GUACAMOLE: Open Source Web Based Remote Desktop Gateway

Recently, I was searching for remote desktop software using which I can do the remote or ssh login through browser.

There are so many software like thinVNC, Thinfinity, TightVNC which helps us to do remote desktop. These software uses HTML5, VNC variants like thinVNC, thickVNC, UltraVNC. One problem with these software is that we need to install client on machine which we gonna do RDP or SSH.

While exploring I stumble upon Guacamole(Not Recipe). It is clientless remote desktop gateway. We don't need to install any client on machines. We requires only setup guacamole server on separate machine then you only need to access machines through web browser. 

Yeah, It is open Source.

Guacamole is HTML5 web application that provides access to desktop environments using remote desktop protocols. It supports VNC or RDP protocols. We can do SSH login also using Guacamole.

Architecture

Guacamole Architecture

Guacamole is collection of many things, 

- Guacamole Protocol
- guacd
- Web Application
- VNC Client
- Remote Desktop Gateways


Guacamole Protocol
Web browser or application doesn't understand any RDP or VNC or any other protocols which are supported by Guacamole stack. It communicates with guacamole through Guacamole Protocol. It renders remote display and transfer events.

Guacd
It is the heart of guacamole stack. It acts as mediator between the remote desktop machine and web application. It also communicate with the help of Guacamole protocol.

Web Application
We are interacting with guacamole using web application. It doesn't implement any remote desktop protocol but it relies on guacd. It provides UI (user interface) and authentication functionality to users.

VNC Client
It is nothing but java-script client(java server component) which is used to translates VNC into XML format.

Remote Desktop Gateways
Guacamole not only supports VNC but it also support other protocol like RDP, SSH, Telnet, etc. Guacamole stack supports multiple remote desktop protocols through different gateways.

Best part of Guacamole stack is that we doesn't requires to set RDP or web client on each and every machines as other software does.

References:

• http://guac-dev.org
• http://guac-dev.org/doc/gug

Read More

Start-Stop virtual machines parallelly present in cloud service (Azure IAAS)

Time and cost are the two crucial factors in cloud environment, people are paying for what they are using. I have setup my environment in Azure using Infrastructure-as-a-service (IAAS). Environment consists of 20+ virtual machines, virtual networks. I have wrote powershell scripts which provision environment for me.

While working on cloud environment with high configuration machines, I need to make optimal use of cloud environment to reduce my cloud cost. 

For this we can think of  following approaches

• Schedule start/stop of cloud service to reduce cost
• Parallel operation within cloud service to reduce start/stop time

Initially, I have used Start-AzureService and Stop-AzureService powershell cmdlet for starting and stopping of cloud services and it does job for me.

Observations: 

Whenever, I stop cloud service using Stop-AzureService command it stops service successfully. But it is not deallocating the cloud resources. Technically cloud service is in stopped state but its IP address, VHDs, etc. are still in use.  Azure charge for these cloud services. 

As an alternative, I came across Start-AzureVM and Stop-AzureVM powershell cmdlet which start stops the virtual machine present in cloud service. Stop-AzureVM stops specific virtual machine present in the cloud service and also deallocates its resources.

In my environment i have 20+ virtual machines so starting or stopping these machines takes around 60 minutes (each machine takes around 3 minutes to start/stop). So i need to think of parallel execution to reduce start and stop time. I tried to start or stop the virtual machine in parallel in powershell but was not able to do so. I faced mutual exclusion error while performing operation on different virtual machines within a same cloud service. 

In classic model of virtual machine Azure has some restriction while performing the  parallel operation on cloud resources specifically cloud service, virtual networks, etc. We can perform operation on only one virtual machine within cloud service.

We can also manage Azure cloud through management portal. Whenever we start the cloud service using management portal then Azure starts all virtual machines in parallel within 3-4 minutes. While stopping the cloud service using management portal it stops the service and also deallocates its resources. (Isn't it great?)

While exploring the internal working of management portal i came across that we can also manage Azure through Azure Service Management APIs. I wrote the powershell scripts which manages my cloud service. Using REST API, I am able to start/stop 20+ virtual machines in parallel within 3-4 minutes.

Find the powershell script below which start/stop cloud service with the help of Azure service management APIs. 

manageCloudService.ps1

<# 
.SYNOPSIS 
   Manage cloud service using REST API 
.DESCRIPTION 
   Start and stop VMs present in cloud service in parallel 
.EXAMPLE 
   .\manageCloudService.ps1 -ServiceName "testme-cs" -OperationType "start/stop"  
#>

param(
[string]$serviceName,
[string]$operationType)

$deploymentName = $serviceName

# Select an Azure Subscription for which to report usage data
$subscriptionId = (Get-AzureSubscription -Current).SubscriptionId
# Set Azure AD Tenant for selected Azure Subscription
$adTenant = (Get-AzureSubscription -SubscriptionId $subscriptionId).TenantId

# Set parameter values for Azure AD auth to REST API

# Well-known client ID for Azure PowerShell
$clientId = "1950a258-227b-4e31-a9cf-717495945fc2" 
# Redirect URI for Azure PowerShell
$redirectUri = "urn:ietf:wg:oauth:2.0:oob" 
# Resource URI for REST API
$resourceAppIdURI = "https://management.core.windows.net/" 
# Azure AD Tenant Authority
$authority = "https://login.windows.net/$adTenant"

# Credential object
$userName = "organisation user"
$password = "secretepassword"
$creds = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.UserCredential" -ArgumentList $userName,$password

# Create AuthenticationContext tied to Azure AD Tenant
$authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList $authority
# Acquire token
$authResult = $authContext.AcquireToken($resourceAppIdURI,$clientId,$creds)
# Create Authorization Header
$authHeader = $authResult.CreateAuthorizationHeader()

# Set REST API parameters
$contentType = "text/xml;charset=utf-8"

# Set HTTP request headers to include Authorization header
$requestHeader = @{"Authorization" = $authHeader; "x-ms-version" = "2014-05-01"}

$uri = "https://management.core.windows.net/$subscriptionId/services/hostedservices/$serviceName/deployments/$deploymentName/roles/Operations"

# Get virtual machine Name present in cloud service
$roles = ""
$vmList = Get-AzureVM -ServiceName $serviceName |
%{
    $roles = $roles + "" + $_.Name+ ""
    $vmNameForMonitor = $_.Name  
}  

if ($operationType.ToLower() -eq "start")
{
    $body = @"

  StartRolesOperation
  
  $roles
  

"@
 # Invoke REST API
    Invoke-RestMethod -Uri $uri -Method Post -Headers $requestHeader -Body $body -ContentType $contentType
    # wait for vm to start
    $vm = Get-AzureVM –ServiceName $ServiceName -Name $vmNameForMonitor 
    $vmStatus = $vm.PowerState 
    if (!($vm.PowerState -eq "Started")) {   
        do {   
            Start-Sleep -s 5    
            $vm = Get-AzureVM –ServiceName $ServiceName -Name $VMName 
            $vmStatus = $vm.PowerState   
        }until($vmStatus -eq "Started")   
    }
}
elseif ($operationType.ToLower() -eq "stop")
{
$body = @"

  ShutdownRolesOperation
  
  $roles
  
  StoppedDeallocated

"@
 # Invoke REST API
    Invoke-RestMethod -Uri $uri -Method Post -Headers $requestHeader -Body $body -ContentType $contentType
}

References:

• Azure Resource Management using REST API in powershell
• Service Management using REST api reference
• Start-AzureService
• Stop-AzureService
• Start-AzureVM
• Stop-AzureVM

Hope this script will help you guys to reduce your cloud bill. Suggestion and feedback are welcome.

Read More