碼上快樂

相關內容    簡體    繁體

CentOS7.2 部署VNC服務記錄

本文轉載自   查看原文   2016-08-30 11:56   13218    虛擬化/ 常規運維

 

不做過多介紹了,下面直接記錄下CentOS7系統下安裝配置vncserver的操作記錄(測試機ip是192.168.1.8)

0)更改為啟動桌面或命令行模式

獲取當前系統啟動模式
[root@localhost ~]# systemctl get-default 
multi-user.target

查看配置文件
[root@localhost ~]# cat /etc/inittab
# inittab is no longer used when using systemd.
#
# ADDING CONFIGURATION HERE WILL HAVE NO EFFECT ON YOUR SYSTEM.
#
# Ctrl-Alt-Delete is handled by /usr/lib/systemd/system/ctrl-alt-del.target
#
# systemd uses 'targets' instead of runlevels. By default, there are two main targets:
#
# multi-user.target: analogous to runlevel 3          #命令行模式
# graphical.target: analogous to runlevel 5           #圖形界面模式
#
# To view current default target, run:
# systemctl get-default
#
# To set a default target, run:
# systemctl set-default TARGET.target
#

[root@localhost ~]# systemctl set-default graphical.target           #由命令行模式更改為圖形界面模式
[root@localhost ~]# systemctl set-default multi-user.target          #由圖形界面模式更改為命令行模式

[root@localhost ~]# systemctl get-default 
graphical.target

1)關閉防火牆
centos的防火牆是firewalld,關閉防火牆的命令
[root@localhost ~]# systemctl stop firewalld.service 
[root@localhost ~]# systemctl disable firewalld.service 

[root@localhost ~]# setenforce 0
[root@localhost ~]# getenforce
[root@localhost ~]# cat /etc/sysconfig/selinux
SELINUX=disabled
SELINUXTYPE=targeted

2)安裝軟件:
[root@localhost ~]# yum update
[root@localhost ~]# yum groupinstall "GNOME Desktop" "X Window System" "Desktop"
[root@localhost ~]# yum install tigervnc-server tigervnc vnc vnc-server

3)配置vnc連接
[root@localhost ~]# cp /lib/systemd/system/vncserver@.service /etc/systemd/system/vncserver@:1.service

修改/etc/systemd/system/vncserver@:1.service
找到這一行
ExecStart=/sbin/runuser -l <USER> -c "/usr/bin/vncserver %i"
PIDFile=/home/<USER>/.vnc/%H%i.pid

這里直接用root 用戶登錄,所以我替換成
ExecStart=/sbin/runuser -l root -c "/usr/bin/vncserver %i"
PIDFile=/root/.vnc/%H%i.pid

如果是其他用戶的話比如john替換如下
ExecStart=/sbin/runuser -l john -c "/usr/bin/vncserver %i"
PIDFile=/home/john/.vnc/%H%i.pid

由於直接root用戶登錄,所以配置如下:
[root@localhost ~]# cat /etc/systemd/system/vncserver@:1.service
.........
[Unit]
Description=Remote desktop service (VNC)
After=syslog.target network.target

[Service]
Type=forking
# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/usr/sbin/runuser -l root -c "/usr/bin/vncserver %i"
PIDFile=/root/.vnc/%H%i.pid
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'

[Install]
WantedBy=multi-user.target

為VNC設密碼(比如密碼設置為123456)
[root@localhost ~]# vncpasswd
Password:
Verify:
Would you like to enter a view-only password (y/n)? n             #注意表示"是否輸入一個只能查看的密碼,選擇否",否則連接vnc會出現黑屏
A view-only password is not used

[root@localhost ~]# vim /etc/libvirt/qemu.conf
vnc_password = "123456"
vnc_listen = "0.0.0.0"

重加載 systemd
[root@localhost ~]# systemctl daemon-reload

啟動vnc
[root@localhost ~]# systemctl enable vncserver@:1.service
[root@localhost ~]# systemctl start vncserver@:1.service

確認VNC服務端口(用於遠程vnc連接使用,這里查看vnc端口是5901)
[root@localhost ~]# ps -ef|grep Xvnc
root 141698 1 0 13:09 ? 00:00:14 /usr/bin/Xvnc :11 -auth /root/.Xauthority -desktop kvm-server:11 (root) -fp catalogue:/etc/X11/fontpath.d -geometry 1024x768 -pn -rfbauth /root/.vnc/passwd -rfbport 5901 -rfbwait 30000

注意,這里測試機器關閉了防火牆
如果防火牆開了,需要開通一下規則:
[root@localhost ~]# firewall-cmd --permanent --add-service vnc-server
[root@localhost ~]# systemctl restart firewalld.service
如果是iptable,則需要在/etc/sysconfig/iptables里添加:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 5900:5903 -j ACCEPT

關閉vnc連接
[root@localhost ~]# /usr/bin/vncserver -kill :1

測試vnc連接(這種方式可用於在瀏覽器里通過http方式遠程連接VNC,代替VNC客戶端連接。注意這里vnc端口是5901)
[root@localhost ~]# novnc_server --vnc 192.168.1.8:5901 --listen 6081      #注意:"yum install -y novnc"安裝novnc后才會有novnc_server命令工具
Warning: could not find self.pem
Starting webserver and WebSockets proxy on port 6081
WebSocket server settings:
- Listen on :6081
- Flash security policy server
- Web server. Web root: /usr/share/novnc
- No SSL/TLS support (no cert file)
- proxying from :6081 to 192.168.1.8:5901

Navigate to this URL:

http://kvm-server:6081/vnc.html?host=kvm-server&port=6081            #注意:這個是http方式連接vnc的地址

Press Ctrl-C to exit                                  # 注意:如在瀏覽器里以http方式連接vnc,則這里不能按"Ctrl + C"結束,瀏覽器連接的日志信息會在這行下面輸出

由於kvm-server的主機名對應ip是112.112.113.56,所以在瀏覽器里輸入:
http://112.112.113.56:6081/vnc.html?host=112.112.113.56&port=6081 ,然后輸入密碼,就可以在瀏覽器里以http方式連接VNC服務了

也可以在本地windows機器上安裝vnc viewer,遠程訪問
在windows下安裝vnc客戶端,
下載地址:https://pan.baidu.com/s/1hrSIr4K
提取密碼:dqdt
   
VNC遠程連接信息(下面ip是VNC服務端的地址):
VNC Server: 112.112.113.56:5901
Encrytion:Let VNC Server choose
   
然后輸入vncpasswd的密碼即可完成VNC遠程連接!

                                                                                                                                             

問題:Could not make bus activated clients aware of XDG_CURRENT_DESKTOP=GNOME environment variable:
Could not connect: Connection refused

[root@kevin ~]# cat /root/.vnc/kevin:1.log
...........
...........
(imsettings-check:31898): GLib-GIO-CRITICAL **: 21:56:03.842: g_dbus_proxy_call_sync_internal: assertion 'G_IS_DBUS_PROXY (proxy)' failed
GLib-GIO-Message: 21:56:03.854: Using the 'memory' GSettings backend.  Your settings will not be saved or shared with other applications.

** (process:31798): WARNING **: 21:56:03.861: Could not make bus activated clients aware of XDG_CURRENT_DESKTOP=GNOME environment variable: 
Could not connect: Connection refused

原因:dbus-daemon存在沖突。
因為root系統環境中裝有anaconda,它的bin目錄中的dbus-daemon會與系統自帶的dbus-daemon沖突。

[root@kevin ~]# find / -name "dbus-daemon"
/usr/bin/dbus-daemon
/data/anaconda3/bin/dbus-daemon
/data/anaconda3/pkgs/dbus-1.13.6-h746ee38_0/bin/dbus-daemon

[root@kevin ~]# which dbus-daemon
/data/anaconda3/bin/dbus-daemon

解決辦法:使用非root用戶啟動vncserver
[root@kevin ~]# useradd vncuser
[root@kevin ~]# echo "vncuser@123"|passwd --stdin vncuser
[root@kevin ~]# vim /etc/sudoers
vncuser ALL=(ALL)       NOPASSWD: ALL

修改vncserver使用vncuser這個非root用戶啟動
[root@kevin ~]# cat /etc/systemd/system/vncserver@:1.service
..........
..........
ExecStart=/usr/sbin/runuser -l vncuser -c "/usr/bin/vncserver %i"
PIDFile=/root/.vnc/%H%i.pid

接着切入到非root用戶vncuser下啟動vncserver
[root@kevin ~]# su - vncuser
Last login: Tue Jul  2 22:05:38 CST 2019 on pts/2

設置vnc登錄密碼
[vncuser@kevin ~]$ vncpasswd 

啟動vnc
[vncuser@kevin ~]$ vncserver 

查看vnc日志
[vncuser@kevin ~]$ cd .vnc/
[vncuser@kevin .vnc]$ ll
total 20
-rw-r--r-- 1 vncuser vncuser  332 Jul  2 22:06 config
-rw-rw-r-- 1 vncuser vncuser 1046 Jul  2 22:10 kevin:1.log
-rw-rw-r-- 1 vncuser vncuser    5 Jul  2 22:06 kevin:1.pid
-rw------- 1 vncuser vncuser    8 Jul  2 22:06 passwd
-rwxr-xr-x 1 vncuser vncuser  112 Jul  2 22:06 xstartup

[vncuser@kevin .vnc]$ cat kevin\:1.log 

Xvnc TigerVNC 1.8.0 - built Nov  2 2018 19:05:14
Copyright (C) 1999-2017 TigerVNC Team and many others (see README.txt)
See http://www.tigervnc.org for information on TigerVNC.
Underlying X server release 12001000, The X.Org Foundation


Tue Jul  2 22:06:26 2019
 vncext:      VNC extension running!
 vncext:      Listening for VNC connections on all interface(s), port 5901
 vncext:      created VNC server for screen 0
touch: cannot touch ‘/home/vncuser/.cache/imsettings/log’: No such file or directory

Tue Jul  2 22:06:30 2019
 ComparingUpdateTracker: 0 pixels in / 0 pixels out
 ComparingUpdateTracker: (1:-nan ratio)

Tue Jul  2 22:10:22 2019
 Connections: accepted: 192.168.1.200::56162

Tue Jul  2 22:10:23 2019
 Connections: closed: 192.168.1.200::56162 (reading version failed: not an RFB
              client?)
 EncodeManager: Framebuffer updates: 0
 EncodeManager:   Total: 0 rects, 0 pixels
 EncodeManager:          0 B (1:-nan ratio)
 ComparingUpdateTracker: 0 pixels in / 0 pixels out
 ComparingUpdateTracker: (1:-nan ratio)

 

                                                                                                                                             

啟動vncserver出現報錯:
Error: Too many open files
Error getting authority: Error initializing authority: GDBus.Error:org.freedesktop.DBus.Error.LimitsExceeded: The maximum number of active connections for UID 0 has been reached (g-dbus-error-quark, 8)

vncserver服務器異常斷電關機,在服務器重啟后,嘗試啟動vncserver服務,出現報錯!!
[root@kvm02 ~]# systemctl start vncserver@:1.service 
Error: Too many open files
Error getting authority: Error initializing authority: GDBus.Error:org.freedesktop.DBus.Error.LimitsExceeded: The maximum number of active connections for UID 0 has been reached (g-dbus-error-quark, 8)

1)檢查確認服務器的系統最大文件打開數的設置
查看ulimit設置,設置的是當前shell的當前用戶的打開的最大限制
[root@kvm02 ~]# ulimit -n
65535
[root@kvm02 ~]# cat /etc/security/limits.conf 
........
# End of file
 * soft nofile 65535
 * hard nofile 65535
 * soft nproc 102400
 * hard nproc 102400
 * soft core 4194304
 * hard core 4194304

查看系統級別的能夠打開的文件句柄的數量,Centos7默認是794168
[root@kvm02 ~]# cat /proc/sys/fs/file-max
2000000

查看系統級打開最大文件句柄的數量
[root@kvm02 ~]# cat /etc/sysctl.conf |grep fs.file-max
fs.file-max = 2000000  #os can config

[root@kvm02 ~]# sysctl -p

2) 查看當前系統打開的文件數量
[root@kvm02 ~]# lsof | wc -l  
139456
[root@kvm02 ~]# lsof |grep delete|awk '{print $2}'|sort|uniq |xargs kill -9

3) 確保防火牆關閉了,清空防火牆策略
[root@kvm02 ~]# iptables -F
[root@kvm02 ~]# iptables -L              
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

4)把vncserver@:1.service 中的 Type 參數設置為 simple,這一步很關鍵!!!
[root@kvm02 ~]# cat /etc/systemd/system/vncserver@:1.service
..........
[Service]
Type=simple            #修改這一行Type參數為simple,其他行內容不變。
# Clean any existing files in /tmp/.X11-unix environment
ExecStartPre=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
ExecStart=/usr/sbin/runuser -l root -c "/usr/bin/vncserver %i"
PIDFile=/root/.vnc/%H%i.pid
ExecStop=/bin/sh -c '/usr/bin/vncserver -kill %i > /dev/null 2>&1 || :'
.........
.........

5)最后再嘗試重啟
[root@kvm02 ~]# systemctl stop vncserver@:1.service
[root@kvm02 ~]# systemctl enable vncserver@:1.service
[root@kvm02 ~]# systemctl start vncserver@:1.service

[root@kvm02 ~]# systemctl status vncserver@:1.service
● vncserver@:1.service - Remote desktop service (VNC)
   Loaded: loaded (/etc/systemd/system/vncserver@:1.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2020-04-14 13:47:56 CST; 22min ago
 Main PID: 1733 (Xvnc)
   CGroup: /system.slice/system-vncserver.slice/vncserver@:1.service
           ‣ 1733 /usr/bin/Xvnc :1 -auth /root/.Xauthority -desktop kvm02.kevin.cn:1 (root) -fp catalogue:/etc/X11/fontpath.d -geometry...

Apr 14 13:47:56 kvm02.kevin.cn systemd[1]: Starting Remote desktop service (VNC)...
Apr 14 13:47:56 kvm02.kevin.cn systemd[1]: Started Remote desktop service (VNC).

查看vnc服務進程及其端口,如下可以看出端口是5911
但是注意:vncserver大多數情況下默認端口是5901,這個要特別注意查看確認,以保證vnc遠程連接時使用正確端口!!!!
[root@kvm02 ~]# ps -ef|grep Xvnc
root       1733      1  0 13:47 ?        00:00:06 /usr/bin/Xvnc :1 -auth /root/.Xauthority -desktop kvm02.kevin.cn:1 (root) -fp catalogue:/etc/X11/fontpath.d -geometry 1024x768 -pn -rfbauth /root/.vnc/passwd -rfbport 5911 -rfbwait 30000
root       5099   4256  0 14:10 pts/2    00:00:00 grep --color=auto Xvnc

6)novnc輸出http方式連接vnc的地址
注意:下面的10.0.32.22是vnc服務器本地ip,5911是vncserver服務端口
[root@kvm02 ~]# novnc_server --vnc 10.10.132.22:5911 --listen 6081
Warning: could not find self.pem
Starting webserver and WebSockets proxy on port 6081
WebSocket server settings:
  - Listen on :6081
  - Flash security policy server
  - Web server. Web root: /usr/share/novnc
  - No SSL/TLS support (no cert file)
  - proxying from :6081 to 10.0.32.22:5911


Navigate to this URL:

    http://kvm02.kevin.cn:6081/vnc.html?host=kvm02.kevin.cn&port=6081

Press Ctrl-C to exit


============================================================================================================
注意:
上面的"Press Ctrl-C to exit"這一行內容不要終止!
接着在瀏覽器里輸入上面命令輸出中的URL,以http方式訪問vnc,輸入密碼即可!
訪問地址為:http://10.10.132.22:6081/vnc.html?host=10.10.132.22&port=6081
瀏覽器里http方法連接vnc的日志信息會在"Press Ctrl-C to exit"這一行下面打印輸出來......


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 CentOS7.2 部署Haproxy 1.7.2 Centos7.2 下DNS+NamedManager高可用部署方案完整記錄 基於Centos7.2搭建Cobbler自動化批量部署操作系統服務 [原]CentOS7.2部署node-mapnik CentOS7.2部署OpenStack(一)—環境准備 centos7.2 kvm虛擬化管理平台WebVirtMgr部署 centos7.2 部署k8s集群 centos7.2 kvm虛擬化管理平台WebVirtMgr部署 Centos7.2安裝部署(圖文教程) CentOS7.2 部署Ceph分布式存儲
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM