Access to your virtual server console from a browser

Do you have an ESXi (any hypervisor) on which virtual servers are running? Sometimes it happens that you need access to a real server console and it is not always possible to use a vmware console. If you are interested in the decision read on.

VNC

First of all, you can run a virtual machine on ESXi, which will be accessible through VNC. We can immediately connect to the virtual machine using any VNC client. But this is not our way.

Let's first change the settings of the virtual machine. Choose a virtual machine -> Edit Settings -> Options -> General -> Configuration Parameters and add 3 parameters:
')

RemoteDisplay.vnc.enabled = [true|false] -  vnc RemoteDisplay.vnc.port = [port #] - ,       RemoteDisplay.vnc.password = [optional] -   VNC 

If you are using ESXi 5 version, then you still need to open the port on the firewall of this hypervisor. Make it not so easy as it seems at first glance. We enable SSH and create a new xml file with a description of the new rule for the firewall in / etc / vmware / firewall:

 <!--rewall configuration information for VNC --> <ConfigRoot> <service> <id>Habra</id> <rule id='0000'> <direction>inbound</direction> <protocol>tcp</protocol> <porttype>dst</porttype> <port>5901</port> </rule> <rule id='0001'> <direction>outbound</direction> <protocol>tcp</protocol> <porttype>dst</porttype> <port> <begin>0</begin> <end>65535</end> </port> </rule> <enabled>true</enabled> <required>false</required> </service> </ConfigRoot> 

After that, we update the firewall configuration and see if our new service has appeared:

 /etc/vmware/firewall # esxcli network firewall refresh /etc/vmware/firewall # esxcli network firewall ruleset list | grep Habra Habra true 

The main problem is that if we restart ESXi now, our new rule will not be. The simplest solution is to copy the XML to storage, to which the host has access, and on the host itself add to /etc/rc.local:

 cp location-of-xml-file /etc/vmware/firewall esxcli network firewall refresh 

If you want a better solution, then you can read here .

Now all our virtual machines have VNC access. Next, we will make one access point to all servers using Guacamole

Guacamole

With Guacamole, you can access your server console from any browser that supports: HTML5 and AJAX


Guacamole can work with VNC and RDP. Installation can be done on Debian, Ubuntu, Fedora



Installing Guacamole is easy. Examples for Ubuntu. Install the dependencies:

 sudo apt-get install tomcat6 libvncserver0 libfreerdp1 libvorbisenc2 

The latest version can be found on the product site :

 wget http://switch.dl.sourceforge.net/project/guacamole/current/binary/ubuntu-12.04-amd64/guacamole-0.7.2-ubuntu-12.04-amd64.tar.gz tar -xzf guacamole-0.7.2-ubuntu-12.04-amd64.tar.gz cd guacamole-0.7.2-ubuntu-12.04-amd64 sudo dpkg -i *.deb 

If everything is done correctly, then go to myip : 8080 / guacamole / see the login and password entry window. The default authentication scheme reads all settings from the /etc/guacamole/user-mapping.xml configuration file.

 <user-mapping> <authorize username="User1" password="userpassword"> <connection name="Server1"> <protocol>vnc</protocol> <param name="hostname">192.168.0.10</param> <param name="port">5902</param> <param name="password">VNCPASS</param> </connection> <connection name="Server2"> <protocol>vnc</protocol> <param name="hostname">192.168.0.10</param> <param name="port">5901</param> <param name="password">VNC</param> </connection> </authorize> </user-mapping> 

where the hostname is the address of your esxi host, password is the password for VNC.
Now log in as User1 and connect to your virtual servers. To open the virtual keyboard press: Ctrl + Alt + Shift