[libvirt-users] building virtual desktops with libvirt, KVM, SPICE and GNOME

Tue May 2 12:58:12 UTC 2017

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

On 20/03/17 08:37, Martin Kletzander wrote:
> On Wed, Mar 15, 2017 at 10:26:20AM +0000, Daniel Pocock wrote:
>> 
>> Can anybody comment on how to host virtual desktops on a headless
>> server using libvirt and KVM on the server and a SPICE client to
>> access the virtual desktop?  Is there a standard way of doing
>> this?
>> 
>> I've seen many fragments of information about how to do this but
>> I didn't come across a single guide describing the entire
>> solution. Search engines also return a lot of information about
>> gaining remote access to a real physical desktop but that is not
>> what I'm looking for. I've also come across many real-world
>> scenarios where people are manually starting VNC server processes
>> for each user on different ports but I was hoping to find out if
>> there is a more standard way of doing this now.
>> 
>> When I say "virtual desktop", the type of user experience I'm
>> thinking about is that named users can run a SPICE client
>> anywhere and always connect to the same host/desktop.  E.g. if
>> they leave some windows open, disconnect, go to another physical
>> machine and reconnect with the same username they will see the
>> same desktop with the same windows open.
>> 
> 
> How is it different to just having VM per user on that host and
> having people connect to their VMs (using TLS and passwords, for
> example, just to make sure).  Each VM will have its own spice (or
> VNC) server and users can connect to them either directly (if there
> is access and open ports etc.) or through libvirt (if they are
> not).  If latter is the case, you can use ACLs to restrict
> particular users to connect only to their machines.
> 

That would be one solution - is there any standard solution to manage
the ACLs and to route each user's connection to the right machine
without asking each user to remember their machine name?

Is there a way to do this where multiple users are concurrently logged
in to the same virtual server, similar to different XDMCP sessions
started on the same server for different X users?

Regards,

Daniel
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJZCIJkAAoJEGxlgOd711bE6gUQALGT7dxFUWtYmKuf3/5eBLAG
CTwsTTEN69a8DNp8QNN/q1HtXRjmSCvltcCYfVYOtDlAPSvW/oHoQ2jsoa9k4CY2
YwUN10ChUILicb6braRycFwC2Ff+iA3eME3ncRjwuN9huqszyilLlqU3uAg2+xD2
yfOazAW8pta/cg6Fom41D0IC9I5HXBJLn4AOO0Sbj1eOrSGpIdZYabtKRkMSafJO
/0fuOFvYpWQ4+oMqQEICRthu+xF6fbey25hnD3TUJgCW2zM5s4a2oPZdjiFvGtw6
c5uzDcX5Uc0UlcGIKzoT2FvvgTyKkGOae9MXaZSzFXHCTPua3JZYeGcWFAYjTvqQ
934e2/WEnsEFcMaQmySeIHw/ZDxC/CMJzGzyIOr+rEuExezsJMyeXHwk+z6TGoXN
CryrApnZB+0Qye6NqdCL+7o/q0W/gxQaGUSlwp4Fjmt62ecgNPlMfq4qndASOpq3
GlSFGuVvz9yFLKkejbAgcT1+cJ3pnI2wdozUmi+nOj9ygdvVdqw0+OMQj0qmQwL1
zjRpCJnz/Algv9w8LRfo9FamUxafo2EFq3HgmMqZf28cc91H+0ekfumOuR4jK0cu
FfZCDvKm5XWs45KYknzsBsCQVMP3DyOj3J7hAElkgrGwIE8tdwrlfaS/m/U3MNtB
C3XU90VUrSsb+o0Nor+H
=b7NO
-----END PGP SIGNATURE-----