-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On 20/03/17 08:37, Martin Kletzander wrote:
On Wed, Mar 15, 2017 at 10:26:20AM +0000, Daniel Pocock wrote:
>
> Can anybody comment on how to host virtual desktops on a headless
> server using libvirt and KVM on the server and a SPICE client to
> access the virtual desktop? Is there a standard way of doing
> this?
>
> I've seen many fragments of information about how to do this but
> I didn't come across a single guide describing the entire
> solution. Search engines also return a lot of information about
> gaining remote access to a real physical desktop but that is not
> what I'm looking for. I've also come across many real-world
> scenarios where people are manually starting VNC server processes
> for each user on different ports but I was hoping to find out if
> there is a more standard way of doing this now.
>
> When I say "virtual desktop", the type of user experience I'm
> thinking about is that named users can run a SPICE client
> anywhere and always connect to the same host/desktop. E.g. if
> they leave some windows open, disconnect, go to another physical
> machine and reconnect with the same username they will see the
> same desktop with the same windows open.
>
How is it different to just having VM per user on that host and
having people connect to their VMs (using TLS and passwords, for
example, just to make sure). Each VM will have its own spice (or
VNC) server and users can connect to them either directly (if there
is access and open ports etc.) or through libvirt (if they are
not). If latter is the case, you can use ACLs to restrict
particular users to connect only to their machines.
That would be one solution - is there any standard solution to manage
the ACLs and to route each user's connection to the right machine
without asking each user to remember their machine name?
Is there a way to do this where multiple users are concurrently logged
in to the same virtual server, similar to different XDMCP sessions
started on the same server for different X users?
Regards,
Daniel
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAEBCAAGBQJZCIJkAAoJEGxlgOd711bE6gUQALGT7dxFUWtYmKuf3/5eBLAG
CTwsTTEN69a8DNp8QNN/q1HtXRjmSCvltcCYfVYOtDlAPSvW/oHoQ2jsoa9k4CY2
YwUN10ChUILicb6braRycFwC2Ff+iA3eME3ncRjwuN9huqszyilLlqU3uAg2+xD2
yfOazAW8pta/cg6Fom41D0IC9I5HXBJLn4AOO0Sbj1eOrSGpIdZYabtKRkMSafJO
/0fuOFvYpWQ4+oMqQEICRthu+xF6fbey25hnD3TUJgCW2zM5s4a2oPZdjiFvGtw6
c5uzDcX5Uc0UlcGIKzoT2FvvgTyKkGOae9MXaZSzFXHCTPua3JZYeGcWFAYjTvqQ
934e2/WEnsEFcMaQmySeIHw/ZDxC/CMJzGzyIOr+rEuExezsJMyeXHwk+z6TGoXN
CryrApnZB+0Qye6NqdCL+7o/q0W/gxQaGUSlwp4Fjmt62ecgNPlMfq4qndASOpq3
GlSFGuVvz9yFLKkejbAgcT1+cJ3pnI2wdozUmi+nOj9ygdvVdqw0+OMQj0qmQwL1
zjRpCJnz/Algv9w8LRfo9FamUxafo2EFq3HgmMqZf28cc91H+0ekfumOuR4jK0cu
FfZCDvKm5XWs45KYknzsBsCQVMP3DyOj3J7hAElkgrGwIE8tdwrlfaS/m/U3MNtB
C3XU90VUrSsb+o0Nor+H
=b7NO
-----END PGP SIGNATURE-----