Guacamole?

[zappa]

I am trying desperately to get guacamole running on proxmox, but have reached my limits I believe.

What I have done so far is that I have installed ubuntu 22.04 from a template.

I then followed this YouTube video to install Docker and Portainer: https://www.youtube.com/watch?v=iX0HbrfRyvc

All this works well so far, Docker and Portainer works, I can access them and everything.

But then I followed this guide to install Guacamole: https://www.diytechguru.com/2021/12/05/install-official-guacamole-on-docker/

I think I have everything worked out so far, but I cant understand where the last two command lines goes?

docker run --rm guacamole/guacamole /opt/guacamole/bin/initdb.sh --mysql > initdb.sql

docker exec -i mariadb mysql -u root --password=rootpw guacamole_db < initdb.sql

And clicking on the link: http://localhost:8080/guacamole/ gets me nowhere.

I am new to proxmox, docker, portainer and linux, so I am sure its something simple that I am missing.

If anyone is able to help, or is already running guacamole and can link me to a simple beginner friendly guide that I can follow, would be great.

 

[Dunuin]

"localhost:8080" will only work from inside that ubuntu LXC. If you want to access the webUI from another machine you will have to type in the IP the LXC. So for example "http://IP.OF.YOUR.LXC:8080/guacamole/".

 

[zappa]

"localhost:8080" will only work from inside that ubuntu LXC. If you want to access the webUI from another machine you will have to type in the IP the LXC. So for example "http://IP.OF.YOUR.LXC:8080/guacamole/".

Alright, thanks, that actually got me into Gucamole. Now I dont seem to be able to connect to the remote VM though.
I have entered the correct ip and port number, but it just times out.

Maybe it has something to do with the guide I followed?
The first instruction was to make a new network for the 3 containers called intranet. Could that somehow affect the external internet connection?

When I go into my router I dont see the IPs of the docker containers on that machine, but I guess that is normal?

I tried changing the network of the 3 containers to bridge, but that only made it worse and I couldnt get back into the guacamole interface again.

 

[Dunuin]

And how did you setup that "intranet" bridge in Portainer?

 

[zappa]

And how did you setup that "intranet" bridge in Portainer?

Networks/ + add new network
then input the name "intranet"
Thats all.

 

[zappa]

Does anyone know how to fix this?

 

[EllyMae]

Just as an aside -- I have found Portainer often "gets in the way." When I, instead, learned to used Docker directly, things went much better.

 

[zappa]

Just as an aside -- I have found Portainer often "gets in the way." When I, instead, learned to used Docker directly, things went much better.

Unfortunetly I dont think that portainer is at fault this time?
I have created everything according to the guide, its just that my Guacamole doesnt seem to be able to acccess the internet, or thats what it looks like?

 

[zappa]

would someone maybe be able to help if I provide some log files?

 

[shanreich]

From where are you trying to access the docker containers? From a remote machine or from the same machine where they are hosted?

Can you post the output of

docker ps -a
docker network ls
docker inspect <container> # for at least 1 container (BE CAREFUL if you have secrets in the envvars)

 

[zappa]

From where are you trying to access the docker containers? From a remote machine or from the same machine where they are hosted?

Can you post the output of

docker ps -a
docker network ls
docker inspect <container> # for at least 1 container (BE CAREFUL if you have secrets in the envvars)

Okay so the way I have it set up is on a Virtual machine on proxmox.

This is the output I get:

CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
833a91751b81 guacamole/guacamole "/opt/guacamole/bin/…" 31 hours ago Up 13 hours 0.0.0.0:8080->8080/tcp, :::8080->8080/tcp guacamole
eaf952844d24 guacamole/guacd "/bin/sh -c '/usr/lo…" 31 hours ago Up 13 hours (healthy) 0.0.0.0:4822->4822/tcp, :::4822->4822/tcp guacd
5305a2bcfb70 mariadb "docker-entrypoint.s…" 31 hours ago Up 13 hours 0.0.0.0:3306->3306/tcp, :::3306->3306/tcp mariadb
6494c55fe6ae portainer/portainer-ce:latest "/portainer" 35 hours ago Up 13 hours 0.0.0.0:8000->8000/tcp, :::8000->8000/tcp, 0.0.0.0:9443->9443/tcp, :::9443->9443/tcp, 9000/tcp portainer
1117459ed8df nginx "/docker-entrypoint.…" 35 hours ago Exited (255) 13 hours ago 0.0.0.0:80->80/tcp, :::80->80/tcp upbeat_albattani
NETWORK ID NAME DRIVER SCOPE
0bf5623dda9e bridge bridge local
f0231f2ba666 host host local
957c456c0aea intranet bridge local
18faff87d759 none null local
-bash: syntax error near unexpected token `newline'

 

[shanreich]

Ah okay, I think I get what you are trying to do now. You want to access the Guacamole Web UI from outside the VM, right?

Can you post the output of cat /etc/network/interfaces and ip a from your Proxmox host, as well as the output of ip a from your VM running the docker containers ? The config of the VM itself would be interesting as well, can you post the output of qm config <VMID> (also on the Proxmox host)?

 

[zappa]

Ah okay, I think I get what you are trying to do now. You want to access the Guacamole Web UI from outside the VM, right?

Can you post the output of cat /etc/network/interfaces and ip a from your Proxmox host, as well as the output of ip a from your VM running the docker containers ? The config of the VM itself would be interesting as well, can you post the output of qm config <VMID> (also on the Proxmox host)?

Yes I am actually able to access the guacamole web UI from outside the VM, but I am not able to get guacamole to connect to any VM on the proxmox server. (If that made sense?)

root@proxmox:~# cat /etc/network/interfaces
# network interface settings; autogenerated
# Please do NOT modify this file directly, unless you know what
# you're doing.
#
# If you want to manage parts of the network configuration manually,
# please utilize the 'source' or 'source-directory' directives to do
# so.
# PVE will preserve these directives, but will NOT read its network
# configuration from sourced files, so do not attempt to move any of
# the PVE managed interfaces into external files!

auto lo
iface lo inet loopback

iface enp4s0 inet manual

auto vmbr0
iface vmbr0 inet static
address 192.168.68.100/24
gateway 192.168.68.1
bridge-ports enp4s0
bridge-stp off
bridge-fd 0

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master vmbr0 state UP group default qlen 1000
link/ether b4:2e:99:91:ce:18 brd ff:ff:ff:ff:ff:ff
3: vmbr0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether b4:2e:99:91:ce:18 brd ff:ff:ff:ff:ff:ff
inet 192.168.68.100/24 scope global vmbr0
valid_lft forever preferred_lft forever
inet6 fe80::b62e:99ff:fe91:ce18/64 scope link
valid_lft forever preferred_lft forever
4: veth102i0@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr102i0 state UP group default qlen 1000
link/ether fe:24:81:ed:13:d1 brd ff:ff:ff:ff:ff:ff link-netnsid 0
5: fwbr102i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 62:f4:c2:d5:7e:d0 brd ff:ff:ff:ff:ff:ff
6: fwpr102p0@fwln102i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP group default qlen 1000
link/ether de:89:02:0e:22:1b brd ff:ff:ff:ff:ff:ff
7: fwln102i0@fwpr102p0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr102i0 state UP group default qlen 1000
link/ether 8e:21:2d:f6:80:f1 brd ff:ff:ff:ff:ff:ff
8: tap101i0: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master fwbr101i0 state UNKNOWN group default qlen 1000
link/ether c2:e7:cc:a2:7b:29 brd ff:ff:ff:ff:ff:ff
9: fwbr101i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether ca:81:fd:6e:fd:9f brd ff:ff:ff:ff:ff:ff
10: fwpr101p0@fwln101i0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master vmbr0 state UP group default qlen 1000
link/ether 2a:e4:64:d8:52:a3 brd ff:ff:ff:ff:ff:ff
11: fwln101i0@fwpr101p0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master fwbr101i0 state UP group default qlen 1000
link/ether 22:69:64:2a:25:66 brd ff:ff:ff:ff:ff:ff

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether 46:28:6f:63:0d:ff brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet 192.168.68.131/24 metric 1024 brd 192.168.68.255 scope global dynamic eth0
valid_lft 81258sec preferred_lft 81258sec
inet6 fe80::4428:6fff:fe63:dff/64 scope link
valid_lft forever preferred_lft forever
3: br-957c456c0aea: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:c7:9e:1f:c0 brd ff:ff:ff:ff:ff:ff
inet 172.19.0.1/16 brd 172.19.255.255 scope global br-957c456c0aea
valid_lft forever preferred_lft forever
inet6 fe80::42:c7ff:fe9e:1fc0/64 scope link
valid_lft forever preferred_lft forever
4: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:1b:63:9c:38 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:1bff:fe63:9c38/64 scope link
valid_lft forever preferred_lft forever
6: vetha073132@if5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-957c456c0aea state UP group default
link/ether d2:0b:98:f1:bf:92 brd ff:ff:ff:ff:ff:ff link-netnsid 3
inet6 fe80::d00b:98ff:fef1:bf92/64 scope link
valid_lft forever preferred_lft forever
8: veth8833734@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 02:37:d9:e9:65:db brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::37:d9ff:fee9:65db/64 scope link
valid_lft forever preferred_lft forever
10: veth189f6d7@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-957c456c0aea state UP group default
link/ether 96:c9:f4:95:07:a7 brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::94c9:f4ff:fe95:7a7/64 scope link
valid_lft forever preferred_lft forever
12: vethd478a3b@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-957c456c0aea state UP group default
link/ether a6:9f:16:9a:b5:ee brd ff:ff:ff:ff:ff:ff link-netnsid 4
inet6 fe80::a49f:16ff:fe9a:b5ee/64 scope link
valid_lft forever preferred_lft forever

Here are the logs in the order requested.
The last code on the proxmox server only spits out this error, not sure I typed it in correctly?

root@proxmox:~# qm config <VMID>
-bash: syntax error near unexpected token `newline'

 

[shanreich]

Yes I am actually able to access the guacamole web UI from outside the VM, but I am not able to get guacamole to connect to any VM on the proxmox server. (If that made sense?)

Ah okay, then I was still mistaken - good thing I asked..

The last code on the proxmox server only spits out this error, not sure I typed it in correctly?

Here you would need to replace <VMID> with the actual ID of the VM (e.g. 100).
I would need the output of this command for both the VM running Guacamole as well as the VM that you want to connect to.

Additionally it would be interesting to have the output of ip a from the VM that you want to connect to as well in this case.

 

[zappa]

Ah okay, then I was still mistaken - good thing I asked..



Here you would need to replace <VMID> with the actual ID of the VM (e.g. 100).
I would need the output of this command for both the VM running Guacamole as well as the VM that you want to connect to.

Additionally it would be interesting to have the output of ip a from the VM that you want to connect to as well in this case.

Sorry, my misstake, still learning all this
But my VM that is running the guacamole is the same that is running docker, and it has the ID 102, but it still spits out the same error:

root@proxmox:~# qm config <102>
-bash: syntax error near unexpected token `102'

Just to clarify I am running this command from the proxmox web-gui under _Shell
Maybe thats the wrong way of doing it?

 

[shanreich]

Sorry, my misstake, still learning all this
But my VM that is running the guacamole is the same that is running docker, and it has the ID 102, but it still spits out the same error:



Just to clarify I am running this command from the proxmox web-gui under _Shell
Maybe thats the wrong way of doing it?

The correct command would be qm config 102

 

[zappa]

The correct command would be qm config 102

root@proxmox:~# qm config 102
Configuration file 'nodes/proxmox/qemu-server/102.conf' does not exist

(I assure you, it does exist, at least its in the list and listed as 102 )

root@proxmox:~# qm config 101
audio0: device=ich9-intel-hda,driver=spice
bios: ovmf
boot: order=sata0;usb0;ide2;net0
cores: 4
cpu: host
efidisk0: DIR01:101/vm-101-disk-0.qcow2,efitype=4m,pre-enrolled-keys=1,size=528K
ide2: none,media=cdrom
machine: pc-q35-6.2
memory: 8192
meta: creation-qemu=6.2.0,ctime=1667108401
name: Win11
net0: e1000=B6:93:B0:8C:3E:70,bridge=vmbr0,firewall=1
numa: 0
ostype: win11
sata0: DIR01:101/vm-101-disk-1.qcow2,cache=writeback,discard=on,size=120G,ssd=1
scsihw: virtio-scsi-pci
smbios1: uuid=a37a0b34-7c54-4d50-8f23-02900d48a99f
sockets: 1
tpmstate0: DIR01:101/vm-101-disk-2.raw,size=4M,version=v2.0
usb0: host=0781:5581,usb3=1
vga: memory=512
vmgenid: f41e75f5-5889-4cf0-8188-f2c2e06fba55

The VM machine I am trying to connect to is windows 11 and it has an ip of 192.168.68.15:4191

 

[shanreich]

(I assure you, it does exist, at least its in the list and listed as 102 )



The VM machine I am trying to connect to is windows 11 and it has an ip of 192.168.68.15:4191

Can you post the output of qm list then? Would be interesting to see why the configuration file cannot be found in that case.

From what I can tell from your Windows VM config you have the Firewall enabled, maybe there are some issues with the configuration of the Firewall and this is why you cannot connect? Can you try turning it off and then test it? Then we would know if the firewall is the problem.

Can you ping the Windows VM from Guacamole?

 

[zappa]

Can you post the output of qm list then? Would be interesting to see why the configuration file cannot be found in that case.

From what I can tell from your Windows VM config you have the Firewall enabled, maybe there are some issues with the configuration of the Firewall and this is why you cannot connect? Can you try turning it off and then test it? Then we would know if the firewall is the problem.

Can you ping the Windows VM from Guacamole?

root@proxmox:~# qm list
VMID NAME STATUS MEM(MB) BOOTDISK(GB) PID
100 Ubuntu-22 stopped 4096 120.00 0
101 Win11 running 8192 120.00 3514

I am able to access the windows VM through RDP on my laptop, and I have added the ip and port in my router as well as a rule in the VM´s firewall inside windows.

How do I ping it from guacamole itself?

 

[zappa]

I am able to access the windows VM through RDP on my laptop, and I have added the ip and port in my router as well as a rule in the VM´s firewall inside windows.

How do I ping it from guacamole itself?

Another thing I dont understand is why it lists only 2 VMs?

I have 3 VMs currently, but only 2 of them running.
They are as follow:

(102) Docker (Docker is running)
(100) Ubuntu-22 (Ubuntu is off)
(101) Win11 (Win11 is running)