Configuring VNC server on Linux hosts

Linux shell is a powerful and necessary tool for Linux administrator. You can do everything from command line, but, in some cases, there is useful a GUI for some tasks. In this post I will setup VNC server on two Linux boxes : Centos 5.5 and Ubuntu 10.04 desktop version. VNC allows admins to interact with a graphical interface in Linux hosts. This is similar to "Remote Desktop Connections" in Windows Servers.

Installing VNC on a Centos box

In some linux distributions VNC server is installed by default , if don't, use yum to install it

# yum install vnc vnc-server

Now you must specify a password for connecting to desktops.

# vncpasswd

Password:

Verify:

It creates a pass for user root. Remember security password considerations.

To start a session, only type

# vncserver :1

It will create a desktop session numbered as "one". This number is important. It defines the port used to establish connections with VNC server. The ports will be discussed later.

To connect to VNC server used a VNC client and specify connection parameters.

 

After IP address, type :<number of desktop>, the same you used previously, and click connect. Specify the password that you set and you will get this.

With this terminal you can configure system settings in graphical mode, e.g. system-config-users

Now if you want to access a full gnome terminal you should change the following:

Edit /root/.vnc/xstartup

[root@localhost ~]# vim /root/.vnc/xstartup

#!/bin/sh

# Uncomment the following two lines for normal desktop:

# unset SESSION_MANAGER

# exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup

[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources

xsetroot -solid grey

vncconfig -iconic &

xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &

twm &

--> Note the changes :

#!/bin/sh

# Uncomment the following two lines for normal desktop:

 unset SESSION_MANAGER

 exec /etc/X11/xinit/xinitrc

[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup

[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources

xsetroot -solid grey

vncconfig -iconic &

xterm -geometry 80x24+10+10 -ls -title "$VNCDESKTOP Desktop" &

startx &

The two commented lines were uncommented and the last line was changed to "startx" to start gnome sessions. This changes only affect new VNC sessions. You don’t have to restart any service.

Now we have a beautiful and fully gnome session:

 

If you want to stop VNC server you can do;

 #service vncserver stop

or for a particular session

#vncserver -kill :<number of session>

Also if you want to use a web browser point it to

http://yourserver:(5800+number_of_session)

Installing VNC on an Ubuntu 10.04 box

Install vnc4server.

#apt-get install vnc4server  vnc-java

Set a password:

#vnc4passwd

The config files are located in the same place /home/user/.vnc or /root/.vnc. Edit de xstartup file in the same way. After that, you should give the file /etc/X11/xinit/xinitrc execution permissions.

# chmod 755 /etc/X11/xinit/xinitrc

Use the client and that's all.

 

"The m and s syndrome"

If you did the above steps for Ubuntu 10.4 almost all work is finished . But, when you connect to VNC server  and you type letter "m" or "s" the indicator applet shows you mail menu and session menu respectively. You may remove this icons from your desktop but I didn't like that. This behavior is a bug in indicator applet version 0.3.6 for Lucid. In the 0.3.7 the bug is fixed it.

You can download it from https://launchpad.net/ubuntu/+source/indicator-applet/0.3.7-0ubuntu1

To compile it, first install :

intltool

libgtk2.0-dev

libappindicator-dev

libpanel-applet2-dev

Compiling:

#./configure

#make

#make install

By default binaries are installed in /usr/local/libexec, but they must be placed in /usr/lib/indicator-applet/

Close all X sessions and do:

cp /usr/local/libexec/* /usr/lib/indicator-applet/

Now you can start your session without the "m and s syndrome" .

 

Required ports  to establish VNC connections

VNC uses the following mechanism for assigning ports. The port used for a session is the sum of 5900+<number of the session that you select>. For example if you select session number 3 (vnc4server :3), the port used for it is 5900+3=5903. In the same way for web access but beginning in port 5800. In your firewall you should open a range of ports to allow VNC connections. 

Using a SSH tunnel to encrypt data transmission

VNC is unsecure in nature. If you need to establish a connection over an unsecured network you may desire to protect it using SSH encryption mechanisms.  We will use putty for that.

Configure putty tunnel  in this way:

 

Then, point your vnc client to localhost:3000 (in this case)

And that's all!!!.

Veeam Reporter Free Edition is available for download

Hi: Good news for VMware admins. Veeam released Veeam Reporter Free Edition, a tool for document your virtual infrastructure. When your boss ask you to do a report you don't have to spend a lot of time making clicks on your virtual machines  and host. I will test it. Wait my comments!!!

Adding SATP rules on Vsphere 4.1 for EVA 5000 assuring failover

It's true that before implementing a software solution we must take a look in Hardware Compatibility Guides, but if we already have the hardware components and they aren't in HCL, the term engineering comes to play. :)

My company acquired Vsphere 4.1 and we had two EVAs: EVA 8000 and EVA 5000. With the first of them there were no problems. It's fully supported (Active/Active array with ALUA compliance) . The SAPT recognized it  as VMW_SAPT_ALUA. But, always there is a but, EVA 5000 VCS 3.11 is not supported. It is recognized it as VMW_SAPT_DEFAULT_AA (Active/Active).  As you see at the fig.1. 

fig.1

                                                                                           

The problem came when I did a virtual disk failover between controllers from Command View. All virtual machines inside that datastore hung up. The datastore was missing.

I began to look for a solution, but nothing. In some blogs the recommendation was to upgrade to VCS 4.x, which support Active/Active mode, but, another but, to do that, I should upgrade Command View from version 6 to 9 because version 6 doesn't support VCS 4.x. The problem is the license for the upgrade: license=$$. In others blogs the recommendation was to add rules for the desired SATP but they weren't specific to EVA 5000.

After a period of trial-error adding rules, the output of esxcli --server x.x.x.x corestorage device list gave me the information needed:

  Vendor: COMPAQ

  Model: HSV110 (C)COMPAQ

With this information, the addrule command is:

 esxcli nmp satp addrule --vendor="COMPAQ" --model="HSV110 (C)COMPAQ" --claim-option="tpgs_off" --satp="VMW_SATP_DEFAULT_AP" --description="Support Mod for EVA5000"

tpgs_off means that the array is not ALUA compliant.

Reboot the host and as you see in fig.2 you will have the two host port of the non managing controller marked as "Stand By".

fig.2

Now, it is time to test the configuration. In Command View change the owner controller of the disk to the other. If all was successful, you must see the failover condition:

fig.3

Maybe, this configuration isn't supported, but, it works...