The ungleich VNC console » History » Revision 10
Revision 9 (Jin-Guk Kwon, 01/31/2020 01:51 PM) → Revision 10/13 (Jin-Guk Kwon, 01/31/2020 01:52 PM)
h1. The ungleich VNC console
{{toc}}
h2. 1. System Architecture
This service supports accessing console of your VM through guacamole service.
And To log-in VNC console web needs datacenterlight.ch account. User's accounts are syncronized with LDAP.
!archi.png!
h2. 2. Set guacamole server
- run cdist
<pre>
cd ~/.cdist; git pull; cdist config -bj7 -p9 -vv desktop.ungleich.ch
</pre>
- in manifest
<pre>
……
desktop.ungleich.ch)
__guacamole_centos --ldap-hostname 'ldap server url' \
--ldap-port '636' \
--ldap-encryption-method 'ssl' \
--ldap-user-base-dn 'ou=XXX,dc=ungleich,dc=ch' \
--ldap-search-bind-password ‘refer to pass' \
--ldap-search-bind-dn 'cn=XXXXX,dc=ungleich,dc=ch' \
--ldap-username-attribute 'uid' \
--postgresql-hostname 'localhost' \
--postgresql-username 'USER name' \
--postgresql-database 'DB-name' \
--postgresql-port 'XXXX' \
--postgresql-password 'password' \
--TOTP \
--guacd-db 'postgresql'
</pre>
h2. 3. Create VNC connection for VM
!g_con.png!
h3. 1) install postgresql on opennebual server
<pre>
apt install postgresql-client
</pre>
h3. 2) config postgresql for accessing from external host(%{color:blue}it host(it is excuted by cdist)
- vi /var/lib/pgsql/data/postgresql.conf on guacamole server(desktop)
<pre>
listen_addresses = '*'
</pre>
- vi /var/lib/pgsql/data/pg_hba.conf on guacamole server(desktop)
<pre>
host all all opennbula server address trust
</pre>
- Restart postgresql
<pre>
systemctl restart postgresql
</pre>
h3. 3) set vnc connection automatically on opennebula server
h4. (1) vnc connection script
- vm_list_dual_uid : create VM list file(uid, email, VM Number, host, VNC port) (https://code.ungleich.ch/ungleich-public/ungleich-tools/blob/master/vm_list_dual_uid)
- create-guacamole-session-ldap-db : create VNC connection on desktop (https://code.ungleich.ch/ungleich-public/ungleich-tools/blob/master/create-guacamole-session-ldap-DB)
h4. (2) create crontab
<pre>
crontab -e
</pre>
<pre>
15 0,2,4,6,8,10,12,14,16,18,20,22 * * * ./vm_list_dual_uid #create vm_list
45 0,2,4,6,8,10,12,14,16,18,20,22 * * * ./create-guacamole-session-ldap-db vm_vnc_list #create vm_list
</pre>
h2. 4. Monitoring VNC console
- We are monitoring VNC console with prometheus.
- run cdist __dcl_monitoring_server(update prometheus.yml)
h2. %{color:blue}※User VM information is synchronized with the VNC console every hour. If you create VM right now, you can access VNC console after one hour.(vnc connection script takes about 7~8 minutes.)%