To connect to a VM, the user clicks the eye button on the VM control panel. The platform opens a connection to the VM using the appropriate protocol, for example, VNC, RDP, or SSH.
By default Abiquo uses Apache Guacamole https://guacamole.incubator.apache.org/ as a remote access server, and it is installed on the Remote Services server. When you configure a datacenter or public cloud region, the platform automatically adds the remote service, and you can share it with other datacenters or providers. Guacamole supports VNC, RDP, and SSH connections using a single solution for all protocols.
When a user requests remote access to a VM:
When you create a physical machine, the IP address for remote access is the Service IP. However, when you add a vCenter cluster as a physical machine, the platform will automatically assign the IP for remote access based on the IPs defined for management traffic. See Abiquo Configuration Properties#esxi for properties to define the networks or IP addresses or request that the platform should detect host IPs used for management traffic.
Each VNC connection to a VM on the hypervisor will require a port. The Abiquo default port range for VNC connections is 5900 to 65534. In general, VNC connections should use ports 5900 to 6000. Review the remote access documentation for your hypervisor. Note that VMware only recommends ports 5900 to 5964 (See VMware Documentation).
To configure the port range, in the Abiquo Configuration Properties, set the properties abiquo.vncport.min and abiquo.vncport.max.
To brand the Guacamole client:
When users connect, they can select an on-screen keyboard for use in the Guacamole client.
On ESXi, users can select a keymap to configure in the VM from a list in VM general information.
Note that on ESXi for certain locales, when using remote access from a web client, some keystrokes do not translate. See https://kb.vmware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalId=2071245
By default, remote access is enabled for the whole platform.
To change the remote access configuration for the platform:
The state of remote access will change for VMs that are NOT deployed. Deployed VMs will keep their original state. After you disable remote access, you cannot access deployed VMs through the eye icon but the port is still enabled on the hypervisor, so another client can connect.
To use remote access, users accounts should have an SSH public key, email, and telephone number (cell phone).
If remote access is enabled and configured:
The platform captures remote access settings with VMs and users can then reconfigure them.
With an appropriate template, users can request an initial VM password using guest setup, which will be sent to them by email or SMS