环境准备
firewall-cmd --add-port=80/tcp --permanent
firewall-cmd --add-port=443/tcp --permanent
firewall-cmd --add-port=8080/tcp --permanent
firewall-cmd --add-port=4822/tcp --permanent
firewall-cmd --reload
sed -i s#SELINUX=enforcing#SELINUX=disabled# /etc/selinux/config
vim /etc/sysctl.d/disable_ipv6.conf
net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
sysctl -p /etc/sysctl.d/disable_ipv6.conf
yum -y install gcc-c++ wget vim
先决条件安装(安装必须依赖项和可选依赖项)
rpm --import http://li.nux.ro/download/nux/RPM-GPG-KEY-nux.ro
yum -y install http://li.nux.ro/download/nux/dextop/el7/x86_64/nux-dextop-release-0-1.el7.nux.noarch.rpm
yum install -y cairo-devel libjpeg-turbo-devel libpng-devel uuid-devel
yum install -y ffmpeg ffmpeg-devel openssl openssl-devel
yum install -y freerdp freerdp-devel freerdp-plugins pango-devel libssh2-devel
yum install -y libtelnet-devel libvncserver-devel pulseaudio-libs-devel
yum install -y libvorbis-devel libwebp-devel
yum install -y libwebsockets-devel gnu-free-mono-fonts
安装tomcat和mysql
yum install java-11-openjdk java-11-openjdk-devel
ls -l $(which java)
ls -lrt /etc/alternatives/java
vi /etc/profile
export JAVA_HOME=/usr/lib/jvm/java-11-openjdk-11.0.16.0.8-1.el7_9.x86_64
export JRE_HOME=$JAVA_HOME/jre
export CLASSPATH=$JAVA_HOME/lib:$JRE_HOME/lib:$CLASSPATH
export PATH=$JAVA_HOME/bin:$JRE_HOME/bin:$PATH
source /etc/profile
echo $JAVA_HOME
yum install -y tomcat tomcat-webapps tomcat-admin-webapps
systemctl enable tomcat
systemctl start tomcat
yum install -y mariadb mariadb-server
systemctl enable mariadb
systemctl start mariadb
安装guacamole服务端和客户端
wget https://dlcdn.apache.org/guacamole/1.4.0/source/guacamole-server-1.4.0.tar.gz
tar -xzvf guacamole-server-1.4.0.tar.gz
cd guacamole-server-1.4.0/
./configure --with-init-dir=/etc/init.d
make
make install
ldconfig
wget https://dlcdn.apache.org/guacamole/1.4.0/binary/guacamole-1.4.0.war
mkdir -p /etc/guacamole/{extensions,lib}
touch /etc/guacamole/{guacamole.properties,guacd.conf}
mv guacamole-1.4.0.war /etc/guacamole/guacamole.war
ln -s /etc/guacamole/guacamole.war /usr/share/tomcat/webapps/
ln -s /etc/guacamole /usr/share/tomcat/.guacamole
/sbin/chkconfig guacd on
systemctl start guacd
配置mysql(配置guacamole使用数据库认证)
mysql_secure_installation
Enter current password for root (enter for none):<–初次运行直接回车
Set root password? [Y/n] <– 是否设置root用户密码,输入y并回车或直接回车
Remove anonymous users? [Y/n] <– 是否删除匿名用户,生产环境建议删除,所以直接回车
Disallow root login remotely? [Y/n] <–是否禁止root远程登录,根据自己的需求选择Y/n并回车
Remove test database and access to it? [Y/n] <– 是否删除test数据库,直接回车
Reload privilege tables now? [Y/n] <– 是否重新加载权限表,直接回车
mysql -u root -p
CREATE DATABASE guacamole_db;
CREATE USER 'guacamole_user'@'localhost' IDENTIFIED BY 'Password';
GRANT SELECT,INSERT,UPDATE,DELETE ON guacamole_db.* TO 'guacamole_user'@'localhost';
FLUSH PRIVILEGES;
show databases;
show tables from guacamole_db;
show grants for guacamole_user@localhost;
exit
配置JDBC (安装mariadb驱动和数据库认证扩展)
wget https://downloads.mariadb.com/Connectors/java/connector-java-1.8.0/mariadb-java-client-1.8.0.jar
cp mariadb-java-client-1.8.0.jar /etc/guacamole/lib
wget https://dlcdn.apache.org/guacamole/1.4.0/binary/guacamole-auth-jdbc-1.4.0.tar.gz
tar -zvxf guacamole-auth-jdbc-1.4.0.tar.gz
cd guacamole-auth-jdbc-1.4.0/mysql/
cp guacamole-auth-jdbc-mysql-1.4.0.jar /etc/guacamole/extensions/guacamole-auth-jdbc-mysql.jar
cd guacamole-auth-jdbc-1.4.0/mysql/
cat schema/*.sql | mysql -u root -p -D guacamole_db
修改配置文件
vi /et/guacamole/guacamole.properties
# Hostname and port of guacamole proxy
guacd-hostname: localhost
guacd-port: 4822
# MySQL properties
mysql-hostname: localhost
mysql-port: 3306
mysql-database: guacamole_db
mysql-username: guacamole_user
mysql-password: Password
mysql-default-max-connections-per-user: 0
mysql-default-max-group-connections-per-user: 0
systemctl restart guacd
systemctl restart tomcat
现在最基本的部署就已经完成了,可以访问 http://ip:8080/guacamole/ 看看,默认管理员:guacadmin 默认密码:guacadmin
