RE: Implement HA on Guacamole Server
Hello Thiago, I managed to implement High Availability Active Passive on Guacamole. I just assured both are fully symmetric and put a firewall NLB in front of both servers. To assure that servers are always synchronized, I created a library of scripts that does all my needed functions, so that way, when I need to reset a user password or associate a new connection to a user, or create a new connection, for example, I do it from script and it does on both servers at the same time. Its working like a charm. But If we could have an active - active architecture would be great! Gonçalo Rosa W: www.v2s.us Skype: goncalo_rosa -Original Message- From: Thiago dos Santos Nunes [mailto:thi...@digitalinformatica.com.br] Sent: Thursday, July 27, 2017 19:18 To: user@guacamole.incubator.apache.org Subject: RES: Implement HA on Guacamole Server Thanks everyone! Let me see segfault. Memchached teorically work with websocket? The session replication work with this? Anybody can tell about sucess on working with memcached? I need a lot put this working. And about high availability on server? How to do this? Fique com DEUS! Aude et Effice! -Mensagem original- De: segfault [mailto:jay.cee...@gmail.com] Enviada em: quinta-feira, 27 de julho de 2017 18:31 Para: user@guacamole.incubator.apache.org Assunto: Re: Implement HA on Guacamole Server Hi, I am trying this right now with memcached-session-manager. I have not been able to get it to work though. I can share my logs and more detail if anyone wants to help. My set up is on AWS. I have a TCP ELB load balancer with two EC2 instances running guacamole on httpd. I have configured SSL Client Verification to be required on the instances. I was thinking if you don't need SSL Client Verification, you could use an HTTPS ELB load balancer and configure sticky sessions on the ELB. You would have to terminate SSL connections at the load balancer though and this makes SSL client verification tricky if not impossible. I am on the verge of just settling for an active/passive set up through the load balancer because I have tried everything I can think of to get the memcached-session-manager to work with no success. Here's a link to some info about memcached-session-manager: https://github.com/magro/memcached-session-manager/wiki -- View this message in context: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/Implement-HA-on-Guacamole-Server-tp1343p1401.html Sent from the Apache Guacamole (incubating) - Users mailing list archive at Nabble.com.
Re: Implement HA on Guacamole Server
Hi, I am trying this right now with memcached-session-manager. I have not been able to get it to work though. I can share my logs and more detail if anyone wants to help. My set up is on AWS. I have a TCP ELB load balancer with two EC2 instances running guacamole on httpd. I have configured SSL Client Verification to be required on the instances. I was thinking if you don't need SSL Client Verification, you could use an HTTPS ELB load balancer and configure sticky sessions on the ELB. You would have to terminate SSL connections at the load balancer though and this makes SSL client verification tricky if not impossible. I am on the verge of just settling for an active/passive set up through the load balancer because I have tried everything I can think of to get the memcached-session-manager to work with no success. Here's a link to some info about memcached-session-manager: https://github.com/magro/memcached-session-manager/wiki -- View this message in context: http://apache-guacamole-incubating-users.2363388.n4.nabble.com/Implement-HA-on-Guacamole-Server-tp1343p1401.html Sent from the Apache Guacamole (incubating) - Users mailing list archive at Nabble.com.
RE: Implement HA on Guacamole Server
Hi Thiago In answer to your questions we do not have load balancing for spreading load we have a load balancer for active/passive failover. If we were able to have a PAAS solution for MySQL that was stable OR we stored all objects in active directory then we would essentially round robin the LB between servers. I do not believe there would be any way to keep alive a connection in the event of a server crash as it's a persistent connection to that server, the best outcome that I could see is the user refreshes the browser and reconnects to the next host. Sorry if this was not what you wanted to hear. From: Thiago dos Santos Nunes [mailto:thi...@digitalinformatica.com.br] Sent: Monday, 24 July 2017 10:48 PM To: user@guacamole.incubator.apache.org Subject: RES: Implement HA on Guacamole Server Thanks for sharing James (We have a same name but in another languages...). My problem is not the Database server, but with Guacamole Server and the client. How you address this questions: - How to create session persistent in many guacamole client if one server goes down? - How to not disconnect my users i fone guacamole server goes down? - How to loadbalance the connections with many guacamole servers and many guacamole clients equality? Fique com DEUS! Aude et Effice! [Assinatura E-mail] De: James Fraser [mailto:james.fra...@veritec.com.au] Enviada em: domingo, 23 de julho de 2017 20:00 Para: user@guacamole.incubator.apache.org<mailto:user@guacamole.incubator.apache.org> Assunto: RE: Implement HA on Guacamole Server Hi Thiago I have a "HA" setup currently running within Azure We found to many timeout issues with using a PAAS solution for MYSQL so instead are running a simpler solution at the moment. We have two servers, one is the Master and one is the slave. We have a load balancer (traffic manager for setting priority) Which selects server number 1 (master) We are locking down the environment using oauth2 followed by LDAP and MYSQL. Server 1 (Master) has a RW database and syncs data to Server 2 (Slave) Guacamole on server 2 only have Read Only access to its database. If server 1 goes off line, server 2 can and will continue to allow connectivity however it will not allow creation of new users or connections, nor will it log who is logged on etc It is not a perfect but it does allow server 1 to be patched and/or go offline. From: Thiago dos Santos Nunes [mailto:thi...@digitalinformatica.com.br] Sent: Friday, 21 July 2017 1:21 AM To: user@guacamole.incubator.apache.org<mailto:user@guacamole.incubator.apache.org> Subject: Implement HA on Guacamole Server Hi everyone, Pax! I need a lot of help. We have a guacamole setting with approximately 100-200 simultaneous connections. And we're investigating the option of creating client high availability using Hazelcast or memcached (Nick's tip). Has anyone tried this? Could you share how it was? Because I've never worked with it. Another essential thing is the server side. We need to implement some High Availability schema for the server. And it would have to be something without downtime if possible. I had already created a ticket for the HA issue on the guacamole server, in case there is a need to change the code. This would be an exceptional feature for medium to large environments. Https://issues.apache.org/jira/browse/GUACAMOLE-283 Please help me in this, because the environment has fallen sometimes and the users get very frustrated And customers wanting to paralyze services for this. Stay with GOD! Aude et Effice! Thiago.
RE: Implement HA on Guacamole Server
Hi Thiago I have a "HA" setup currently running within Azure We found to many timeout issues with using a PAAS solution for MYSQL so instead are running a simpler solution at the moment. We have two servers, one is the Master and one is the slave. We have a load balancer (traffic manager for setting priority) Which selects server number 1 (master) We are locking down the environment using oauth2 followed by LDAP and MYSQL. Server 1 (Master) has a RW database and syncs data to Server 2 (Slave) Guacamole on server 2 only have Read Only access to its database. If server 1 goes off line, server 2 can and will continue to allow connectivity however it will not allow creation of new users or connections, nor will it log who is logged on etc It is not a perfect but it does allow server 1 to be patched and/or go offline. From: Thiago dos Santos Nunes [mailto:thi...@digitalinformatica.com.br] Sent: Friday, 21 July 2017 1:21 AM To: user@guacamole.incubator.apache.org Subject: Implement HA on Guacamole Server Hi everyone, Pax! I need a lot of help. We have a guacamole setting with approximately 100-200 simultaneous connections. And we're investigating the option of creating client high availability using Hazelcast or memcached (Nick's tip). Has anyone tried this? Could you share how it was? Because I've never worked with it. Another essential thing is the server side. We need to implement some High Availability schema for the server. And it would have to be something without downtime if possible. I had already created a ticket for the HA issue on the guacamole server, in case there is a need to change the code. This would be an exceptional feature for medium to large environments. Https://issues.apache.org/jira/browse/GUACAMOLE-283 Please help me in this, because the environment has fallen sometimes and the users get very frustrated And customers wanting to paralyze services for this. Stay with GOD! Aude et Effice! Thiago.