Docker image for Guacamole - the clientless remote desktop gateway.
What is Guacamole?
Guacamole is a clientless remote desktop gateway. It supports standard protocols like VNC and RDP. We call it clientless because no plugins or client software are required.
Thanks to HTML5, once Guacamole is installed on a server, all you need to access your desktops is a web browser.
How to use this image
Using this image will require an existing, running Docker container with the guacd image, and another Docker container providing either a PostgreSQL or MySQL database.
The name of the database and all associated credentials are specified with environment variables given when the container is created. All other configuration information is generated from the Docker links.
Beware that you will need to initialize the database manually. Guacamole will not automatically create its own tables, but SQL scripts are provided to do this.
Once the Guacamole image is running, Guacamole will be accessible at http://[address of container]:8080/guacamole/. The instructions below use the -p 8080:8080 option to expose this port at the level of the machine hosting Docker, as well.
Deploying Guacamole with PostgreSQL authentication
docker run --name some-guacamole --link some-guacd:guacd \
--link some-postgres:postgres \
-e POSTGRES_DATABASE=guacamole_db \
-e POSTGRES_USER=guacamole_user \
-e POSTGRES_PASSWORD=some_password \
-d -p 8080:8080 glyptodon/guacamole
Linking Guacamole to PostgreSQL requires three environment variables. If any of these environment variables are omitted, you will receive an error message, and the image will stop:
- POSTGRES_DATABASE - The name of the database to use for Guacamole authentication.
- POSTGRES_USER - The user that Guacamole will use to connect to PostgreSQL.
- POSTGRES_PASSWORD - The password that Guacamole will provide when connecting to PostgreSQL as POSTGRES_USER.
Initializing the PostgreSQL database
If your database is not already initialized with the Guacamole schema, you will need to do so prior to using Guacamole. A convenience script for generating the necessary SQL to do this is included in the Guacamole image.
To generate a SQL script which can be used to initialize a fresh PostgreSQL database as documented in the Guacamole manual:
docker run --rm glyptodon/guacamole /opt/guacamole/bin/initdb.sh --postgres > initdb.sql
Alternatively, you can use the SQL scripts included with guacamole-auth-jdbc.
Once this script is generated, you must:
- Create a database for Guacamole within PostgreSQL, such as guacamole_db.
- Run the script on the newly-created database.
- Create a user for Guacamole within PostgreSQL with access to the tables and sequences of this database, such as guacamole_user.
The process for doing this via the psql and createdb utilities included with PostgreSQL is documented in the Guacamole manual.
Deploying Guacamole with MySQL authentication
docker run --name some-guacamole --link some-guacd:guacd \
--link some-mysql:mysql \
-e MYSQL_DATABASE=guacamole_db \
-e MYSQL_USER=guacamole_user \
-e MYSQL_PASSWORD=some_password \
-d -p 8080:8080 glyptodon/guacamole
Linking Guacamole to MySQL requires three environment variables. If any of these environment variables are omitted, you will receive an error message, and the image will stop:
- MYSQL_DATABASE - The name of the database to use for Guacamole authentication.
- MYSQL_USER - The user that Guacamole will use to connect to MySQL.
- MYSQL_PASSWORD - The password that Guacamole will provide when connecting to MySQL as MYSQL_USER.
Initializing the MySQL database
If your database is not already initialized with the Guacamole schema, you will need to do so prior to using Guacamole. A convenience script for generating the necessary SQL to do this is included in the Guacamole image.
To generate a SQL script which can be used to initialize a fresh MySQL database as documented in the Guacamole manual:
docker run --rm glyptodon/guacamole /opt/guacamole/bin/initdb.sh --mysql > initdb.sql
Alternatively, you can use the SQL scripts included with guacamole-auth-jdbc.
Once this script is generated, you must:
- Create a database for Guacamole within MySQL, such as guacamole_db.
- Create a user for Guacamole within MySQL with access to this database, such as guacamole_user.
- Run the script on the newly-created database.
The process for doing this via the mysql utility included with MySQL is documented in the Guacamole manual.
from https://github.com/glyptodon/guacamole-docker
--------------
--------------
Docker image for guacd - the server-side, native proxy used by the Guacamole web application. http://guac-dev.org/
What is guacd?
guacd is the native server-side proxy used by the Guacamole web application. If you wish to deploy Guacamole, or an application using the Guacamole core APIs, you will need a copy of guacd running.
How to use this image
Running guacd for use by the Guacamole Docker image
docker run --name some-guacd -d glyptodon/guacd
guacd will be listening on port 4822, but this port will only be available to Docker containers that have been explicitly linked to some-guacd.
Running guacd for use services by outside Docker
docker run --name some-guacd -d -p 4822:4822 glyptodon/guacd
guacd will be listening on port 4822, and Docker will expose this port on the same server hosting Docker. Other services, such as an instance of Tomcat running outside of Docker, will be able to connect to guacd.
Beware of the security ramifications of doing this. There is no authentication within guacd, so allowing access from untrusted applications is dangerous. If you need to expose guacd, ensure that you only expose it as absolutely necessary, and that only specific trusted applications have access.
Connecting to guacd from an application
docker run --name some-app --link some-guacd:guacd -d application-that-uses-guacd.
from https://github.com/glyptodon/guacd-docker
