Blog Article:

Open Source VDI with OpenNebula and Guacamole

Marco Mancini

Senior Cloud Solutions Architect at OpenNebula

Sep 29, 2022

VDI solutions provide end-users with ubiquitous access from a variety of devices and places to desktops and applications that are centrally managed and curated by their company’s IT staff. In this way, organizations can ensure that these environments are properly managed and configured for securely accessing corporate resources and sensitive data.

Since we published “Using OpenNebula for Handling WFH Demands for VDI at the Edge” and launched a screencast on Virtual Desktop Infrastructure (VDI) at the Edge with OpenNebula, we have received dozens of messages asking about how to reproduce the VDI solution based on the integration of OpenNebula and Apache Guacamole. We have decided to publish this new blog post so that everyone can easily drive into the integration of OpenNebula with Guacamole and set up their own environment for providing virtual desktops.

Scope of the Virtual Desktop Infrastructure (VDI) Support

By seamlessly integrating Guacamole, OpenNebula provides an end-to-end solution for your organization’s VDI needs, which can be used to set up a stable, easy-to-deploy open source VDI solution as an alternative to other complicated VDI legacy stacks or expensive cloud solutions, improving user experience and reducing costs associated with cloud infrastructures. 

The main features that OpenNebula provides now thanks to the integration with Guacamole are:

  • Automated and dynamic creation/deletion of cloud-based virtual desktops. 
  • A private catalog of customized virtual desktop images (e.g. Windows and Linux).
  • A convenient graphical user interface (GUI) to connect to virtual desktops using different protocols (e.g. RDP, VNC, or SPICE).

OpenNebula is used mainly to address features #1 and #2, whereas Guacamole helps us address feature #3. OpenNebula can be used to provision cloud-based on-demand virtual desktops and applications using on-premise infrastructure resources. OpenNebula also provides the necessary tools for IT staff to customize corporate VM images that users can then easily instantiate. Guacamole, on the other hand, is a powerful open source software that supports standard protocols like VNC, RDP, and SSH, providing access to virtual desktops through HTML5 browsers without the requirements of plugins or desktop clients.

By integrating OpenNebula with Guacamole, an end-user can access a corporate virtual desktop belonging to a pool of virtual machines that are created and destroyed dynamically according to the company’s internal policies and needs, including energy optimization rules… Quite handy, isn’t it? 😉

Deployment and Integration of OpenNebula with Guacamole

The only limitation of this integration at the moment is that some effort is required to deploy and set up the whole environment—there is no automated procedure yet. That’s why, in order to facilitate such a deployment, we have updated this public KB article with more information and specific instructions for that process, based on our latest version, OpenNebula 6.4 “Archeon”: Virtual Desktop Infrastructure (VDI) with OpenNebula and Guacamole – Deployment Guide.

The setup makes use of OpenNebula’s Hook subsystem, the component that enables the execution of custom scripts tied to a change in the state within a particular resource (e.g. the creation/deletion of a virtual machine). In the deployment guide, you can find the hooks that are needed in order to integrate OpenNebula resources and the connection creation in Guacamole.

opennebula guacamole illustration 1

Cloud admins can also build a private catalog of customized VM images that can be used for the provisioning of corporate virtual desktops to employees, based on the company’s internal needs (i.e. specific operating systems, access to corporate applications, authentication via LDAP/Active Directory, etc.). OpenNebula also provides the necessary tools for admins to build corporate VM images by defining the contextualization of both Windows and Linux images.

Configuration and Use

Once the setup is done, cloud admins can proceed to define pools of virtual resources for provisioning virtual desktops to end-users. In order to do so, the administrator needs to define a OneFlow service in OpenNebula and a connection group in Guacamole for each type of virtual desktop that they would like to provide to their employees. This is described in detail in the following guide: Virtual Desktop Infrastructure (VDI) with OpenNebula and Guacamole – Admin Guide. Through OneFlow, cloud admins can adapt the VDI environment to the company’s real needs by defining automated capabilities for its infrastructure. Some of these options include, for instance, scheduling the creation of a specific amount of virtual resources to be available only during working hours, or the dynamic scaling of virtual resources in case there’s some unexpected peak in demand.

The administrator is also responsible for associating Guacamole connection groups with users. If the administrator has access to a user directory (e.g. LDAP or Active Directory), both OpenNebula and Guacamole can be configured to use it, thus simplifying the management of the authentication process. Once everything is set up, your employees or customers just need to log in to the Guacamole server to start using their own virtual desktops. Ta-da! 🤓

🚀 Are you a corporate user? Check out our Professional Services and contact us to find out how we can help you deploy an OpenNebula-based VDI solution in a production environment.

2 Comments

  1. translator

    This is a great post! I’m currently using OpenNebula and Guacamole to run my VDI environment and it works great. Thanks for the write-up!

    Reply
  2. Mentare

    OpenNebula and Guacamole are a powerful combination for open source VDI. OpenNebula manages the virtual infrastructure, while Guacamole provides remote desktop access. This setup is cost-effective, flexible, and offers seamless remote work solutions.

    Reply

Submit a Comment

Your email address will not be published. Required fields are marked *