User Tools

Site Tools


doc:installation:x2gobroker

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Next revision
Previous revision
doc:installation:x2gobroker [2013/05/12 16:36]
sunweaver
doc:installation:x2gobroker [2023/03/27 15:22] (current)
gratuxri typo
Line 1: Line 1:
 ====== Installing X2Go Session Broker ====== ====== Installing X2Go Session Broker ======
  
-The X2Go Session Broker falls into two components.+The X2Go Session Broker falls into three components.
  
   * X2Go Session Broker Daemon/WSGI   * X2Go Session Broker Daemon/WSGI
Line 42: Line 42:
   * [[http://code.x2go.org/gitweb?p=x2gobroker.git;a=blob_plain;f=etc/x2gobroker-wsgi.apache.vhost|X2Go Session Broker WSGI support as VirtualHost]]   * [[http://code.x2go.org/gitweb?p=x2gobroker.git;a=blob_plain;f=etc/x2gobroker-wsgi.apache.vhost|X2Go Session Broker WSGI support as VirtualHost]]
  
- 
-===== X2Go Session Broker: Backends and Frontends ===== 
- 
-The concept of X2Go Session Broker as provided in [[http://code.x2go.org/gitweb?p=x2gobroker.git|X2Go Git]] is highly modular. The X2Go Session Broker Daemon can be easily extended with //broker backends// and //WebUI frontends//. 
- 
-==== Currently available broker backends ==== 
- 
-  * ZeroConf backend (name: zeroconf), set up by default, allows one to test the broker and see that client <-> broker configuration basically works 
-  * INI File backend (name: inifile), text file (INI format) based configuration of the X2Go Session Broker backend 
- 
-Other broker backends (written in Python) can be added easily if needed. Contact the X2Go developers for further information on custom broker backend development. 
- 
-==== Currently available WebUI frontends ==== 
- 
-  * The '''plain''' WebUI frontend: usable with X2Go Client 
-  * The '''uccs''' WebUI frontend: usable with Unity Greeter (experimental) 
  
  
Line 77: Line 61:
  
 Furthermore, X2Go Session Broker can be extended by other (non-PAM) authentication methods. The currently available authentication mechanisms in X2Go Session Broker are listed [[http://code.x2go.org/gitweb?p=x2gobroker.git;a=tree;f=x2gobroker/authmechs|here]]. Furthermore, X2Go Session Broker can be extended by other (non-PAM) authentication methods. The currently available authentication mechanisms in X2Go Session Broker are listed [[http://code.x2go.org/gitweb?p=x2gobroker.git;a=tree;f=x2gobroker/authmechs|here]].
 +
 +===== X2Go Session Broker Agent =====
 +
 +Package name: '''x2gobroker-agent'''
 +
 +On Debian based systems:
 +
 +<code bash>
 +$ sudo apt-get install x2gobroker-agent
 +</code>
 +
 +Installing X2Go Session Broker Agent is optional. The broker agent has to be installed on machines that are in the roll of an X2Go Server (i.e. in the role of a terminal server running X2Go).
 +
 +The X2GO Session Broker Agent is a requirement for load balancing setups and is also needed if X2Go Client shall be aware of already running X2Go Sessions. X2Go Client in non-broker mode resumes a suspended session (if exactly there is one) automatically. Other than that, X2Go Client in broker mode waits for resuming instructions from the session broker. The session broker, however, requires feedback from the broker agent to notice that there is a suspended/running session for a certain user.
 +
 +Thus, the broker agent is like a man-in-the-middle. It sits between X2Go Session Broker and the X2Go Server(s) that the session broker provides. Through the X2Go Session Broker Agent the broker core can obtain information on provided X2Go Servers for all users on that server host. 
 +
 +The currently available functions of the broker agent are:
 +
 +  * list user sessions of any user
 +  * deploy SSH public keys on behalf of any user
 +  * drop SSH public keys on behalf of any user
 +  * render an ordered list of X2Go Servers and their usage (by number of running/suspended sessions), only needed in load balancing setups
 +  * suspend sessions on behalf of any user
 +  * render a list of used X2Go Servers
 +  * (more to come...)
 +
 +**Note:** The X2Go Session Broker Agent gets installed setuid root (group: x2gobroker system group, permissions: 0750). System administrators should be aware of this. If someone hacks the x2gobroker user account on one of your X2Go Servers, this hacker can then execute certain X2Go related commands with root privileges on the X2Go Server system.
 +
 +
 +===== X2Go Session Broker: Backends and Frontends =====
 +
 +The design of X2Go Session Broker as provided in [[http://code.x2go.org/gitweb?p=x2gobroker.git|X2Go Git]] is highly modular. The X2Go Session Broker Daemon can be easily extended with //broker backends// and //WebUI frontends//.
 +
 +==== Broker Backends ====
 +
 +The backends deal with the storage of, the rendering of and possibly the user/group/client based filtering of session profiles which then get provided via X2Go Session Broker to the querying X2Go client application.
 +
 +==== Broker WebUI Frontends ====
 +
 +The WebUI frontends deal with delivering the list of session profiles (available for this user/group/client address) to the X2Go client application (X2Go Client: text/plain WebUI, Unity Greeter: UCCS WebUI).
 +
 +==== Currently available broker backends ====
 +
 +  * ZeroConf backend (name: zeroconf), set up by default, allows one to test the broker and see that client <-> broker configuration basically works
 +  * INI File backend (name: inifile), text file (INI format) based configuration of the X2Go Session Broker backend
 +
 +Other broker backends (written in Python) can be added easily if needed. Contact the X2Go developers for further information on custom broker backend development.
 +
 +==== Currently available WebUI frontends ====
 +
 +  * The '''plain''' WebUI frontend: usable with X2Go Client
 +  * The '''uccs''' WebUI frontend: usable with Unity Greeter (experimental)
  
 ===== Setting up Config Files ===== ===== Setting up Config Files =====
  
-==== X2Go Session Broker Config ====+==== Configuration of X2Go Session Broker ====
  
 For a basic configuration with the INI file backend and the standalone daemon (recommended for beginners) you only need to touch. Click on the config file names below to retrieve more info on how to modify/tweak those individual files. For a basic configuration with the INI file backend and the standalone daemon (recommended for beginners) you only need to touch. Click on the config file names below to retrieve more info on how to modify/tweak those individual files.
Line 88: Line 125:
   * [[x2gobroker:inifilebackend|/etc/x2go/broker/x2gobroker-sessionprofiles.conf]]   * [[x2gobroker:inifilebackend|/etc/x2go/broker/x2gobroker-sessionprofiles.conf]]
  
-The X2Go Session Broker uses several more configuration files. Below is a complete list (for version 0.0.2.x, if not applicable to later versions anymore, please update the below lists):+The X2Go Session Broker uses several more configuration files. Below is a complete list (for version 0.0.2.x, if not applicable to later versions anymore, please update the below lists). The files are linked to their initial layout (in X2Go Git) to show what they look like directly after installation of the session broker packages.
  
 __X2Go Session Broker's Core:__ __X2Go Session Broker's Core:__
Line 106: Line 143:
 [[http://code.x2go.org/gitweb?p=x2gobroker.git;a=blob;f=etc/x2gobroker-wsgi.apache.vhost|/etc/x2go/x2gobroker-wsgi.apache.vhost]] (VirtualHost example for the WSGI implementation of X2Go Session Broker) [[http://code.x2go.org/gitweb?p=x2gobroker.git;a=blob;f=etc/x2gobroker-wsgi.apache.vhost|/etc/x2go/x2gobroker-wsgi.apache.vhost]] (VirtualHost example for the WSGI implementation of X2Go Session Broker)
 [[http://code.x2go.org/gitweb?p=x2gobroker.git;a=blob;f=logrotate/x2gobroker-wsgi|/etc/logrotate.d/x2gobroker-wsgi]] (rotate WSGI logfile) [[http://code.x2go.org/gitweb?p=x2gobroker.git;a=blob;f=logrotate/x2gobroker-wsgi|/etc/logrotate.d/x2gobroker-wsgi]] (rotate WSGI logfile)
 +
 +==== Configuration of X2Go Session Broker Authentication Service ====
 +
 +The authentication service normally does not need any configuration, unless you strongly deviated from the default setup.
  
 __X2Go Session Broker Authentication Service:__ __X2Go Session Broker Authentication Service:__
Line 144: Line 185:
 Where... Where...
   * ''<broker-base-url>'' is <hostname>:<port>/<broker-base-path>   * ''<broker-base-url>'' is <hostname>:<port>/<broker-base-path>
-  * ''<frontend>'' can be either of [[http://code.x2go.org/gitweb?p=x2gobroker.git;a=blob_plain;f=x2gobroker/web|the available broker WebUI frontends]] (except the files base.py and extras.py all files here are broker WebUI frontends) +  * ''<frontend>'' can be either of [[http://code.x2go.org/gitweb?p=x2gobroker.git;a=tree;f=x2gobroker/brokers|the available broker WebUI frontends]] (drop the ''%%_%%broker'' ending, the files ''%%__%%init%%__%%.py'' and ''base_broker.py'' are not frontends) 
-  * ''<backend>'' can be either of [[http://code.x2go.org/gitweb?p=x2gobroker.git;a=blob_plain;f=x2gobroker/web|the available broker WebUI frontends]]+  * ''<backend>'' can be either of [[http://code.x2go.org/gitweb?p=x2gobroker.git;a=tree;f=x2gobroker/web|the available broker backends]] (except the files ''%%__%%init%%__%%.py'' and ''extras.py'')
  
 **Example:** ''http://localhost:8080/plain/zeroconf'' **Example:** ''http://localhost:8080/plain/zeroconf''
  
doc/installation/x2gobroker.1368376608.txt.gz · Last modified: 2013/05/12 16:36 by sunweaver