Suppose you wanted to serve Linux desktops to remote users (DE is not critical, but full graphical desktops, persistent through network failure, but you can assume a ~decent network connection) who might be running: Linux x86, Windows x86, macOS x86 or M1, _maybe_ Windows ARM. There's budget for substantial computing hardware, but a full VM per user is _probably_ going to blow it.
What would you use?
So it looks like xpra (at least as of the current release, 4.2) handles a lot of what I want, although I haven't yet gotten it all _working_.
Virtual desktop: check. Run xpra start-desktop instead of xpra start, and it shares a virtual screen instead of individual apps.
Screen management: check. Use a system proxy and it will allocate screens for you. (Isn't working for me, though.)
Improved performance: check. xpra has always excelled at this.
Persistent desktop: check. Just reconnect.
a shadow of a sketch
Linux is a multi-user OS! We used to put 12 or 20 engineers onto one machine.
I suppose there are containers, if you feel the need. That will use up storage but allow you to meter out RAM and CPU.
And then RDP for the users to connect in.
This is not a recipe, just a mere shadow of a sketch! And so it might be entirely useless.
a shadow of a sketch
@EdS Indeed, in the late 90s I shared my desktop Linux machine with a number of benighted Windows users using X-Win32 and simple X11 forwarding (later SSH forwarding) over LANnish environments. This is the sort of thing I'm leaning toward ... but even with quite fast network connections, X11 over WAN is pretty painful.
There are a number of solutions for this (VNC, RDP, X2go, NX, etc.), but the landscape is kind of complicated as far as managing large numbers of users. 1/2
@EdS I should have clarified that I do need to manage dozens or hundreds of users -- it's probably actually the user management that's the hard part! For one user, I'd say "eh just ssh in and `xpra start :10`", or something like. 2/2
How hostile an environment is it? Will they be trying to break things, or running random software?
It would be nice if there were a prepackaged setup for this, but it probably seems quite niche. The idea of several users on a computer is an idea from the past.
It looks like Google have some kind of cloud desktop offering which delivers over RDP - it must be possible.
I remember now we asked our users to use their phone extension for their VNC port. Some things need to be unique!
@EdS They're students. They won't be trying to break things, but they're VERY good at breaking things. ;-)
This feels in general like a very 90s thing to do. The solutions I'm seeing now all seem to be quite niche and expensive, in the commercial space. Several providers will sell me Linux desktops by the hour, but for a classroom of students it's thousands of dollars per semester for 24/7 availability.
@EdS I think I'm leaning toward not containerizing, even; I can serve more users on the machine, that way.
My current plan-ish is to try x2go with a full-screen X server and have them just start an X session. I am a little bit concerned about ensuring that X sessions survive network disconnection (and getting students re-connected without high support costs). I haven't sussed that situation out yet.
@EdS I like xpra a lot; the trouble with xpra is 1) it doesn't do full sessions so much as individual apps (maybe ok?) And 2) it didn't have any sort of port management last I knew. I may be able to script that up somehow, or it may have sprouted management while I wasn't looking.
@EdS It looks like xpra now does full desktop sessions _and_ has session management of some kind built in. I'm looking into this more deeply now.
@elb @EdS One option is to give each student a VM and just give them VNC to the VM console; whether you preserve the VM disk or not across sessions is a different matter. Another is to get a host to start Xvnc and the users again login via VNC. There are VNC clients for everything, include web based ones.
@penguin42 @EdS That's one of the options we're exploring, via something like VMware ESXi. There are two problems with that (so far): one is that the management for the VMware stuff _really_ seems to want to assume that users are superuser-level trusted, and the other is the level of resource commitment required for a VM versus a container or just shared machine.
@elb I frequently log into our servers and type 'vncserver'. It creates a graphical interface I can connect to via VNC. I always thought that would work to serve multiple graphical desktops but never really looked into it.
First is at port 5901 and they go up from there as you create them.
"I appreciate SDF but it's a general-purpose server and the name doesn't make it obvious that it's about art." - Eugen Rochko