[X2Go-Dev] Bug#1012: Bug#1012: Session reconnect doesn't work (x2gobroker)
Mike Gabriel
mike.gabriel at das-netzwerkteam.de
Tue Mar 22 12:14:57 CET 2016
Hi Stefan,
ah, sorry, missed your initial post around #1012.
On Di 22 Mär 2016 10:42:03 CET, Stefan Baur wrote:
> package: x2gobroker
> version: 0.0.3.0
>
> Situation: two identical nodes, only difference is DNS name + IP
> Desired result: load-balanced X2Go systems, where a suspended session
> can be resumed
>
> Actual outcome: Each connect starts a new session, suspended sessions
> are left dangling forever
>
> Questions:
> 1) Is x2gobroker-daemon needed at all for ssh-only connections to the
> broker?
No. But I recommend starting with x2gobroker-daemon, because it allows
much easier debugging.
> 2) Did I miss any obvious steps?
What were your steps? (ah... ok... posted below...)
> 3) What would be the suggested path to debug this?
Use http brokerage for debugging. Run
x2gobroker-daemon-debug
as root on the cmdline and post suspicious messages here.
Where do you actually have the X2Go Broker installed? On both X2Go
Servers? This is a non-recommended setup.
The recommended setup is:
on broker machine, several X2Go Servers
or
two broker machines (with DNS round robin), several X2Go Servers
> A full typescript ecording of the installation process is available,
> but as no command returned any error messages, let me shorten it down to
> the commands that were executed:
>
> # commands executed on both first and second node
> apt-get install x2gobroker -y
> cp /etc/x2go/x2gobroker.conf /etc/x2go/x2gobroker.conf.orig
> vi /etc/x2go/x2gobroker.conf # see diff below
> apt-get install x2gobroker-agent -y
> cp /etc/x2go/broker/x2gobroker-sessionprofiles.conf
> /etc/x2go/broker/x2gobroker-sessionprofiles.conf.orig
> vi /etc/x2go/broker/x2gobroker-sessionprofiles.conf # see diff below
> x2gobroker-keygen
> cp /var/lib/x2gobroker/.ssh/id_rsa.pub /tmp/
> cd /tmp/
> vi id_rsa.pub # added a blank and the server name to end of file
> python -m SimpleHTTPServer 8081 # run temporary web server so second
> node can fetch the file
> # once both web servers were up, the following commands were executed
> # on BOTH nodes:
> x2gobroker-pubkeyauthorizer -t http://firstnode:8081/id_rsa.pub
> x2gobroker-pubkeyauthorizer -t http://secondnode:8081/id_rsa.pub
> # Sadly, no working session reconnect with these command line
> # parameters - it always starts a new session:
> x2goclient
> --broker-url=ssh://accountwithapublickey@firstnode:22/usr/bin/x2gobroker
> --broker-autologin
> # This is using x2goclient-4.0.5.0-2015.07.31
You could play with the x2gobroker-testagent script and investigate
the calls to the X2Go Server side x2gobroker-agent.
You could also check if you can use the broker-autologin feature on a
per session basis. x2gobroker-daemon-debug will be your friend...
> # taking a closer look at
> # http://wiki.x2go.org/doku.php/doc:installation:x2gobroker:
> # maybe x2gobroker-daemon is missing? So ...
It depends on what brokerage you want to use: x2gobroker-ssh -> SSH
brokerage, x2gobroker-daemon or x2gobroker-wsgi -> http brokerage.
> apt-get install x2gobroker-daemon -y # this also pulls in
> x2gobroker-authservice
Yes. It is required for the pam authmech inside the broker daemon. If
you authenticate directly against LDAP or HTTPS, then
x2gobroker-authservice is not needed.
> # Sadly, no change, still no working session reconnect :-(
>
> # ---------------------------------------------------------
>
> diff -u /etc/x2go/x2gobroker.conf.orig /etc/x2go/x2gobroker.conf
> --- /etc/x2go/x2gobroker.conf.orig 2016-03-19 18:39:02.034407506 +0100
> +++ /etc/x2go/x2gobroker.conf 2016-03-19 19:56:05.781729565 +0100
> @@ -241,6 +241,7 @@
> # The agent query mode can be configured on a per-broker-backend basis, the
> # below value is the default.
> #default-agent-query-mode=NONE
> +default-agent-query-mode=SSH
>
> # Probe SSH port of X2Go Servers (availability check)
> #
> @@ -254,7 +255,7 @@
> # Per default, we set this to "true" here. The portscan feature can be
> # deactivated on a per-session-profile basis (use:
> broker-portscan-x2goservers =
> # false in the session profile configuration).
> -#default-portscan-x2goservers = true
> +default-portscan-x2goservers = false
>
> # Use load checker for querying X2Go Servers' loads in regular intervals
> #
> @@ -294,13 +295,13 @@
> # o the session profile does not block queries to the load checker daemon
> # on a per profile basis
> #
> -#default-use-load-checker = false
> +default-use-load-checker = true
Do you have x2gobroker-loadchecker install on the broker server?
Shouldn't cause your failure, but still...
> # If the x2gobroker-loadchecker daemon gets used, define here how
> # many seconds to sleep between cycles of querying system load from the
> # associated X2Go Servers.
> #
> -#load-checker-intervals = 300
> +load-checker-intervals = 300
>
>
> ###
> @@ -345,9 +346,8 @@
> #desktop-shell = KDE
>
> [broker_inifile]
> -#enable = true
> -#session-profiles = /etc/x2go/broker/x2gobroker-sessionprofiles.conf
> -#use-load-checker = false
> +enable = true
> +session-profiles = /etc/x2go/broker/x2gobroker-sessionprofiles.conf
>
> #[broker_ldap] -> MUSIC OF THE FUTURE
> #enable = false
>
Please consider contracting me, on such a project. The X2Go Broker's
code says it all. If reading the code is problematic, consider
contracting me for supervision.
Mike
--
DAS-NETZWERKTEAM
mike gabriel, herweg 7, 24357 fleckeby
fon: +49 (1520) 1976 148
GnuPG Key ID 0x25771B31
mail: mike.gabriel at das-netzwerkteam.de, http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/mailxchange/kronolith/fb.php?u=m.gabriel%40das-netzwerkteam.de
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 819 bytes
Desc: Digitale PGP-Signatur
URL: <http://lists.x2go.org/pipermail/x2go-dev/attachments/20160322/ef5444a0/attachment.pgp>
More information about the x2go-dev
mailing list