On Mon, Oct 9, 2023 at 3:27 AM Maciej Konigsman <[email protected]> wrote:
> Thanks for all the advice. > What are the reasons behind the decision to use EC2 instead of ECS > (containers)? > > It looks like web ui has to be tightly coupled with guacd. Do you know if > there are any plans to change it? > I don't think this is accurate, although I'm not sure what you mean by this? You can definitely run guacd and the web interface on separate systems (I do this today), and you can even run them at some "distance" apart (network/latency-wise). In fact, it's much more important that guacd be located as close to the remote systems that you're logging into as possible than to the web interface. That said, if you run guacd on a separate system, you'll probably want to make sure you have encryption working between the Tomcat host(s) and guacd so that your traffic isn't sent over the network in plain-text. >From an HA perspective, I also wouldn't say that it needs to be "tightly coupled" - there are just some aspects to the way that the web application server works that don't lend themselves to having multiple guacd back-ends. I think most of this has to do with the web application itself and changes that could be made to it in order to better handle distributing loads across multiple systems, but I don't think that this makes it something that "tightly couples" the web application to guacd. We do have a Jira ticket open for improving things from an HA perspective in Guacamole, but it hasn't had much activity. Every now and then I take a run at building something for the web front-end that would at least allow active connections to be seen across multiple instances, and every time I start down that path I end up running into some issue that prevents me from making any progress. I'm sure it isn't impossible, just not something I've figured out, yet. -Nick >
