The ungleich VNC console » History » Version 1
Jin-Guk Kwon, 01/30/2020 06:46 PM
| 1 | 1 | Jin-Guk Kwon | h1. The ungleich VNC console |
|---|---|---|---|
| 2 | |||
| 3 | h2. 1. System Architecture |
||
| 4 | |||
| 5 | !archi.png! |
||
| 6 | |||
| 7 | h2. 2. set guacamole server |
||
| 8 | |||
| 9 | - run cdist |
||
| 10 | |||
| 11 | <pre> |
||
| 12 | cd ~/.cdist; git pull; cdist config -bj7 -p9 -vv desktop.ungleich.ch |
||
| 13 | </pre> |
||
| 14 | |||
| 15 | - in manifest |
||
| 16 | |||
| 17 | <pre> |
||
| 18 | …… |
||
| 19 | desktop.ungleich.ch) |
||
| 20 | __guacamole_centos --ldap-hostname 'ldap1.ungleich.ch' \ |
||
| 21 | --ldap-port '636' \ |
||
| 22 | --ldap-encryption-method 'ssl' \ |
||
| 23 | --ldap-user-base-dn 'ou=users,dc=ungleich,dc=ch' \ |
||
| 24 | --ldap-search-bind-password ‘refer to pass' \ |
||
| 25 | --ldap-search-bind-dn 'cn=manager,dc=ungleich,dc=ch' \ |
||
| 26 | --ldap-username-attribute 'uid' \ |
||
| 27 | --postgresql-hostname 'localhost' \ |
||
| 28 | --postgresql-username 'guacamole' \ |
||
| 29 | --postgresql-database 'guacamole' \ |
||
| 30 | --postgresql-port '5432' \ |
||
| 31 | --postgresql-password 'guacamole' \ |
||
| 32 | --TOTP \ |
||
| 33 | --guacd-db 'postgresql' |
||
| 34 | </pre> |
||
| 35 | |||
| 36 | h2. 3. create connection |
||
| 37 | |||
| 38 | !g_con.png! |
||
| 39 | |||
| 40 | *- set postgresql client on opennebul server* |
||
| 41 | |||
| 42 | h3. 1) install postgresql on opennebual server |
||
| 43 | |||
| 44 | <pre> |
||
| 45 | apt install postgresql-client |
||
| 46 | </pre> |
||
| 47 | |||
| 48 | h3. 2) config postgresql for accessing from external |
||
| 49 | |||
| 50 | vi /var/lib/pgsql/data/postgresql.conf on guacamole server(desktop) |
||
| 51 | |||
| 52 | <pre> |
||
| 53 | listen_addresses = '*' |
||
| 54 | </pre> |
||
| 55 | |||
| 56 | vi /var/lib/pgsql/data/pg_hba.conf on guacamole server(desktop) |
||
| 57 | |||
| 58 | <pre> |
||
| 59 | host all all opennbula server address trust |
||
| 60 | </pre> |
||
| 61 | |||
| 62 | restart postgresql |
||
| 63 | <pre> |
||
| 64 | systemctl restart postgresql |
||
| 65 | </pre> |
||
| 66 | |||
| 67 | *- set vnc connection automatically on opennebula server* |
||
| 68 | |||
| 69 | h3. 1) create script |
||
| 70 | |||
| 71 | vm_list_dual_uid : create VM list file(uid, email, VM Number, host, VNC port) (https://code.ungleich.ch/ungleich-public/ungleich-tools/blob/master/vm_list_dual_uid) |
||
| 72 | --> get VM info (uid, email, host, port) from ldap and opennebula , it takes about 5~6 minustes now. |
||
| 73 | --> there are only ldap's accounts made by dashboard |
||
| 74 | |||
| 75 | create-guacamole-session-ldap-db : create VNC connection on desktop (https://code.ungleich.ch/ungleich-public/ungleich-tools/blob/master/create-guacamole-session-ldap-DB) |
||
| 76 | --> there is no function of removing user.(The ldap's account remains even if the customer is deleted from the dashboard.) |
||
| 77 | --> It takes about 1~2 minutes. |
||
| 78 | |||
| 79 | h3. 2) create crontab |
||
| 80 | |||
| 81 | every hour <-- it need some time to run script |
||
| 82 | |||
| 83 | <pre> |
||
| 84 | crontab -e |
||
| 85 | </pre> |
||
| 86 | |||
| 87 | <pre> |
||
| 88 | 15 0,2,4,6,8,10,12,14,16,18,20,22 * * * ./vm_list_dual_uid #create vm_list |
||
| 89 | 45 0,2,4,6,8,10,12,14,16,18,20,22 * * * ./create-guacamole-session-ldap-db vm_vnc_list #create vm_list |
||
| 90 | </pre> |