Odds and Ends

/home

/about

/archive

/projects

/tags

/quotes

Quickly Set Up Guacamole Using Docker

Apache Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC, RDP, and SSH.

Thanks to HTML5, once Guacamole is installed on a server, all you need to access your desktops is a web browser.

The Guacamole manual can be found here, but because the project is broken into 2 or more peices, it can take a bit of poking around and toggling between sections to find the exact steps one needs to quickly get up and running from scratch using Docker.

Guacamole uses a guacd service to actually handle remote desktop connections, and a separate front-end based on Tomcat that talks directly to the guacd service. To handle authentication, the web-app needs to have one of several authentication resources enabled. Since I didn’t want to connect with any exisitng authentication provider, I used the mysql database backend for Guacamole’s authentication and configuration.

The following steps use simple docker run commands from scripts or the command-line, and don’t assume the use of Stacks or Swarm clusters. This setup should be fine for setting up on a local network, but care should be taken if opened to the internet.

These docker images will be pulled from the respective repositories when the commands are run:

  • guacamole/guacd The remote connection daemon
  • guacamole/guacamole The web-app interface
  • mysql The authentication and configuration backend
 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25

LOCALGUACDIR=/myguacdir
MYSQLROOTPASS=myguacamoledatabasepass

# Initialize some specific database objects used by Guacamole for auth and config
cd $LOCALGUACDIR && docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --postgres > initdb.sql

# Run mysql docker
docker run -d --name guac-mysql \
      --mount=type=bind,source="${LOCALGUACDIR}/initdb.sql",target="/docker-entrypoint-initdb.d/initdb.sql" \
      -e MYSQL_ROOT_PASSWORD=${MYSQLROOTPASS} \
      -e MYSQL_DATABASE=guacamole \
      mysql "--default-authentication-plugin=mysql_native_password"

# Run the daemon
docker run --name some-guacd -d guacamole/guacd

# Run the web-app and connect the mysql and guacd containers
# Forward external port 8083 to the Tomcat's 8080
docker run --name some-guacamole \
    --link some-guacd:guacd        \
    --link guac-mysql:mysql \
    -e MYSQL_DATABASE=guacamole \
    -e MYSQL_USER=root \
    -e MYSQL_PASSWORD=${MYSQLROOTPASS} \
    -d -p 8083:8080 guacamole/guacamole

The interface can be accessed at http://localhost:8083/guacamole. There is a default admin user called guacadmin and password (same). Definitely change this once everything is setup and running!

Projecting Rasters for Plotly Mapbox Plots
Bad Hacks to Find Linux Drive Device from UUID
back to top