[Thinlinc-technical] FW: HA++

Ι.Αναστόπουλος yanastop at cdseda.att.sch.gr
Wed Apr 23 13:25:47 CEST 2014



-----Original Message-----
From: Ι.Αναστόπουλος 
Sent: Wednesday, April 23, 2014 2:25 PM
To: 'Rui Lapa'
Subject: RE: [Thinlinc-technical] HA++

Why don't you put something like GUACAMOLE in between just for external clients (It's HTML5 clientless)

John Anastopoulos
Greek Sxhool Network Admin

-----Original Message-----
From: thinlinc-technical-bounces at lists.cendio.se [mailto:thinlinc-technical-bounces at lists.cendio.se] On Behalf Of Rui Lapa
Sent: Wednesday, April 23, 2014 1:40 PM
To: Peter Astrand
Cc: thinlinc-technical at lists.cendio.se
Subject: Re: [Thinlinc-technical] HA++

Hello,

     Let me explain a little more.


     Currently, we have a centralized FreeNX scenario with 2 frontend servers and 29 backend servers, supporting +500 users, all running in the LAN, on old server hardware.
     This scenario has been running for 4 years. We created message queuing and remote tasks to alleviate our stupid day to day sysadmin jobs, ...
     More info, on this 2 year old presentation (sorry, portuguese)
 
http://www.slideshare.net/rui_lapa/desktop-linux-na-tranquilidade-portolinux-presentation?qid=a331b942-8a98-4ae9-aea0-c02698e698b4&v=default&b=&from_search=1

     At the moment, we are evolving the solution to "crazy", so we want to provide a desktop to external "entities" and shops without internal network access, while still providing internal linux desktops.
     The crazy is, that the external desktops servers will run on a cloud provider.
     In the future, we plan to ONLY use cloud servers, while keeping the
2 vsmservers on the DMZ.

      So far, we tested 2 scenarios already, with great success:
      - 2 vsmservers + 2 agents, all on LAN
      - 2 vsmservers + 2 agents, all on the cloud provider with a VIP (opened ports TCP 904, 1010 and 22)

      At this time we are doing our final test, where we have 2 DMZ vsmservers, 3 LAN agents and 2 Cloud agents.

     The datacenter has 4 dedicated internet circuits, with 1 IP each, in a in/output load balancing scenario. (F5 BigIp).

     The cloud agents are getting 4 (tcp/904) pollings from each external ip of each circuit.
     Due to this, we configured cloud agents "/vsmagent/allowed_clients" 
mapped to the 4 external NAT IP's.
     Unfortunately, even though, we get the tcpdump from each IP to
TCP/904 and see the replies, the vsmservers webadmin status load page keeps considering these servers one cycle up, the next up/down, randomly.
     The internal vsmserver have the "/vsmserver/terminalservers", with the external cloud ip's and the internal lan ips.

     But, is there anything more we need to do?

Thanks a lot for the help,
     Rui Lapa

PS: This is a crazy project, but I like CRAZY! ;)

On 04/23/2014 07:26 AM, Peter Astrand wrote:
>
> In general, we recommend that all machines of a cluster (both VSM 
> Servers and VSM Agents) are located on the same network segment. 
> Running VSM Server in a DMZ and the Agents on another network does not 
> really give any advantages. Any particular reason why you want to do that?
>
> Also, splitting the cluster across the Internet is not either 
> recommended. The communication protocols used inside a ThinLinc 
> cluster are designed for a local network segment.
>
> Can you tell us what you are trying to achieve? Perhaps you are 
> looking for some kind of "meta cluster" or "cluster of cluster" functionality?
>
> Best regards, Peter
>
> On Mon, 21 Apr 2014, Rui Lapa wrote:
>
>> Hello,
>>
>>    We are testing thinlinc with a strange scenario.
>>
>>    The vsmservers will be on our facilities (DMZ), and the agents 
>> will be both on our facilities (LAN) and simultaneouslly on remote 
>> locations (Internet).
>>
>>    The vsmservers have private IP's, NAT'd behind 4 possible 
>> circuits, each one with it's own external IP (round-robin).
>>     We have an external virtual IP load balanced to both vsmservers.
>>
>>    The external agents will receive a status polling (tcp/904) from 
>> either 4 external IP's.
>>     The internal agents will be polled using their private LAN IP.
>>
>>    On the agent we have configured "/vsmagent/allowed_clients" mapped 
>> to the 4 public IP's, but they are switching down/up/down/up!
>>
>>    Is this scenario possible, and where are we making a mistake?
>>
>> Thanks a lot,
>>    Rui Lapa
>> _______________________________________________
>> Thinlinc-technical mailing list
>> Thinlinc-technical at lists.cendio.se
>> Manage your subscription:
>> http://lists.cendio.se/mailman/listinfo/thinlinc-technical
>>
>>
>
>
> ---
> Peter Astrand        ThinLinc Chief Developer
> Cendio AB        http://cendio.com
> Teknikringen 8        http://twitter.com/ThinLinc
> 583 30 Linkoping    http://facebook.com/ThinLinc
> Phone: +46-13-214600    http://google.com/+CendioThinLinc

_______________________________________________
Thinlinc-technical mailing list
Thinlinc-technical at lists.cendio.se
Manage your subscription:
http://lists.cendio.se/mailman/listinfo/thinlinc-technical



More information about the Thinlinc-technical mailing list