Product Documentation and Knowledge Base - HomeDocumentation


Charon-SSP


Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 8 Next »

Contents

Overview

(warning) The X11 feature is supported across a VPN, but not across a NAT connection.

The Charon-SSP Manager can set up an X11 login session using Xephyr and the XDMCP protocol.

Xephyr is a nested X-server that can run within a normal Linux or Baremetal GUI-based user session. It supports the Solaris GUI (Java Desktop, Openwin, CDE, and Gnome) and can provide graphics 3D acceleration based on the OpenGL 1.4 specification.

Running an X-server to access the graphical Solaris interface, requires a network configuration that allows a TCP/IP connection between the system running the X-server and the Solaris Guest operating system (Stromasys recommends that both systems be in the same subnet).

If the X-server runs on a remote system, the remote system must have a working TCP/IP connection to the guest system running in the Charon-SSP instance.

The screenshot below shows an X-session from Charon-SSP Manager to a guest running Oracle Solaris 10.


Please note:

The graphical performance depends on many parameters, for example, the performance of the host system, the emulated system, and the network.
One important requirement is that the round-trip time of the network connection between display device and emulated Solaris system running on the AWS instance should be less or equal to 20ms.
For every use case, a test is required to evaluate the suitability for the specific customer environment.

Prerequisites

Installing Xephyr on the Remote Linux Host

If it has not happened yet, Xephyr must be installed on the remote Linux system where the Charon-SSP Manager will be used to start the X-server.

Use the following command to install the software on a Linux system with RPM based packet management:

# yum install xorg-x11-server-Xephyr

Use the following commands to install the software on a Linux system with Debian package management:

# apt-get update
# apt-get install xserver-xephyr

Firewall Considerations

The Xephyr nested X-server listens for connections on port range 6001-6100 depending on the X11 Server configuration in Charon-SSP Manager. The configured ports must be allowed if a firewall (e.g. iptables on Linux) is used. For a quick assessment, in case the X-server does not show the dtlogin screen, the following commands on the Linux system running Xephyr can be used to turn off the firewall temporarily (depending on what firewall is being used).

# systemctl stop firewalld or # service stop iptables

On the Charon-SSP AWS instance, verify that the security group assigned to the instance permits the required traffic. If the connection to the X-server runs across an SSH VPN tunnel, only SSH must be allowed to the AWS instance.

Ask your network system administrator to configure proper access to the required port range.

Enabling XDMCP

Before using the X-server, XDMCP must be enabled on the guest system. The actions for enabling XDMCP are different depending on the version of Solaris installed on the guest. Follow the relevant sub-section below to configure XDMCP on your guest.

Enabling XDMCP on Solaris 2.5 to Solaris 9

Use the following instructions to enable remote login over XDMCP up to Solaris 9:

  1. Edit the file /usr/dt/config/Xconfig. 

    # vi /usr/dt/config/Xconfig

  2. Locate the line Dtlogin.requestPort: 0 and insert a comment character, '#', at the beginning of the line.

  3. Save the configuration file and restart the X-server (if there is no dtlogin file in /etc/init.d, you have to run /usr/dt/bin/dtconfig -e first):

    # /etc/init.d/dtlogin restart

Enabling XDMCP on Solaris 10

Use the following commands to enable remote login over XDMCP on Solaris 10:

  1. Allow access to XDMCP over the network:

    # svccfg -s cde-login setprop 'dtlogin/args=""'

  2. Restart CDE.

    # svcadm restart cde-login






Configuring and Starting the X11 Server in Charon-SSP Manager

Basic Configuration Steps and Start

Once XDMCP has been enabled on the guest, use the following basic instructions to start the X-server display. The parameters are described in detail in the next section. You can add multiple profiles with different sets of parameters to the configuration of the Charon-SSP Manager.

Basic steps for configuring and starting the X11 server

StepDescription
1

Open the X11 server Configuration window from Charon-SSP Manager (menu path Tools > X11 Server).

Here you can start/stop already configured X11 servers and add, modify or delete them.

To add a new server, click on Add. This opens the Add X11 Profile window as shown here:

2

Configure the X11 server by completing the fields:

  • Enter a profile name

  • Enter the address or name of the guest in the field IP address.

  • Choose the keyboard layout preferred for this X-session.

  • Select the host IP address from which the X-server connects to guest Solaris.

  • Select the port to be used for the communication.

  • Select the X-session screen resolutions or Full Screen from the Resolution drop down box.

  • Click OK to save the configuration.

3

Click on Start to start the selected X-server.

An existing X-server definition can be modified by selecting it and then using the Edit button in the X11 overview window.


X11 Server Configuration Parameters

The parameters of the X11 server configuration are explained in the following table:

X11 server configuration parameters
ParameterDescription

Profile name

Name to identify a specific set of configuration parameters in the list of saved configurations.

IP address

IP address of the guest Solaris system. If you are using an SSH VPN tunnel to the AWS instance, enter the address the Solaris system has in the VPN network.

The X protocol is not encrypted. So it should not be run over a public network without proper protection by a VPN.

Keyboard

Select the required keyboard from the drop-down list. You can select from the layouts provided by the system on which the Charon-SSP manager runs.

From

If the system running the X-server has only one IP address, this parameter can be left at default. If there is more than one IP address configured on the X-Server host, select the address that is on the same subnet as the Solaris guest or at least reachable from Solaris. This parameter prevents older Solaris versions from choosing a random (potentially unreachable) address from multiple IP addresses available on the host running the X-Server.

Port

Values 6001 - 6100. The port number determines on which display the X-server is started. For example, port 6001 results in the X-server running on display “:1”.

Display

Read-only field. Shows the display number based on the port number selected.

Resolution

This parameter can be adapted to specific requirements of applications with respect to the X-server capabilities (“VISUALS”). One example would be the 256-bit indexed color visual, which requires a display depth of 8 bits. It also allows users to set the X display to full screen mode.

Stopping the X11 Server

To stop the X-server, follow the instructions below:

  1. Open the X11 Server Configuration window from Charon-SSP Manager by following the menu path Tools > X11 Server. A window opens showing all configured X11 profiles.

  2. Select the X-server you want to stop.

  3. Click the Stop button to terminate the X-session.

  4. If multiple sessions to the same host are open, it will be necessary to repeat these steps for each session.

An existing X-server definition can be modified by selecting it and then using the Edit button in the X11 overview window.

Running the X11 Server on Other Operating Systems.

The mechanism described above is only valid for Linux operating systems on which the Charon-SSP Manager runs. On other systems, for example Microsoft Windows system, you can use alternative X-server applications. However, the steps are different from the ones used via the Charon-SSP Manager on Linux. As the first step, you must install an X-server. There are several commercial products. However, there are also free X-server packages, for example the X-server integrated in Cygwin, VcXsrv, or Xming. For example, the installer for Xming and more product information are available on http://www.straightrunning.com/XmingNotes/. Please also refer to the non-Cloud product documentation for additional information.


  • No labels