Running and Connecting to VNC Servers on a Xen Guest (domainU) System
|Previous||Table of Contents||Next|
|Configuring a VNC based Graphical Console for a Xen Paravirtualized domainU Guest||Adding Disk, CDROM and DVD Devices to a Running Xen domainU Guest System|
|Purchase and download the full PDF and ePub versions of this Xen eBook for only $8.99|
In the previous chapter we looked at enabling VNC support in domain0 for the purpose of providing a remote graphical display for a Xen domainU guest. This approach works well in situations where only one graphical desktop is required. In situations where multiple graphical desktops are required (for example, it is quite likely that more than one user will want to be logged into a desktop at any one time) it is necessary to run instances of the VNC server on the domainU guest rather than rely on the VNC support provided by domain0. The purpose of this chapter is to describe in detail how to achieve such a configuration.
Installing VNC on the Xen domainU Guest
The very first step in the configuration process involves ensuring that VNC support is installed on the domainU guest. As domainU systems often use a minimal configuration it is possible that VNC has yet to be installed. The precise steps to install VNC vary between distributions. Check the documentation for your chosen distribution if you are unsure. A few examples are:
For Red Hat Linux, CentOS and Fedora:
su -c 'yum install vnc'
For Ubuntu Linux:
sudo apt-get install vnc4server
Creating Xen domainU VNC Desktop Sessions
With VNC installed on the domainU guest system the next step involves the creation of VNC server sessions. There will need to be one VNC server session running for each independent desktop environment.
New desktop environments are created using the vncserver utility and each desktop is assigned a unique port number which is specified on the command-line. For example to launch desktop :1 run the following command from a terminal window command-line prompt:
The vncserver tool will prompt for a password which will be required each time a remote user attempts to connect to the desktop. At this prompt enter a suitable password to protect access to the desktop. Once a suitable password has been provided vncserver will start a new desktop in the background connected to port 5901 ready for a remote user to connect to using vncviewer. The following transcript shows the typical output from an initial launch of a vncserver session:
-bash-3.1$ vncserver :1 You will require a password to access your desktops. Password: Verify: New 'localhost.localdomain:1 (nas)' desktop is localhost.localdomain:1 Creating default startup script /home/neil/.vnc/xstartup Starting applications specified in /home/neil/.vnc/xstartup Log file is /home/neil/.vnc/localhost.localdomain:1.log
Note that since the above output is from the first time a vncserver session has been run by a particular user a number of default files have been created in the user's home directory. Of particular interest is the .vnc/xstartup file which will be modified later in this chapter to control the type of desktop environment to be invoked by VNC.
Connecting to a Xen domainU Remote Desktop
There are two ways to connect to a VNC server session, securely and insecurely. The insecure method is not recommended unless the connection between the client and the server systems takes place within a secure network over a secure encrypted connection (such as a VPN). If the connection is taking place over the internet with no encryption then the secure method of connection is strongly recommended.
To establish an insecure connection simply run the vncviewer command on the client system specifying the IP address or host name of the domainU system on which the VNC server session is running together with the VNC session port number (keeping in mind that VNC display :1 maps to port 5901, :2 to 5902 and so on). For example, if the domainU guest system has an IP address of 192.168.2.24 and we wish to connect to VNC display :1 we would need to execute the following command:
To establish a secure connection we need to use SSH tunneling to establish an encrypted connection. This is achieved by first establishing the tunnel using the ssh command. In doing so we will map port 5901 on our local system to port 5901 on the remote domainU system (assuming that the VNC session is configured on display :1). This connection would be established as follows:
ssh -l nas -L 5901:localhost:5901 192.168.2.24
This time, when running vncviewer we now specify localhost instead of the remote system (since port 5901 on localhost is now mapped through the secure tunnel to port 5901 on the remote system):
Configuring the Xen domainU Desktop Environment
When the desktop appears you will notice that it doesn't look much like the standard desktop you would expect to see on most modern Linux distributions. In fact it may look something like the following figure:
The problem here is that by default VNC starts a minimal desktop environment (typically using a basic window manager known as twm) so we need to configure the VNC session to launch the correct desktop. To do this exit from vncviewer and then shutdown the VNC desktop session on the domainU system as follows:
vncserver -kill :1
Next go to your home folder and edit the .vnc/xstartup file. This will look similar to the following file:
#!/bin/sh # Uncomment the following two lines for normal desktop: # unset SESSION_MANAGER # exec /etc/X11/xinit/xinitrc [ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup [ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources xsetroot -solid grey vncconfig -iconic & xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" & twm &
To configure this startup script to launch, for example, the GNOME desktop environment change the twm& line so that the file reads:
#!/bin/sh # Uncomment the following two lines for normal desktop: # unset SESSION_MANAGER # exec /etc/X11/xinit/xinitrc [ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup [ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources xsetroot -solid grey vncconfig -iconic & xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" & unset SESSION_MANAGER gnome-session &
Restart the vncserver:
Finally, reconnect from the remote system. The full desktop should now appear in the VNC viewer window:
If KDE is your preferred desktop simply change the xstartup file so that it executes startkde instead of twm or gnome-session.
Closing Down a domainU VNC Desktop Session
As long as the vncserver session is running the desktop will continue to run regardless of whether a vncviewer instance is connected. This means that you can exit from vncviewer and reconnect later and find your desktop exactly as you left it.
Before closing down the actual VNC server session it is important to verify that any applications running on the desktop in question have been cleanly exited to avoid loss of data. Once all applications are closed, log out of the desktop environment in the vncviewer session and then exit vncviewer.
On the domainU guest system on which the vncserver server is running execute the vncserver command with the --kill option specifying the display to shut down. For example:
vncserver -kill :1
This will close down the VNC server session on display :1