C H A P T E R 2 |
Secure Global Desktop servers are machines running the SGD software. By adding at least one other server you create an array. An array can distribute load between its servers and therefore increase reliability. One server in the array is the primary server, which is responsible for replicating configuration data. Other servers in the array are called secondary servers.
Use the Secure Global Desktop Server Settings tab to set up an SGD server array, or to configure settings for a particular SGD server.
This chapter includes the following topics:
The Secure Global Desktop Servers tab gives you an overview of the current status of each SGD server in the array, including how many user and application sessions each server is hosting.
SGD server information is shown in the Secure Global Desktop Server List table.
If you click the name of a server in the Secure Global Desktop Server List table a series of tabs are displayed. The tabs are used to view and change the configuration for the server.
The number of SGD servers in the array is indicated in brackets at the top of the table.
The Add Server button adds an SGD server to the array. The SGD server is added as a secondary server.
If you select a secondary server in the table, the Make Primary button makes the selected server the primary server in the SGD array.
The Remove Server button removes the selected SGD server from the array. The selected SGD server must be a secondary server.
You update the Secure Global Desktop Server List table by clicking the Reload button.
The Secure Global Desktop Server List table includes the following information for each SGD server in the array:
Status. Server status, for example, whether the server is running.
Accepting Connections. Whether the server is accepting standard connections, secure connections or both types of connection. Secure connections use the Secure Sockets Layer (SSL) to encrypt data. Standard connections do not encrypt data.
User Sessions. The current number of user sessions on this server. The numbers of user sessions using standard and secure connections are shown.
Application Sessions. The current number of application sessions on this server, including those which are currently suspended. The numbers of graphical application sessions and terminal-based application sessions are shown.
From the command line, use the tarantella array commands to add servers to the SGD array, remove servers from the SGD array, make a secondary server the primary server, or view information about the SGD array. See The tarantella array command.
Attributes on the General tab are general settings for a particular SGD server.
From the command line, use the tarantella config list command to list these settings, and the tarantella config edit command to edit these settings.
Changes to these attributes take effect immediately.
Usage: Type the external DNS names of this server in the field. Press the Return key after each name definition.
The external DNS names of this server.
This setting enables you to use different names, depending on the IP address of the client.
Only change this setting if this server is known by different names on the network, for example, inside and outside a firewall.
Each name has the following format:
IP-pattern:DNS name
IP-pattern is a regular expression, or a subnet mask, matching a client IP address. For example, 192.168.10.*, or 192.168.10.0/24.
If this server only has one name, use one line matching all clients. For example, *:www.indigo-insurance.com.
The order of the names is important. The DNS name for the first matching IP pattern is used.
Note - You must restart the SGD server for a change to this setting to take effect. |
Array Manager: General Properties (Server-Specific) ⇒ DNS Name
Command option: --server-dns-external IP-pattern:dns-name
Usage: Replace IP-pattern with a regular expression for the client IP addresses. Replace dns-name with the external DNS name of the server. Use a comma to separate multiple DNS names.
In the following example, a DNS name of boston.indigo-insurance.com is used for clients with an IP address in the 192.168.10.* range. All other clients use a DNS name of www.indigo-insurance.com.
--server-dns-external "192.168.10.*:boston.indigo-insurance.com, \ *:www.indigo-insurance.com"
Usage: Select or deselect the check box.
Whether to allow users to log in to this SGD server.
To “decommission” an SGD server, deselect the check box. No users can log in and no new application sessions can start. Users currently logged in to this server, or with application sessions hosted on this server, are not affected. Users can log in to another SGD server in the array and resume application sessions hosted on this server.
Users are redirected to the web page defined by the Redirection URL attribute. Typically, you set this to another SGD server in the array.
Array Manager: General Properties (Server-Specific) ⇒ Secure Global Desktop Login
Usage: Type a redirection URL in the field.
If the SGD server does not allow users to log in, client devices are redirected to this URL.
If the attribute is not set, client devices are redirected to a page telling users that they cannot log in.
Array Manager: General Properties (Server-Specific) ⇒ Redirection URL
Attributes on the Security tab are security settings for a particular SGD server in the array.
From the command line, use the tarantella config list command to list these settings, and the tarantella config edit command to edit these settings.
Changes to these attributes take effect immediately.
Usage: Select the check box for each connection type you want to make available to users.
The possible connection types available to users.
Secure connections use SSL to encrypt transmissions.
For standard connections, transmissions are not encrypted.
Array Manager: Security Properties (Server-Specific) ⇒ Connection Types
Command option: --security-connectiontypes types
Usage: Specify the connection types to use.
Valid settings are std (standard connections only), ssl (secure connections only), or std,ssl (both standard and secure connections).
The following example specifies standard connections only.
--security-connectiontypes std
Usage: Select or deselect the check box.
Select the check box to enable support for an external SSL accelerator.
Selecting this check box enables the SGD SSL daemon to accept plain text traffic and pass it on to the SGD server as if it was SSL traffic it had decoded.
Array Manager: Security Properties (Server-Specific) ⇒ SSL Accelerator Support
Usage: Type a URL in the field.
The absolute URL to forward all web server traffic not related to SGD.
Use this feature if you plan to run SGD on the same port as your web server, so that you do not have to open any additional ports in your firewall.
Array Manager: Security Properties (Server-Specific) ⇒ Firewall Forwarding URL
Use attributes on the Performance tab to tune the SGD server.
From the command line, use the tarantella config list command to list these settings, and the tarantella config edit command to edit these settings.
Usage: Type a number in the field.
The maximum number of requests the server processes simultaneously.
As a rough guide, set this to the number of central processing units (CPUs) multiplied by 4.
Too high a setting might degrade performance.
Changes to this attribute take effect immediately.
Array Manager: Tuning Properties (Server-Specific) ⇒ Processing Limits ⇒ Maximum Simultaneous Requests
Usage: Type a number in the field.
The maximum number of simultaneous user sessions (connections between SGD Clients and the SGD server).
Once the limit is reached, connections are refused.
Too high a setting might degrade performance.
Changes to this attribute take effect immediately.
Array Manager: Tuning Properties (Server-Specific) ⇒ Processing Limits ⇒ Maximum Simultaneous Webtop Connections
Usage: Type a number in the field.
The maximum number of open file descriptors allowed.
Increasing this value increases the number of simultaneous connections that can be handled.
This value affects all SGD server components.
Too high a setting might degrade performance.
Changes to this attribute take effect when the server restarts.
Array Manager: Tuning Properties (Server-Specific) ⇒ File Descriptors
Usage: Type numbers in the fields.
These attributes control the size and expansion
rate of the memory allocated to the SGD server’s Java Platform, Standard Edition
Runtime Environment (JRE). The following attributes are available:
The amount of memory, in megabytes, to allocate initially for the SGD server’s Java Virtual Machine (JVM). Set this to no greater than the amount of random access memory (RAM) on the host.
A scaling factor (expressed as a percentage), used to increase the amount of JVM memory dynamically when needed.
An absolute maximum size in megabytes, that is never exceeded.
Too high a setting might degrade performance.
Changes to this attribute take effect when the server or JVM restarts.
Array Manager: Tuning Properties (Server-Specific) ⇒ Server JVM Size
Command option: --tuning-jvm-initial MB
Usage: Replace MB with the initial memory allocation for the JVM, in megabytes.
Command option: --tuning-jvm-scale percent
Usage: Replace percentage with a dynamic scaling factor, expressed as a percentage.
Command option: --tuning-jvm-max MB
Usage: Replace MB with the maximum memory allocation for the JVM, in megabytes.
The following examples set the initial JVM size to 58 megabytes. The amount of JVM memory can be scaled up to 150% when needed. The maximum JVM size is set to 512 megabytes.
--tuning-jvm-initial 58 --tuning-jvm-scale 150 --tuning-jvm-max 512
Usage: Type a number in the field.
When to start resource synchronization each day, if enabled for the array.
Use the server’s local time zone.
Express the time in 24-hour clock format. For example, use 16:00 for 4 p.m.
Changes to this attribute take effect immediately.
Array Manager: Tuning Properties (Server-Specific) ⇒ Resource Synchronization
Usage: Type the load balancing groups for this SGD server in the field.
This attribute is a string identifying the load balancing group for an SGD server in an array. This information can be used for application load balancing.
This setting is used to enable optimal bandwidth usage. SGD servers are chosen from the same load balancing groups as application servers, where possible.
Leave this attribute blank unless your array spans a wide area network (WAN), or includes slow links, and you are using load balancing.
More than one string is allowed, but this slows application launch.
If used, set this attribute on all SGD servers in the array, and all application server objects in the organizational hierarchy.
Array Manager: General Properties (Server-Specific) ⇒ Location
The Protocol Engines tab contains several tabs where you can change settings for the Protocol Engines running on the SGD server.
A Protocol Engine is an SGD software component that runs on an SGD server. Protocol Engines emulate native protocols, such as X11 and RDP, and communicate with application servers. Protocol Engines also send display data to the client device using Adaptive Internet Protocol (AIP).
Use the attributes on the Character Protocol Engine tab to tune terminal emulator processes.
From the command line, use the tarantella config list command to list these settings, and the tarantella config edit command to edit these settings.
Changes to these attributes take effect for new Protocol Engines only. Existing Protocol Engines are not affected.
Usage: Type a number in the field.
The maximum number of application sessions each Character Protocol Engine handles.
More Character Protocol Engines are started to meet demand.
Array Manager: Character Protocol Engine Properties (Server-Specific) ⇒ Process Tuning ⇒ Maximum Sessions per Engine
Usage: Type a number in the field.
The length of time, in seconds, a Character Protocol Engine process continues to run without any active connections.
Array Manager: Character Protocol Engine Properties (Server-Specific) ⇒ Process Tuning ⇒ Exit After
Usage: Type command-line arguments in the field.
Any arguments to the Protocol Engine. For example, the name of a log file.
Only change this setting if Technical Support ask you to.
Array Manager: Character Protocol Engine Properties (Server-Specific) ⇒ Command-Line Arguments
Use attributes on the X Protocol Engine tab to tune graphical emulator processes.
From the command line, use the tarantella config list command to list these settings, and the tarantella config edit command to edit these settings.
Changes to these attributes take effect for new Protocol Engines only. Existing Protocol Engines are not affected.
Usage: Type a number in the field.
The default monitor resolution (in dots per inch) to assume.
You can override this value using an application’s Monitor Resolution attribute.
Array Manager: X Protocol Engine Properties (Server-Specific) ⇒ Monitor Resolution
Usage: Type path names for the fonts directories in the field.
Directories on the SGD host containing the fonts used by the X Protocol Engine.
Font paths are listed in search order.
Use %%INSTALLDIR%% to represent the SGD installation directory.
You can include font servers, for example, tcp/boston:7000.
Array Manager: X Protocol Engine Properties (Server-Specific) ⇒ Font Path
Command option: --xpe-fontpath fontpath
Usage: Replace fontpath with a list of font directories. Separate each directory in the font path with a comma “,”.
The following example specifies a list of font directories used by the X Protocol Engine.
--xpe-fontpath %%INSTALLDIR%%/etc/fonts/misc,\ %%INSTALLDIR%%/etc/fonts/TTF,%%INSTALLDIR%%/etc/fonts/Type1
Usage: Type the path name of the RGB database file in the field.
Full path name on the SGD host of the RGB database used by the X Protocol Engine to resolve color names to RGB values.
Use %%INSTALLDIR%% to represent the SGD installation directory.
Array Manager: X Protocol Engine Properties (Server-Specific) ⇒ RGB Database
Usage: Select the required keyboard map option. For custom keyboard maps, type a file name in the field.
The default keyboard map to use for graphical applications.
To specify a keyboard map based on a locale, do one of the following:
The actual keyboard map used is determined using the install‐dir/etc/data/keymaps/xlocales.txt file.
Note - You can use the * and ? wildcards in the xlocales.txt file to support a wide range of input locales. See the xlocales.txt file for details. |
Alternatively, you can type a filename to always use a particular keyboard map.
You can override this for each user with the user profile object’s Keyboard Map attribute.
Array Manager: X Protocol Engine Properties (Server-Specific) ⇒ Keyboard Map
Command option: --xpe-keymap lang | client-locale | file
Usage: Specify a valid setting. For custom keyboard maps, replace file with the full path name of the keyboard map file.
In the following example, a keyboard map based on the locale of the client device is used.
--xpe-keymap client-locale
Usage: Type numbers for horizontal and vertical display sizes, in pixels, in the fields.
The maximum expected horizontal and vertical display resolution for client devices connecting to this server.
Use these attributes to tune the Client Window Management value of the Window Type attribute.
These attributes only apply for applications with Window Type set to Client Window Management. Use them to avoid clipping problems.
Array Manager: X Protocol Engine Properties (Server-Specific) ⇒ Client Window Management
Command option: --xpe-cwm-maxwidth pixels
Command option: --xpe-cwm-maxheight pixels
Usage: Replace pixels with a value for maximum display width or maximum display height.
The following example specifies a maximum display size of 1280 x 960 pixels.
--xpe-cwm-maxwidth 1280 --xpe-cwm-maxheight 960
Usage: Type a number in the field.
How long the X Protocol Engine waits for X applications to connect, in seconds.
Array Manager: X Protocol Engine Properties (Server-Specific) ⇒ Session Start Timeout
Usage: Type a number in the field.
The maximum number of application sessions each X Protocol Engine handles.
More X Protocol Engines are started to meet demand.
Array Manager: X Protocol Engine Properties (Server-Specific) ⇒ Process Tuning ⇒ Maximum Sessions per Engine
Usage: Type a number in the field.
The length of time, in seconds, an X Protocol Engine process continues to run without any active connections.
Array Manager: X Protocol Engine Properties (Server-Specific) ⇒ Process Tuning ⇒ Exit After
Usage: Type command-line arguments in the field.
Any arguments to the Protocol Engine. For example, the name of a log file.
Only change this setting if Technical Support ask you to.
Array Manager: X Protocol Engine Properties (Server-Specific) ⇒ Command-Line Arguments
Use the attributes on the Execution Protocol Engine tab to tune application startup processes.
From the command line, use the tarantella config list command to list these settings, and the tarantella config edit command to edit these settings.
Changes to these attributes take effect for new Protocol Engines only. Existing Protocol Engines are not affected.
Usage: Type a number in the field.
The maximum number of application sessions each Execution Protocol Engine handles.
More Execution Protocol Engines are started to meet demand.
Array Manager: Execution Protocol Engine Properties (Server-Specific) ⇒ Process Tuning ⇒ Maximum Sessions per Engine
Usage: Type a number in the field.
The length of time, in seconds, an Execution Protocol Engine process continues to run without any active connections.
Array Manager: Execution Protocol Engine Properties (Server-Specific) ⇒ Process Tuning ⇒ Exit After
Usage: Type a directory path name in the field.
The directory on the SGD host where login scripts are stored.
Use %%INSTALLDIR%% to represent the SGD installation directory.
If an application object’s Login Script attribute uses a relative path name, for example unix.exp, this directory is assumed.
Only change this setting if Technical Support ask you to.
Array Manager: Execution Protocol Engine Properties (Server-Specific) ⇒ Login Script Directory
Command option: --execpe-scriptdir dir
Usage: Replace dir with the path name for the login script directory.
In the following example, the login script directory for a default SGD installation is /opt/tarantella/var/serverresources/expect.
--execpe-scriptdir %%INSTALLDIR%%/var/serverresources/expect
Usage: Type command-line arguments in the field.
Any arguments to the Protocol Engine. For example, the name of a log file.
Only change this setting if Technical Support ask you to.
Array Manager: Execution Protocol Engine Properties (Server-Specific) ⇒ Command-Line Arguments
Use the attributes on the Channel Protocol Engine tab to tune SGD channel processes. The SGD channel is used to detect information about the client. For example, to detect client drives or audio devices.
From the command line, use the tarantella config list command to list these settings, and the tarantella config edit command to edit these settings.
Changes to these attributes take effect for new Protocol Engines only. Existing Protocol Engines are not affected.
Usage: Choose a compression setting option.
Whether a Channel Protocol Engine uses data compression on a client connection.
Select On Slow Connection to enable the Channel Protocol Engine to compress data if the connection is slow.
Array Manager: Channel Protocol Engine Properties (Server-Specific) ⇒ Compression
Usage: Type a compression threshold value, measured in bytes, in the field.
The smallest size of network packet that a Channel Protocol Engine can compress.
Array Manager: Channel Protocol Engine Properties (Server-Specific) ⇒ Threshold
Use the attributes on the Print Protocol Engine tab to tune SGD printing processes.
From the command line, use the tarantella config list command to list these settings, and the tarantella config edit command to edit these settings.
Changes to these attributes take effect for new Protocol Engines only. Existing Protocol Engines are not affected.
Usage: Choose a compression setting option.
Whether a Print Protocol Engine uses data compression on a client connection.
Select On Slow Connection to enable the Print Protocol Engine to compress data if the connection is slow.
Array Manager: Print Protocol Engine Properties (Server-Specific) ⇒ Compression
Usage: Type a compression threshold value, measured in bytes, in the field.
The smallest size of file that a Print Protocol Engine can compress.
Array Manager: Print Protocol Engine Properties (Server-Specific) ⇒ Threshold
Use the attributes on the Audio Protocol Engine tab to tune SGD audio processes.
From the command line, use the tarantella config list command to list these settings, and the tarantella config edit command to edit these settings.
Changes to these attributes take effect for new Protocol Engines only. Existing Protocol Engines are not affected.
Usage: Choose a compression setting option.
Whether an Audio Protocol Engine uses data compression on a client connection.
By default, compression is off. This is to avoid unnecessarily compressing audio data that might already be compressed.
Select On Slow Connection to enable the Audio Protocol Engine to compress data if the connection is slow.
Array Manager: Audio Protocol Engine Properties (Server-Specific) ⇒ Compression
Use the attributes on the Smart Card Protocol Engine tab to tune SGD smart card processes.
From the command line, use the tarantella config list command to list these settings, and the tarantella config edit command to edit these settings.
Changes to these attributes take effect for new Protocol Engines only. Existing Protocol Engines are not affected.
Usage: Choose a compression setting option.
Whether a Smart Card Protocol Engine uses data compression on a client connection.
Select On Slow Connection to enable the Smart Card Protocol Engine to compress data if the connection is slow.
Array Manager: Smart Card Protocol Engine Properties (Server-Specific) ⇒ Compression
The User Sessions tab enables you to view and manage user sessions for the SGD server. A user session represents a user that is connected to an SGD server.
User session information is shown in the User Session List table.
The User Session List table shows details of user sessions for the SGD server.
The number of user sessions is indicated in brackets at the top of the table.
The User Session List table includes the following information for each user session:
User Profile. A profile that defines configuration settings and the applications available to the user.
Secure Global Desktop Server. The name of the SGD server hosting the user session.
Use the Search options to search the User Session List table. When searching for a User Identity or User Profile, you can use the “*” wildcard in your search string. Typing a search string of name is equivalent to searching for “*name*” and returns any match of the search string.
To search for a Login Time, use a search string format of yyyy/mm/dd hh:mm:ss.
The number of results returned by a search is limited to 150, by default.
To show more details about a user session, select the check box for the user session in the User Session List table and click the View Details button.
To end a user session, select the check box for the user session in the User Session List table and click the End button.
To end all user sessions, click the Select Items Currently Displayed icon to select all user sessions and click the End button.
You can update the User Session List table by clicking the Reload button.
From the command line, use the tarantella webtopsession command to list user session details, and end user sessions. See The tarantella webtopsession command.
The Application Sessions tab enables you to view and manage application sessions for the SGD server.
Application session information is shown in the Application Session List table.
The Application Session List table shows details of application sessions for the SGD server.
The number of application sessions is indicated in brackets at the top of the table.
The Application Session List table includes the following information for each application session:
User Profile. A profile that defines configuration settings and the applications available to the user.
Secure Global Desktop Server. The name of the SGD server hosting the application session.
Application Server. The name of the application server hosting the application.
Status. Current state of the application, for example, whether the application is running or suspended.
You can use the Search options to search the Application Session List table. When searching for a User Identity, User Profile, Application Server, or Application, you can use the “*” wildcard in your search string. Typing a search string of name is equivalent to searching for “*name*” and returns any match of the search string.
To search for a Start Time, use a search string format of yyyy/mm/dd hh:mm:ss.
The number of results returned by a search is limited to 150, by default.
To show more details about an application session, select the check box for the application session in the Application Session List table and click the View Details button.
To end an application session, select the check box for the application session in the Application Session List table and click the End button.
To end all application sessions, click the Select Items Currently Displayed icon to select all application sessions and click the End button.
You can update the Application Session List table by clicking the Reload button.
Shadowing an application session enables you and the user to interact with the application simultaneously. To shadow an application session, select the check box for the application session in the Application Session List table and click the Shadow button.
Note - In some countries, it is illegal to shadow a user without their knowledge. It is your responsibility to comply with the law. |
Shadowing is not supported for character applications or suspended applications. A warning message is shown if you attempt to shadow either of these applications.
From the command line, use the tarantella emulatorsession command to list application session details, shadow application sessions, and end application sessions. See The tarantella emulatorsession command.
Copyright © 2007, Sun Microsystems, Inc. All rights reserved.