Using Guacamole to replicate Amazon EC2

[GianlucaMassimiani <se...@hotmail.com>]

I have a bunch of servers that I would like to use as a mini-cloud system,
similarly to how Amazon EC2 works. Basically I would like to:
1) Install an hypervisor (e.g. KVM) on each server 
2) Install Guacamole on the servers
3) Connect to the cloud system through a web browser, being able to see
which servers are available
4) Through the web browser, select a server and specify the software (for
example, the OS) and further specifications of the instance (virtual
machine) that I want to run on that server.
5) Launch the instance on the server using the KVM, and use the instance
through the web browser
6) When I am done, disconnect from the server (instance on the server should
be destroyed)

Do you think Guacamole is suitable for such a project? My biggest concern is
about steps 4 and 5. After I have connected to the server using Guacamole,
how do I create a virtual machine on the server (that is, how can I make
Guacamole and KVM to interact with each other)? And after that, how do I
connect Guacamole with the just created virtual machine? Any advice would be
really appreciated. Thanks  



--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/

Re: Using Guacamole to replicate Amazon EC2

[Lee <ld...@vt.edu>]

GianlucaMassimiani wrote
> 1) Install an hypervisor (e.g. KVM) on each server 
> 2) Install Guacamole on the servers
> 3) Connect to the cloud system through a web browser, being able to see
> which servers are available
> 4) Through the web browser, select a server and specify the software (for
> example, the OS) and further specifications of the instance (virtual
> machine) that I want to run on that server.
> 5) Launch the instance on the server using the KVM, and use the instance
> through the web browser
> 6) When I am done, disconnect from the server (instance on the server
> should
> be destroyed)

AWS will not let you have hypervisor access on anything less than a
$3500/month server. My org didn't want to pay for that overnight (since we
are taxpayer funded and generally don't have users overnight), so we went
with one or more M5's running guacamole as a container (AWS ECS using the
official Guac containers at https://hub.docker.com/u/guacamole). We then use
an out-of-guacamole system to create/start/stop/delete lots of T2/T3/M4/M5
instances.

In reality, I think your entire use case is very similar to what we do at
the Virginia Cyber Range -- spin up an instance on demand for a student,
then stop or destroy it when it's done. We don't currently rely on anything
in Guacamole to manage our servers/instances, and we use our own UI & back
end to decide what to build, when to start/stop the VM, and prepare any
customization required. Guacamole is _great_ at the RDP/SSH pass through
once you get it working, and it's really helpful in school/government
environments where installations might be restricted, or IT network admins
are concerned -- though do consider that your process might create a hole
which might bypass network filters.

Good luck!
-Lee



--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/

Re: AW: Using Guacamole to replicate Amazon EC2

[GianlucaMassimiani <se...@hotmail.com>]

Joachim Lindenberg wrote
> Hi Gianluca,
> For my backup application I wrote a Guacamole extension that in essence
> reflects your steps 4+5. I have two directions of integration: the
> extension
> can enumerate all backups and show them in the Guacamole user interface,
> selecting one starts a virtual machine out of the backup and connects, or
> v.v. I have a button in my user interface that fires up the virtual
> machine,
> generates a token, and starts Guacamole user interface with the token,
> which
> then is used by the extension to use a one-time user and connect to the
> virtual machine.
> W.r.t. step 6 - in case your user interface or Guacamole is the only
> access
> path, it is fairly easy to integrate that with a Guacamole extension as
> well. In my backup application I am relying on other means as there are
> many
> access paths.
> Best Regards, Joachim
> --
> Sent from:
> http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/

Hi Joachim, thanks a lot for your reply. That is exactly what I'd like to
do! Create a virtual machine on the server for a one-time user, and destroy
the virtual machine once the user closes the connection. However, I don't
have much experience in software development, thus some more clarification
would be really helpful for me. In particular, after the user opens the web
browser and selects a server, it is not clear to me how I could implement
these steps:
- the user can select the OS of the virtual machine, plus further software
to be installed on the vm
- the user launches the vm (as you said, this can just be a button to press)
and the vm gets created on the server
- the user is connected to the vm and now he/she can use it as a remote
desktop

Could you give some more advice on how to implement these steps (or maybe if
you know of any references that talk about these aspects)? Thanks again



--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/

AW: Using Guacamole to replicate Amazon EC2

[Joachim Lindenberg <jo...@lindenberg.one>]

Hi Gianluca,
For my backup application I wrote a Guacamole extension that in essence
reflects your steps 4+5. I have two directions of integration: the extension
can enumerate all backups and show them in the Guacamole user interface,
selecting one starts a virtual machine out of the backup and connects, or
v.v. I have a button in my user interface that fires up the virtual machine,
generates a token, and starts Guacamole user interface with the token, which
then is used by the extension to use a one-time user and connect to the
virtual machine.
W.r.t. step 6 - in case your user interface or Guacamole is the only access
path, it is fairly easy to integrate that with a Guacamole extension as
well. In my backup application I am relying on other means as there are many
access paths.
Best Regards, Joachim


-----Ursprüngliche Nachricht-----
Von: GianlucaMassimiani <se...@hotmail.com> 
Gesendet: Sonntag, 3. März 2019 21:55
An: user@guacamole.apache.org
Betreff: Using Guacamole to replicate Amazon EC2

I have a bunch of servers that I would like to use as a mini-cloud system,
similarly to how Amazon EC2 works. Basically I would like to:
1) Install an hypervisor (e.g. KVM) on each server
2) Install Guacamole on the servers
3) Connect to the cloud system through a web browser, being able to see
which servers are available
4) Through the web browser, select a server and specify the software (for
example, the OS) and further specifications of the instance (virtual
machine) that I want to run on that server.
5) Launch the instance on the server using the KVM, and use the instance
through the web browser
6) When I am done, disconnect from the server (instance on the server should
be destroyed)

Do you think Guacamole is suitable for such a project? My biggest concern is
about steps 4 and 5. After I have connected to the server using Guacamole,
how do I create a virtual machine on the server (that is, how can I make
Guacamole and KVM to interact with each other)? And after that, how do I
connect Guacamole with the just created virtual machine? Any advice would be
really appreciated. Thanks  



--
Sent from:
http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/

Re: Using Guacamole to replicate Amazon EC2

[sciUser <sh...@securitycentric.net>]

I know the model you are trying to design out and yes Guacamole can handle
the traffic.
We have benched Guacamole at 6000 users plus (all at once) in our
environment that is load balanced between Guac systems.

We have built a complete provisioning system that integrates with Guacamole
and any LTI/LMS, with less than a minute wait time for a user to gain
access.
So your platform if done correctly, guacamole will be perfect for it.

Thank You



--
Sent from: http://apache-guacamole-general-user-mailing-list.2363388.n4.nabble.com/