Project

General

Profile

Actions

The ungleich VNC console » History » Revision 11

« Previous | Revision 11/13 (diff) | Next »
Jin-Guk Kwon, 01/31/2020 01:53 PM


The ungleich VNC console

1. System Architecture

This service supports accessing console of your VM through guacamole service.
And To log-in VNC console web needs datacenterlight.ch account. User's accounts are syncronized with LDAP.

2. Set guacamole server

- run cdist

cd ~/.cdist; git pull; cdist config -bj7 -p9 -vv desktop.ungleich.ch

- in manifest

……
desktop.ungleich.ch)
        __guacamole_centos  --ldap-hostname 'ldap server url' \
          --ldap-port '636' \
          --ldap-encryption-method 'ssl' \
          --ldap-user-base-dn 'ou=XXX,dc=ungleich,dc=ch' \
          --ldap-search-bind-password ‘refer to pass' \
          --ldap-search-bind-dn 'cn=XXXXX,dc=ungleich,dc=ch' \
          --ldap-username-attribute 'uid' \
          --postgresql-hostname 'localhost' \
          --postgresql-username 'USER name' \
          --postgresql-database 'DB-name' \
          --postgresql-port     'XXXX' \
          --postgresql-password 'password' \
          --TOTP \
          --guacd-db 'postgresql'

3. Create VNC connection for VM

1) install postgresql on opennebual server

apt install postgresql-client

2) config postgresql for accessing from external host(it is excuted by cdist)

- vi /var/lib/pgsql/data/postgresql.conf on guacamole server(desktop)

listen_addresses = '*'

- vi /var/lib/pgsql/data/pg_hba.conf on guacamole server(desktop)

host    all         all            opennbula server address trust

- Restart postgresql

systemctl restart postgresql

3) set vnc connection automatically on opennebula server

(1) vnc connection script

- vm_list_dual_uid : create VM list file(uid, email, VM Number, host, VNC port) (https://code.ungleich.ch/ungleich-public/ungleich-tools/blob/master/vm_list_dual_uid)

- create-guacamole-session-ldap-db : create VNC connection on desktop (https://code.ungleich.ch/ungleich-public/ungleich-tools/blob/master/create-guacamole-session-ldap-DB)

(2) create crontab

crontab -e
15 0,2,4,6,8,10,12,14,16,18,20,22 * * * ./vm_list_dual_uid #create vm_list
45 0,2,4,6,8,10,12,14,16,18,20,22 * * * ./create-guacamole-session-ldap-db vm_vnc_list #create vm_list

4. Monitoring VNC console

- We are monitoring VNC console with prometheus.
- run cdist __dcl_monitoring_server(update prometheus.yml)

※User VM information is synchronized with the VNC console every hour. If you create VM right now, you can access VNC console after one hour.(vnc connection script takes about 7~8 minutes.)

Updated by Jin-Guk Kwon almost 5 years ago · 11 revisions