Guacamole magic!
Most of you have used RDP, SSH, VNC or some other terminal service protocols to interact with remote systems. Sadly, all of them require some sort of client to connect with the server and these client applications need to be installed in your system in the first place. Some of these protocols give you a GUI experience or just CLI.
But if I tell you, it is possible to have the same GUI experience through your browser only!! Yes you heard that right, through browser you can access any remote OS you want and as long as your internet connection is decent you will not feel you are using a remote desktop. Thanks to HTML5 which made it possible, and obviously all credit goes to developers of Apache Guacamole project. In this post I am going to discuss about steps to install and configure Guacamole to serve a Ubuntu and Windows system through browser.
There are two methods to setup a Guacamole service:-
i. Installing Guacamole natively and
ii. Installing with Docker
Here, I am going to discuss both of them. No doubt, the Docker method is super easy if you are already having a Docker installation.
Installing Guacamole natively
Native installation of Guacamole has two parts- first setting up the Guacamole server and then the client. Both Server and client will be in the same machine. Before starting, we need to install some libraries that are required by Guacamole, such as FFmpeg, FreeRDP, Pango, libssh2, libVNCServer, libwebsockets, OpenSSL, Cairo, libjpeg-turbo, OSSP UUID, libtool and libpng.
After installing all these libraries, we can download the source code of the Guacamole server from the project site, which will be in .tar.gz format.
Now we will extract the compressed file and build from source.
tar -xvzf guacamole-server-1.1.0.tar.gz
cd guacamole-server-1.1.0/
Now, you will find a configure script in the current directory, which we need to run, in order to build the source code.
Now, we will run make to compile the guacamole-server. After running make , we need install compiled components using make install and ldconfig to update the system cache. Now our server part is ready to run, still guacd service isn’t running yet, before that we will setup the client part.
The guacamole client is also available in project site as self-contained .war file. After downloading it, we will put the .war file in our tomcat server’s CATALINA_HOME directory. In my case, CATALINA_HOME directory is /var/lib/tomcat8/webapps.
cp guacamole.war /var/lib/tomcat8/webapps/
Now, both the server and client component is ready and we can start the tomcat and guacd service.
/etc/init.d/tomcat8 start
/etc/init.d/guacd start
Now we will edit the CATALINA_HOME/user-mapping.xml file to add our users for guacamole web portal and different connections.
Now, in browser we can find the guacamole portal at localhost:8080 or with host machine IP address.
Now click any of your preset connection from the list and you can access the system from browser only.
In addition with user-mapping.xml , you can create user, groups and connections from the web portal also.
Installing Guacamole with Docker
This method is super easy, if you already have a docker installation ready.
Guacamole for docker has three components. guacamole/guacd image running the guacd daemon, guacamole/guacamole image running tomcat, and mysql/postgresql image working as a database. Offical images can be found from Docker Hub. Also, you can keep all these three image components in a single image, such an image is also available in Docker Hub from a third party account. Although, using image from an unofficial account can be dangerous, better option is read through the Dockerfile and build the same in your system. After the image is run, in the same way Guacamole portal can be used and set up for users and connections. This method nullifies the problem for downloading dependencies and building the project from source code. You should use at least self-signed certificate for encrypting the communication. You can try out Guacamole in your Kubernetes cluster, it’s pretty cool!! Hope this was quite helpful and for exploring more advanced usage explore the well written manual.
