Mandalika's scratchpad [ Work blog @Oracle | My Music Compositions ]

Old Posts: 09.04  10.04  11.04  12.04  01.05  02.05  03.05  04.05  05.05  06.05  07.05  08.05  09.05  10.05  11.05  12.05  01.06  02.06  03.06  04.06  05.06  06.06  07.06  08.06  09.06  10.06  11.06  12.06  01.07  02.07  03.07  04.07  05.07  06.07  08.07  09.07  10.07  11.07  12.07  01.08  02.08  03.08  04.08  05.08  06.08  07.08  08.08  09.08  10.08  11.08  12.08  01.09  02.09  03.09  04.09  05.09  06.09  07.09  08.09  09.09  10.09  11.09  12.09  01.10  02.10  03.10  04.10  05.10  06.10  07.10  08.10  09.10  10.10  11.10  12.10  01.11  02.11  03.11  04.11  05.11  07.11  08.11  09.11  10.11  11.11  12.11  01.12  02.12  03.12  04.12  05.12  06.12  07.12  08.12  09.12  10.12  11.12  12.12  01.13  02.13  03.13  04.13  05.13  06.13  07.13  08.13  09.13  10.13  11.13  12.13  01.14  02.14  03.14  04.14  05.14  06.14  07.14  09.14  10.14  11.14  12.14  01.15  02.15  03.15  04.15  06.15  09.15  12.15  01.16  03.16  04.16  05.16  06.16  07.16  08.16  09.16  12.16  01.17  02.17  03.17  04.17  06.17  07.17  08.17  09.17  10.17  12.17  01.18  02.18  03.18  04.18  05.18  06.18  07.18  08.18  09.18  11.18  12.18  01.19  02.19  05.19  06.19  08.19  10.19  11.19  05.20  10.20  11.20  12.20  09.21  11.21  12.22 


Thursday, September 20, 2007
 
Sun Secure Global Desktop (Tarantella)

How do you like launching some of the applications running on a system, securely using a web browser?

Consider this simple scenario.

You have a system that is exposed to the internet. You are trying to get your partner engineer access your system {say using telnet or ssh}; but the partner engineer is not able to access it due to their corporate firewall.

One option for the partner engineer is to bypass their company's firewall somehow, then connect to the system that is accessible from the internet.

Another option is to install Sun Secure Global Desktop (aka Tarantella) on the system that was exposed to the internet; and letting the partner engineer access it using a standard web browser.

Here's a screen shot:


There are plenty of other options, but this blog entry focuses on Sun Secure Global Desktop option.

How to install Sun Secure Global Desktop?
  1. Download a fully functional 30-day trial latest copy of Sun Secure Global Desktop software from http://www.sun.com/software/products/sgd/get.jsp. 4.31 is the latest version of SGD as of this writing.

  2. Add two user accounts: ttaserv, ttasys
    # mkdir /export/home/ttaserv
    # groupadd -g 102 ttaserv
    # useradd -g 102 -d /export/home/ttaserv -s /bin/bash ttaserv
    # useradd -g 102 -d /export/home/ttaserv -s /bin/bash ttasys

  3. Install the Sun Secure Global Desktop software package
    # pkgadd -d ./tta-4.31-905.sol-sparc.pkg

    The following packages are available:
      1  tta     Sun Secure Global Desktop Software for SPARC Solaris 2.8+
                 (SPARC) 4.31.905

    Select package(s) you wish to process (or 'all' to process
    all packages). (default: all) [?,??,q]: all

    Processing package instance <tta> from </export/home/oracle/tta-4.31-905.sol-sparc.pkg>

    Sun Secure Global Desktop Software for SPARC Solaris 2.8+(SPARC) 4.31.905
    Sun Microsystems, Inc. 
     
    --------------------------------------------------------------------------
    Setting up Sun Secure Global Desktop Software
    --------------------------------------------------------------------------
    Secure Global Desktop Setup recommends you use the following settings:
     
    Installation type = install 4.31.905
    Installation directory = /opt/ttaserv
     
    Are these settings OK?
      Y - Yes, install using these settings
      N - No, tell me more about the options and let me change the settings
      Q - Quit now

    OK to use these settings? [Y] N
     
    --------------------------------------------------------------------------
    Secure Global Desktop installation directory
    --------------------------------------------------------------------------
    Secure Global Desktop uses a single directory for all its code and other
    static and dynamic components. Which directory would you like to use?

    Installation directory [/opt/ttaserv] /export/home/ttaserv/
     
    --------------------------------------------------------------------------
    Setting up Sun Secure Global Desktop Software
    --------------------------------------------------------------------------
     
    Installation type = install 4.31.905
    Installation directory = /export/home/ttaserv/
     
    Are these settings OK?
      Y - Yes, install using these settings
      N - No, tell me more about the options and let me change the settings
      Q - Quit now

    OK to use these settings? [Y] Y

    ...
    ...
    ...

    ## Executing postinstall script.

    To complete the installation, please run /export/home/ttaserv/bin/tarantella start

    Installation of <tta> was successful.

  4. Configure the timeout values.

    Modify the timeout values in /export/home/ttaserv/var/serverresources/expect/vars.exp.
    # grep -i timeout vars.exp
    # Timeouts
    set timeouts(prelogin)            180
    set timeouts(loggedin)            180
    set timeouts(hostprobe)           180
    set timeout 3600

  5. Start the Sun Secure Desktop Desktop server
    # /export/home/ttaserv/bin/tarantella start
     
    --------------------------------------------------------------------------
    Secure Global Desktop Software License Agreement
    --------------------------------------------------------------------------
    To use Secure Global Desktop you must agree to be bound by
    the terms of the Software License Agreement.

      Y - I have read, and accept the terms of the license agreement
      N - I do not accept the terms of the license agreement
      R - Let me read the license agreement

    Accept terms of Software License Agreement? [R] Y
     
    --------------------------------------------------------------------------
    Setting up Sun Secure Global Desktop Software
    --------------------------------------------------------------------------
    Secure Global Desktop Setup recommends you use the following settings:
     
    Installation type = install 4.31.905
    Peer DNS name = v490-a4
    HTTP port = 80 [not currently in use]
    Archive logs every week? = yes (Sunday 03:00 hours)
     
    Are these settings OK?
      Y - Yes, install using these settings
      N - No, tell me more about the options and let me change the settings
      Q - Quit now

    OK to use these settings? [Y] N
     
    --------------------------------------------------------------------------
    Peer (internal) DNS name
    --------------------------------------------------------------------------
    Each computer on the network may have a number of DNS names.  In
    Secure Global Desktop, the peer DNS name is the name by which this host
    is known to others within your firewall, if you have one. If you're
    using an array of multiple Secure Global Desktop servers, this is the
    name used by other servers in the array to identify this server.

    Peer DNS name [v490-a4] dummy.sun.com

    --------------------------------------------------------------------------
    HTTP port
    --------------------------------------------------------------------------
    Secure Global Desktop includes a web server. You need to choose the TCP port
    on which the web server listens for HTTP (unencrypted) connections.
    The default port for HTTP is 80/tcp.

    You must choose an unused TCP port for installation to complete.

    HTTP port [80] 8000

    --------------------------------------------------------------------------
    Archive logs every week
    --------------------------------------------------------------------------

    Would you like the Secure Global Desktop server to archive its log files
    every week?

    Archive logs every week? [yes] yes

    On what day should the archive occur?
    Type a number between 0 (Sunday) and 6 (Saturday).

    Archive day [0] 

    At what time should the archive occur?
    Type a number between 0 (midnight) and 23 (11pm).

    Archive time [03]  
     
    --------------------------------------------------------------------------
    Setting up Sun Secure Global Desktop Software
    --------------------------------------------------------------------------
     
    Installation type = install 4.31.905
    Peer DNS name = dummy.sun.com
    HTTP port = 8000 [not currently in use]
    Archive logs every week? = yes (Sunday 03:00 hours)
     
    Are these settings OK?
      Y - Yes, install using these settings
      N - No, tell me more about the options and let me change the settings
      Q - Quit now

    OK to use these settings? [Y] Y
    --------------------------------------------------------------------------
    Configuring your installation...
    Running templates Setup script...OK
    Running files_rename Setup script...OK
    Running dbcreate Setup script...OK
    Running extended_templates Setup script...OK
    Running config Setup script...OK
    Running printing Setup script...OK
    Running sysadmin Setup script...OK
    Running loadprobe_config Setup script...OK
    Configuring and starting Secure Global Desktop web server...OK
    Running wcp/configchanges Setup script...OK
    Running tsp/resources Setup script...OK
    Running 3270/resources Setup script...OK
    Running 3270/configchanges Setup script...OK
    Running 3270/purge Setup script...OK
    Running 5250/resources Setup script...OK
    Running 5250/configchanges Setup script...OK
    --------------------------------------------------------------------------
    What's next?
    --------------------------------------------------------------------------
    Secure Global Desktop is now installed and ready to use.

    To get started:

     - In a web browser, go to:
       http://dummy.sun.com:8000/
     - When prompted, log in with username "Administrator" and root's password.
     - On your webtop, click Administration Guide to learn more about the product
       (we strongly recommend you read the "Getting started" section).
       Or click Object Manager to start creating user webtops.

    To add license keys, click Array Manager on your webtop or type:
    /export/home/ttaserv/bin/tarantella license add <key>...
    --------------------------------------------------------------------------
    Successfully installed Sun Secure Global Desktop Software
    --------------------------------------------------------------------------

Once the SGD server is up, supply the URL http://dummy.sun.com:8000 and the login credentials to the partner engineer so (s)he can access the system using a standard web browser.

Q: How to check the status of Sun Secure Global Desktop server?

eg., At the startup: 
# /export/home/ttaserv/bin/tarantella status

Array members (1):
 - dummy.sun.com (primary): Accepting standard connections.
 - Webtop sessions (0):
 - Emulator sessions (0):

After some clients connect to the server:
# /export/home/ttaserv/bin/tarantella status

Array members (1):
 - dummy.sun.com (primary): Accepting standard connections.
 - Webtop sessions (1):
    - Standard connections: 1
 - Emulator sessions (1):
    - X Protocol Engine: 1

Q: How to stop, start the SDG server?
eg., Stop the SDG server
# /export/home/ttaserv/bin/tarantella stop
 WARNING: Users are connected to this Secure Global Desktop server.
Stopping the server will shut down any emulator sessions for these users.
This may result in loss of data.

Are you sure you want to continue? [no] y
Secure Global Desktop services have been stopped.

Start the SDG server
# /export/home/ttaserv/bin/tarantella start
Starting Secure Global Desktop server (version 4.31.905). Please wait...
Secure Global Desktop services are now available on this host.

Q: How to stop, start the web server?

eg., Stop the web server:
# /export/home/ttaserv/bin/tarantella webserver stop
Stopping Tomcat servlet container...
Using CLASSPATH:     /export/home/ttaserv/webserver/tomcat/5.0.28_axis1.2/bin/bootstrap.jar:/export/home/ttaserv/bin/jdk.spso...
Using CATALINA_BASE: /export/home/ttaserv/webserver/tomcat/5.0.28_axis1.2
Using CATALINA_HOME: /export/home/ttaserv/webserver/tomcat/5.0.28_axis1.2
Using JAVA_HOME:     /export/home/ttaserv/bin/jdk.spso_1.6.0
...OK
Stopping Apache web server...
/export/home/ttaserv/webserver/apache/1.3.36_mod_ssl-2.8.27_openssl-0.9.8d_jk1.2.15/bin/apachectl stop: httpd stopped
...OK

# /export/home/ttaserv/bin/tarantella status

Array members (1):
 - dummy.sun.com (primary): NOT ACCEPTING CONNECTIONS.

Start the web server:
# /export/home/ttaserv/bin/tarantella webserver start
Starting Tomcat servlet container...
Using CLASSPATH:     /export/home/ttaserv/webserver/tomcat/5.0.28_axis1.2/bin/bootstrap.jar:/export/home/ttaserv/bin/jdk.spso ...
Using CATALINA_BASE: /export/home/ttaserv/webserver/tomcat/5.0.28_axis1.2
Using CATALINA_HOME: /export/home/ttaserv/webserver/tomcat/5.0.28_axis1.2
Using JAVA_HOME:     /export/home/ttaserv/bin/jdk.spso_1.6.0
...OK
Starting Apache web server...
/export/home/ttaserv/webserver/apache/1.3.36_mod_ssl-2.8.27_openssl-0.9.8d_jk1.2.15/bin/apachectl start: httpd started
...OK

Q: Is there a demo version on-line?

Yes, there is. If you want to feel the experience before you install SDG software on your system(s), access the following URL using a standard web browser, and then click on 'Login' link.

https://sgddemo.sun.com/

You can login anonymously just by clicking on 'Login' button without user name and password.

(Last Updated: October 11, 2007 @ 01:40 PM. Thanks to 'Fat' for the correction.)

__________________
Technorati tags:
|

Posted by: Giri Mandalika.    # 11:54 PM

Comments:
Nice overview of the install process.
FYI the correct spelling was/is Tarantella :-)
# posted by Blogger Fat Bloke : 1:31 AM, October 11, 2007
 
Looking for an expert in Tarentella (Sun Secure Global Desktop) to architect a system (could be a few weeks engagement in Montreal) do you know any

Please let me know where to contact you outside the blog
# posted by Anonymous Anonymous : 9:13 PM, January 08, 2008
 
Post a Comment



<< Home

2004-2019 

This page is powered by Blogger. Isn't yours?