 | </pre> |
||
19 | |||
20 | 3 | Jin-Guk Kwon | - in manifest for centos |
21 | 1 | Jin-Guk Kwon | |
22 | <pre> |
||
23 | …… |
||
24 | desktop.ungleich.ch) |
||
25 | __guacamole_centos --ldap-hostname 'ldap server url' \ |
||
26 | 3 | Jin-Guk Kwon | --ldap-port '636' \ |
27 | --ldap-encryption-method 'ssl' \ |
||
28 | --ldap-user-base-dn 'ou=XXX,dc=ungleich,dc=ch' \ |
||
29 | --ldap-search-bind-password ‘refer to pass' \ |
||
30 | --ldap-search-bind-dn 'cn=XXXXX,dc=ungleich,dc=ch' \ |
||
31 | --ldap-username-attribute 'uid' \ |
||
32 | --postgresql-hostname 'localhost' \ |
||
33 | --postgresql-username 'USER name' \ |
||
34 | --postgresql-database 'DB-name' \ |
||
35 | --postgresql-port 'XXXX' \ |
||
36 | --postgresql-password 'password' \ |
||
37 | --TOTP \ |
||
38 | --guacd-db 'postgresql' |
||
39 | </pre> |
||
40 | |||
41 | - in manifest for alpine (only support postgresql) |
||
42 | |||
43 | <pre> |
||
44 | …… |
||
45 | desktop.ungleich.ch) |
||
46 | _ungleich_vnc_console --ldap-hostname 'ldap server url' \ |
||
47 | 1 | Jin-Guk Kwon | --ldap-port '636' \ |
48 | --ldap-encryption-method 'ssl' \ |
||
49 | --ldap-user-base-dn 'ou=XXX,dc=ungleich,dc=ch' \ |
||
50 | --ldap-search-bind-password ‘refer to pass' \ |
||
51 | --ldap-search-bind-dn 'cn=XXXXX,dc=ungleich,dc=ch' \ |
||
52 | --ldap-username-attribute 'uid' \ |
||
53 | --postgresql-hostname 'localhost' \ |
||
54 | --postgresql-username 'USER name' \ |
||
55 | --postgresql-database 'DB-name' \ |
||
56 | --postgresql-port 'XXXX' \ |
||
57 | --postgresql-password 'password' \ |
||
58 | --TOTP \ |
||
59 | --guacd-db 'postgresql' |
||
60 | </pre> |
||
61 | |||
62 | h2. 3. Create VNC connection for VM |
||
63 | |||
64 | 4 | Jin-Guk Kwon | !cre_conn.png! |
65 | 1 | Jin-Guk Kwon | |
66 | 4 | Jin-Guk Kwon | h3. 1) git clone ungleich-tool(vnc_console_connection, it has cloned by __ungleich_vnc_console cdist) |
67 | 1 | Jin-Guk Kwon | |
68 | 4 | Jin-Guk Kwon | h3. 2) set vnc connection automatically on vnc_console server |
69 | 1 | Jin-Guk Kwon | |
70 | 4 | Jin-Guk Kwon | h4. (1) vnc connection python |
71 | 1 | Jin-Guk Kwon | |
72 | 4 | Jin-Guk Kwon | - ldap_list.py : get user list from ldap server |
73 | - db_export.py : update postgresql database with vnc connection info |
||
74 | - get_info.py : create vnc_connecion info |
||
75 | - config.py : config parameter |
||
76 | 1 | Jin-Guk Kwon | |
77 | h4. (2) create crontab |
||
78 | |||
79 | <pre> |
||
80 | crontab -e |
||
81 | </pre> |
||
82 | |||
83 | <pre> |
||
84 | 4 | Jin-Guk Kwon | */5 * * * * python3 /opt/ungleich-tools/vnc_console_connection/get_info.py # __cron/console_connection |
85 | 1 | Jin-Guk Kwon | </pre> |
86 | |||
87 | h2. 4. Monitoring VNC console |
||
88 | |||
89 | - We are monitoring VNC console with prometheus. |
||
90 | - run cdist __dcl_monitoring_server(update prometheus.yml) |
||
91 | |||
92 | 4 | Jin-Guk Kwon | h2. %{color:blue}※User VM information is synchronized with the VM console every 5 minute. If you create VM right now, you can access VM console after 5 minutes.(vnc connection script takes about in 15 seconds.)% |