Hi Stefan, ah, sorry, missed your initial post around #1012.
On Di 22 Mär 2016 10:42:03 CET, Stefan Baur wrote:
package: x2gobroker version: 0.0.3.0 Situation: two identical nodes, only difference is DNS name + IP Desired result: load-balanced X2Go systems, where a suspended session can be resumed Actual outcome: Each connect starts a new session, suspended sessions are left dangling forever Questions: 1) Is x2gobroker-daemon needed at all for ssh-only connections to the broker?
No. But I recommend starting with x2gobroker-daemon, because it allows much easier debugging.
2) Did I miss any obvious steps?
What were your steps? (ah... ok... posted below...)
3) What would be the suggested path to debug this?
Use http brokerage for debugging. Run x2gobroker-daemon-debug as root on the cmdline and post suspicious messages here.Where do you actually have the X2Go Broker installed? On both X2Go Servers? This is a non-recommended setup.
The recommended setup is: on broker machine, several X2Go Servers or two broker machines (with DNS round robin), several X2Go Servers
A full typescript ecording of the installation process is available, but as no command returned any error messages, let me shorten it down to the commands that were executed: # commands executed on both first and second node apt-get install x2gobroker -y cp /etc/x2go/x2gobroker.conf /etc/x2go/x2gobroker.conf.orig vi /etc/x2go/x2gobroker.conf # see diff below apt-get install x2gobroker-agent -y cp /etc/x2go/broker/x2gobroker-sessionprofiles.conf /etc/x2go/broker/x2gobroker-sessionprofiles.conf.orig vi /etc/x2go/broker/x2gobroker-sessionprofiles.conf # see diff below x2gobroker-keygen cp /var/lib/x2gobroker/.ssh/id_rsa.pub /tmp/ cd /tmp/ vi id_rsa.pub # added a blank and the server name to end of file python -m SimpleHTTPServer 8081 # run temporary web server so second node can fetch the file
# once both web servers were up, the following commands were executed # on BOTH nodes: x2gobroker-pubkeyauthorizer -t http://firstnode:8081/id_rsa.pub x2gobroker-pubkeyauthorizer -t http://secondnode:8081/id_rsa.pub
# Sadly, no working session reconnect with these command line # parameters - it always starts a new session: x2goclient --broker-url=ssh://accountwithapublickey@firstnode:22/usr/bin/x2gobroker --broker-autologin # This is using x2goclient-4.0.5.0-2015.07.31
You could play with the x2gobroker-testagent script and investigate the calls to the X2Go Server side x2gobroker-agent.
You could also check if you can use the broker-autologin feature on a per session basis. x2gobroker-daemon-debug will be your friend...
# taking a closer look at # http://wiki.x2go.org/doku.php/doc:installation:x2gobroker: # maybe x2gobroker-daemon is missing? So ...
It depends on what brokerage you want to use: x2gobroker-ssh -> SSH brokerage, x2gobroker-daemon or x2gobroker-wsgi -> http brokerage.
apt-get install x2gobroker-daemon -y # this also pulls in x2gobroker-authservice
Yes. It is required for the pam authmech inside the broker daemon. If you authenticate directly against LDAP or HTTPS, then x2gobroker-authservice is not needed.
# Sadly, no change, still no working session reconnect :-( # --------------------------------------------------------- diff -u /etc/x2go/x2gobroker.conf.orig /etc/x2go/x2gobroker.conf --- /etc/x2go/x2gobroker.conf.orig 2016-03-19 18:39:02.034407506 +0100 +++ /etc/x2go/x2gobroker.conf 2016-03-19 19:56:05.781729565 +0100 @@ -241,6 +241,7 @@ # The agent query mode can be configured on a per-broker-backend basis, the # below value is the default. #default-agent-query-mode=NONE +default-agent-query-mode=SSH # Probe SSH port of X2Go Servers (availability check) # @@ -254,7 +255,7 @@ # Per default, we set this to "true" here. The portscan feature can be # deactivated on a per-session-profile basis (use: broker-portscan-x2goservers = # false in the session profile configuration). -#default-portscan-x2goservers = true +default-portscan-x2goservers = false # Use load checker for querying X2Go Servers' loads in regular intervals # @@ -294,13 +295,13 @@ # o the session profile does not block queries to the load checker daemon # on a per profile basis # -#default-use-load-checker = false +default-use-load-checker = true
Do you have x2gobroker-loadchecker install on the broker server? Shouldn't cause your failure, but still...
# If the x2gobroker-loadchecker daemon gets used, define here how # many seconds to sleep between cycles of querying system load from the # associated X2Go Servers. # -#load-checker-intervals = 300 +load-checker-intervals = 300 ### @@ -345,9 +346,8 @@ #desktop-shell = KDE [broker_inifile] -#enable = true -#session-profiles = /etc/x2go/broker/x2gobroker-sessionprofiles.conf -#use-load-checker = false +enable = true +session-profiles = /etc/x2go/broker/x2gobroker-sessionprofiles.conf #[broker_ldap] -> MUSIC OF THE FUTURE #enable = false
Please consider contracting me, on such a project. The X2Go Broker's code says it all. If reading the code is problematic, consider contracting me for supervision.
Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/mailxchange/kronolith/fb.php?u=m.gabriel%40das-netzwerkteam.de
pgpwJuWishhCQ.pgp
Description: Digitale PGP-Signatur
_______________________________________________ x2go-dev mailing list x2go-dev@lists.x2go.org http://lists.x2go.org/listinfo/x2go-dev