The ungleich VM console » History » Version 6
Jin-Guk Kwon, 03/03/2020 09:47 AM
| 1 | 1 | Jin-Guk Kwon | h1. The ungleich VM console |
|---|---|---|---|
| 2 | |||
| 3 | {{toc}} |
||
| 4 | |||
| 5 | h2. 1. System Architecture |
||
| 6 | |||
| 7 | This service supports accessing console of your VM through guacamole service. |
||
| 8 | And To log-in VM console web needs datacenterlight.ch account. User's accounts are syncronized with LDAP. |
||
| 9 | |||
| 10 | 5 | Jin-Guk Kwon | !vnc_arch.png! |
| 11 | 1 | Jin-Guk Kwon | |
| 12 | h2. 2. Set guacamole server |
||
| 13 | |||
| 14 | - run cdist |
||
| 15 | |||
| 16 | <pre> |
||
| 17 | cd ~/.cdist; git pull; cdist config -bj7 -p9 -vv desktop.ungleich.ch |
||
| 18 | </pre> |
||
| 19 | |||
| 20 | 3 | Jin-Guk Kwon | - in manifest for centos |
| 21 | 1 | Jin-Guk Kwon | |
| 22 | <pre> |
||
| 23 | …… |
||
| 24 | desktop.ungleich.ch) |
||
| 25 | __guacamole_centos --ldap-hostname 'ldap server url' \ |
||
| 26 | 3 | Jin-Guk Kwon | --ldap-port '636' \ |
| 27 | --ldap-encryption-method 'ssl' \ |
||
| 28 | --ldap-user-base-dn 'ou=XXX,dc=ungleich,dc=ch' \ |
||
| 29 | --ldap-search-bind-password ‘refer to pass' \ |
||
| 30 | --ldap-search-bind-dn 'cn=XXXXX,dc=ungleich,dc=ch' \ |
||
| 31 | --ldap-username-attribute 'uid' \ |
||
| 32 | --postgresql-hostname 'localhost' \ |
||
| 33 | --postgresql-username 'USER name' \ |
||
| 34 | --postgresql-database 'DB-name' \ |
||
| 35 | --postgresql-port 'XXXX' \ |
||
| 36 | --postgresql-password 'password' \ |
||
| 37 | --TOTP \ |
||
| 38 | --guacd-db 'postgresql' |
||
| 39 | </pre> |
||
| 40 | |||
| 41 | - in manifest for alpine (only support postgresql) |
||
| 42 | |||
| 43 | <pre> |
||
| 44 | …… |
||
| 45 | desktop.ungleich.ch) |
||
| 46 | _ungleich_vnc_console --ldap-hostname 'ldap server url' \ |
||
| 47 | 1 | Jin-Guk Kwon | --ldap-port '636' \ |
| 48 | --ldap-encryption-method 'ssl' \ |
||
| 49 | --ldap-user-base-dn 'ou=XXX,dc=ungleich,dc=ch' \ |
||
| 50 | --ldap-search-bind-password ‘refer to pass' \ |
||
| 51 | --ldap-search-bind-dn 'cn=XXXXX,dc=ungleich,dc=ch' \ |
||
| 52 | --ldap-username-attribute 'uid' \ |
||
| 53 | --postgresql-hostname 'localhost' \ |
||
| 54 | --postgresql-username 'USER name' \ |
||
| 55 | --postgresql-database 'DB-name' \ |
||
| 56 | --postgresql-port 'XXXX' \ |
||
| 57 | --postgresql-password 'password' \ |
||
| 58 | --TOTP \ |
||
| 59 | 6 | Jin-Guk Kwon | --opn-hostname 'opennebula host-server name' \ |
| 60 | --opn-key 'opennebula access key' \ |
||
| 61 | 1 | Jin-Guk Kwon | --guacd-db 'postgresql' |
| 62 | </pre> |
||
| 63 | |||
| 64 | h2. 3. Create VNC connection for VM |
||
| 65 | |||
| 66 | 4 | Jin-Guk Kwon | !cre_conn.png! |
| 67 | 1 | Jin-Guk Kwon | |
| 68 | 4 | Jin-Guk Kwon | h3. 1) git clone ungleich-tool(vnc_console_connection, it has cloned by __ungleich_vnc_console cdist) |
| 69 | 1 | Jin-Guk Kwon | |
| 70 | 4 | Jin-Guk Kwon | h3. 2) set vnc connection automatically on vnc_console server |
| 71 | 1 | Jin-Guk Kwon | |
| 72 | 4 | Jin-Guk Kwon | h4. (1) vnc connection python |
| 73 | 1 | Jin-Guk Kwon | |
| 74 | 4 | Jin-Guk Kwon | - ldap_list.py : get user list from ldap server |
| 75 | - db_export.py : update postgresql database with vnc connection info |
||
| 76 | - get_info.py : create vnc_connecion info |
||
| 77 | - config.py : config parameter |
||
| 78 | 1 | Jin-Guk Kwon | |
| 79 | h4. (2) create crontab |
||
| 80 | |||
| 81 | <pre> |
||
| 82 | crontab -e |
||
| 83 | </pre> |
||
| 84 | |||
| 85 | <pre> |
||
| 86 | 4 | Jin-Guk Kwon | */5 * * * * python3 /opt/ungleich-tools/vnc_console_connection/get_info.py # __cron/console_connection |
| 87 | 1 | Jin-Guk Kwon | </pre> |
| 88 | |||
| 89 | h2. 4. Monitoring VNC console |
||
| 90 | |||
| 91 | - We are monitoring VNC console with prometheus. |
||
| 92 | - run cdist __dcl_monitoring_server(update prometheus.yml) |
||
| 93 | |||
| 94 | 4 | Jin-Guk Kwon | h2. %{color:blue}※User VM information is synchronized with the VM console every 5 minute. If you create VM right now, you can access VM console after 5 minutes.(vnc connection script takes about in 15 seconds.)% |