## 1. 安装前准备
### 1.1 系统环境
本文档以CentOS 7系统作为目标环境进行示范,系统具体版本信息如下:
```shell
.. [email protected]
.PLTJ. OS: CentOS
<><><><> Kernel: x86_64 Linux 3.10.0-1160.76.1.el7.x86_64
KKSSV' 4KKK LJ KKKL.'VSSKK Uptime: 50m
KKV' 4KKKKK LJ KKKKAL 'VKK Packages: 389
V' ' 'VKKKK LJ KKKKV' ' 'V Shell: bash 4.2.46
.4MA.' 'VKK LJ KKV' '.4Mb. Disk: 14G / 45G (31%)
. KKKKKA.' 'V LJ V' '.4KKKKK . CPU: Intel Xeon E3-1220 v5 @ 4x 3GHz
.4D KKKKKKKA.'' LJ ''.4KKKKKKK FA. GPU: VMware SVGA II Adapter
<QDD ++++++++++++ ++++++++++++ GFD> RAM: 1024MiB / 7821MiB
'VD KKKKKKKK'.. LJ ..'KKKKKKKK FV
' VKKKKK'. .4 LJ K. .'KKKKKV '
'VK'. .4KK LJ KKA. .'KV'
A. . .4KKKK LJ KKKKA. . .4
KKA. 'KKKKK LJ KKKKK' .4KK
KKSSA. VKKK LJ KKKV .4SSKK
<><><><>
'MKKM'
''
服务器IP地址:192.168.1.36
1.2 guacamole-server源码包下载
① guacamole-server版本
写文档时guacamole-server最新版本为1.4.0,因此这里以guacamole-server-1.4.0作为安装示例。
② 下载页面
访问 Apache Guacamole™: 1.4.0 页面,下载名为 guacamole-server-1.4.0.tar.gz 的源码压缩。
1.3 guacamole-client应用包下载
这里我们直接使用官网提供的已经编译好的guacamole-1.4.0.war包,而不是通过源码生成。
① guacamole-client版本
通常guacamole-client版本与guacamole-server版本对应,因此这里以guacamole-1.4.0.war作为安装示例。
② 下载页面
访问 Apache Guacamole™: 1.4.0 页面,下载名为 guacamole-1.4.0.war 的war包。
③ 下载Tomcat9
访问 Apache Tomcat® - Apache Tomcat 9 Software Downloads 页面,找到相应的Tomcat包并下载。写文档时apache-tomcat9的最新版本为apache-tomcat-9.0.70.tar.gz,本文档就以该版本作为示例说明。
2. Guacamole Server 安装
本地构建guacamole-server前需要检查并安装一些依赖包,这些依赖包分为必要依赖和可选依赖。顾名思义必要依赖是你构建guacamole-server源码必须要用到的一些软件包,没有它们你将不可能构建成功;可选依赖用于启用或者增强guacamole-server的某些功能,你可以根据实际需要选择安装还是不安装它们,它们对构建guacamole-server源码的成功与否没有影响。必要依赖和可选依赖整理如下:
① 必要依赖
sudo yum install -y cairo-devel libjpeg-turbo-devel libpng-devel libtool libuuid-devel
② 可选依赖
sudo yum install -y ffmpeg-devel freerdp-devel pango-devel libssh2-devel libtelnet-devel libvncserver-devel libwebsockets-devel pulseaudio-libs-devel openssl-devel libvorbis-devel libwebp-devel
上述依赖都是基于CentOS系统作参考的,不同操作系统可能依赖包名称有所区别,详情请参考 Installing Guacamole natively — Apache Guacamole Manual v1.4.0 。
2.1 安装依赖
本示例安装必要依赖和可选依赖中的全部依赖包,因此在命令行中执行上述两条命令即可(这里假设你的系统已经联网)。
注意:
由于CentOS官方源不一定包含所有上述依赖包(如示例中的CentOS7中的官方源就没有ffmpeg-devel、libtelnet-devel、libwebsockets-devel这三个包),因此我们还需要安装两个第三方源如下:
① EPEL
sudo yum install -y epel-release
② Nux Dextop
sudo rpm -Uvh http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-5.el7.nux.noarch.rpm
然后你就可以愉快的执行前文提到的两条安装依赖包的命令啦,nice !!!
2.2 构建过程
下面的操作都是基于源码解压目录/root/guacamole-server-1.4.0进行说明的。
① 执行 configure 配置
cd /root/guacamole-server-1.4.0 && ./configure --with-init-dir=/etc/init.d
最终输出结果应该如下:
------------------------------------------------
guacamole-server version 1.4.0
------------------------------------------------
Library status:
freerdp2 ............ yes
pango ............... yes
libavcodec .......... yes
libavformat.......... yes
libavutil ........... yes
libssh2 ............. yes
libssl .............. yes
libswscale .......... yes
libtelnet ........... yes
libVNCServer ........ yes
libvorbis ........... yes
libpulse ............ yes
libwebsockets ....... yes
libwebp ............. yes
wsock32 ............. no
Protocol support:
Kubernetes .... yes
RDP ........... yes
SSH ........... yes
Telnet ........ yes
VNC ........... yes
Services / tools:
guacd ...... yes
guacenc .... yes
guaclog .... yes
FreeRDP plugins: /usr/lib64/freerdp2
Init scripts: /etc/init.d
Systemd units: no
Type "make" to compile guacamole-server.
如上所示,除wsock32外其它项应该都显示为yes则表示所有依赖正常。假如某一项显示为no则需要重新安装对应依赖(通常是因为版本太高导致,或者依赖包依赖的其它包没有安装对应的开发包,即*-devel结尾的包)。
本示例安装时就遇到一个问题如下:
------------------------------------------------
guacamole-server version 1.4.0
------------------------------------------------
Library status:
freerdp2 ............ yes
pango ............... yes
libavcodec .......... yes
libavformat.......... yes
libavutil ........... yes
libssh2 ............. yes
libssl .............. yes
libswscale .......... yes
libtelnet ........... yes
libVNCServer ........ no
libvorbis ........... yes
libpulse ............ yes
libwebsockets ....... yes
libwebp ............. yes
wsock32 ............. no
Protocol support:
Kubernetes .... yes
RDP ........... yes
SSH ........... yes
Telnet ........ yes
VNC ........... no
Services / tools:
guacd ...... yes
guacenc .... yes
guaclog .... yes
FreeRDP plugins: /usr/lib64/freerdp2
Init scripts: no
Systemd units: no
Type "make" to compile guacamole-server.
其中libVNCServer显示为no,回溯前面输出的日志中有告警如下:
checking for gcrypt.h... no
configure: WARNING:
--------------------------------------------
libvncserver appears to be built against
libgcrypt, but the libgcrypt headers
could not be found. VNC will be disabled.
--------------------------------------------
提示说是没有找到libgcrypt包的头文件,检查得知libgcrypt-devel没有安装,因此安装它之后重新执行configure命令即可。
② 执行 make 构建源码
cd /root/guacamole-server-1.4.0 && make
编译信息如下:
[root@localhost guacamole-server-1.4.0]# make
make all-recursive
make[1]: Entering directory `/root/guacamole-server-1.4.0'
...
make[2]: Leaving directory `/root/guacamole-server-1.4.0/src/guaclog'
make[2]: Entering directory `/root/guacamole-server-1.4.0'
make[2]: Leaving directory `/root/guacamole-server-1.4.0'
make[1]: Leaving directory `/root/guacamole-server-1.4.0'ry `/root/guacamole-server-1.4.0'
如上述输出信息,只要没有提示Error,则表示编译成功。一般情况下,只要前面的configure步骤没什么问题,这一步通常是不会失败的。
③ 执行 make install 进行安装
cd /root/guacamole-server-1.4.0 && make install
安装信息如下:
[root@localhost guacamole-server-1.4.0]# make install
Making install in src/libguac
make[1]: Entering directory `/root/guacamole-server-1.4.0/src/libguac'
Making install in .
make[2]: Entering directory `/root/guacamole-server-1.4.0/src/libguac'
make[3]: Entering directory `/root/guacamole-server-1.4.0/src/libguac'
...
----------------------------------------------------------------------
Libraries have been installed in:
/usr/local/lib
If you ever happen to want to link against installed libraries
in a given directory, LIBDIR, you must either use libtool, and
specify the full pathname of the library, or use the '-LLIBDIR'
flag during linking and do at least one of the following:
- add LIBDIR to the 'LD_LIBRARY_PATH' environment variable
during execution
- add LIBDIR to the 'LD_RUN_PATH' environment variable
during linking
- use the '-Wl,-rpath -Wl,LIBDIR' linker flag
- have your system administrator add LIBDIR to '/etc/ld.so.conf'
See any operating system documentation about shared libraries for
more information, such as the ld(1) and ld.so(8) manual pages.
----------------------------------------------------------------------
...
make[2]: Leaving directory `/root/guacamole-server-1.4.0/src/guaclog'
make[1]: Leaving directory `/root/guacamole-server-1.4.0/src/guaclog'
make[1]: Entering directory `/root/guacamole-server-1.4.0'
make[2]: Entering directory `/root/guacamole-server-1.4.0'
make[2]: Nothing to be done for `install-exec-am'.
make[2]: Nothing to be done for `install-data-am'.
make[2]: Leaving directory `/root/guacamole-server-1.4.0'
make[1]: Leaving directory `/root/guacamole-server-1.4.0'
如上述输出,没有Error相关信息则表示安装成功。至此,Guacamole Server 也已构建安装完成!
3. Guacamole Client 安装
Guacamole官方已经为我们准备了一个完整可用的Java Servlet应用包(guacamole.war),我们只需要把它放在Servlet容器中运行起来,然后稍加配置即可。
前文安装前准备环节,我们已经下载以下两个包:
-
/root/guacamole-1.4.0.war
-
/root/apache-tomcat-9.0.70.tar.gz
接下来我们只需要按部就班把它们解压安装即可。
① 安装 Apache Tomcat
以本文档为例,我们把Tomcat解压安装到路径/opt/apache中。
执行命令如下:
mkdir -p /opt/apache && tar -zxvf /root/apache-tomcat-9.0.70.tar.gz -C /opt/apache
执行上述命令后,/opt目录中多了一个apache目录,并且在apache目录下还有一个apache-tomcat-9.0.70目录,其完整路径为/opt/apache/apache-tomcat-9.0.70,这里的apache-tomcat-9.0.70目录便是Tomcat安装目录。
② 安装 Guacamole Client
以本文档为例,我们把/root/guacamole-1.4.0.war包拷贝到/opt/apache/apache-tomcat-9.0.70/webapps/目录,然后再把它重命名为guacamole.war。
执行命令如下:
cp /root/guacamole-1.4.0.war /opt/apache/apache-tomcat-9.0.70/webapps/guacamole.war
至此,Guacamole Client 也已安装完成!
4. Guacamole 运行前配置
本文档只做简单运行配置,目的是快速验证Guacamole应用是否正确安装,如果想要了解更多信息,请参考 Configuring Guacamole — Apache Guacamole Manual v1.4.0 。
① 创建 GUACAMOLE_HOME 目录
GUACAMOLE_HOME默认目录为/etc/guacamole,我们通过命令行指令把它创建起来:
sudo mkdir /etc/guacamole
② 新建 guacamole.properties 文件
$GUACAMOLE_HOME/guacamole.properties是Guacamole应用的主要配置文件,我们在/etc/guacamole目录中新建该文件,并写入内容:
sudo vim /etc/guacamole/guacamole.properties
输入以下内容并保存:
# Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822
其中4822是 guacamole-server guacd 服务的默认端口号。
③ 新建 user-mapping.xml 文件
$GUACAMOLE_HOME/user-mapping.xml是Guacamole应用默认的认证用户定义文件,我们在/etc/guacamole目录中新建该文件,并写入内容:
sudo vim /etc/guacamole/user-mapping.xml
输入以下内容并保存:
<user-mapping>
<!-- Per-user authentication and config information -->
<authorize username="admin" password="Abc123!@#">
<protocol>ssh</protocol>
<param name="hostname">192.168.1.36</param>
<param name="port">22</param>
<param name="username">root</param>
<param name="password">root.123</param>
</authorize>
<!-- Another user, but using md5 to hash the password
(example below uses the md5 hash of "PASSWORD") -->
<authorize
username="root"
password="4ea87a999c60e96ab60230cb4ac34413"
encoding="md5">
<!-- First authorized connection -->
<connection name="CentOS36">
<protocol>ssh</protocol>
<param name="hostname">192.168.1.36</param>
<param name="port">22</param>
<param name="username">root</param>
<param name="password">root.123</param>
</connection>
<!-- Second authorized connection -->
<connection name="Windows37">
<protocol>vnc</protocol>
<param name="hostname">192.168.1.37</param>
<param name="port">5901</param>
<param name="password">root.123</param>
</connection>
</authorize>
</user-mapping>
以上配置表示定义两个Guacamole用户admin/Abc123!@#和root/Abc123!@#,其中admin用户登录后会立即通过ssh协议连接到“192.168.1.36”服务器,root用户登录后首先会出现一个列表页面,只有点击对应连接项后才会真正连接到对应系统。
5. 启动 Guacamole
Guacamole应用包含两部分内容,分别是guacamole-server,guacamole-client,其中guacamole-server最主要的进程是guacd。
5.1 启动 guacd
/etc/init.d/guacd start
打印信息如下:
Starting guacd: guacd[8607]: INFO: Guacamole proxy daemon (guacd) version 1.4.0 started
SUCCESS
注:guacd 命令使用说明如下
Usage: /etc/init.d/guacd {start|stop|status|restart|try-restart|force-reload}
5.2 启动 guacamole-client
cd /opt/apache/apache-tomcat-9.0.70/ && ./bin/startup.sh
打印信息如下:
Using CATALINA_BASE: /opt/apache/apache-tomcat-9.0.70
Using CATALINA_HOME: /opt/apache/apache-tomcat-9.0.70
Using CATALINA_TMPDIR: /opt/apache/apache-tomcat-9.0.70/temp
Using JRE_HOME: /opt/java/jdk1.8.0_202
Using CLASSPATH: /opt/apache/apache-tomcat-9.0.70/bin/bootstrap.jar:/opt/apache/apache-tomcat-9.0.70/bin/tomcat-juli.jar
Using CATALINA_OPTS:
Tomcat started.
6. 访问 Guacamole Client
由前文可知我们配置的服务器IP地址为192.168.1.36,Tomcat默认端口号为8080,所以在浏览器中访问http://192.168.1.36:8080/guacamole即可打开如下页面,然后使用admin/Abc123!@#或者root/Abc123!@#登录即可。
至此,从 guacamole-server-1.4.0 的源码构建安装,到 guacamole-client-1.4.0 的安装以及简单配置使用便算完成。更多详情信息请参考 Introduction — Apache Guacamole Manual v1.4.0 。
标签:1.4,guacamole,server,apache,yes,root,Guacamole From: https://www.cnblogs.com/youbins/p/16971829.html