Multiplexing Console Manager Code
Brought to you by:
nwilliams
Menu
▾
▴
Tree [d778ce] master vmware-support 2.0.0-rc1 / History
Frank Hofmann
Nick Williams
njw
Read Me
multicons -- a multiplexing console system.
This is all written in C++ (although with some very C-style idioms),
so you need a C++ compiler. It's been tested with G++ and
SunProC on redhat linux and solaris respectively.
Features:
- can connect to network-accessible consoles via TELNET
- can connect to arbitrary programs that run in a pty
- for network consoles, provides complete TELNET handling
- the client is telnet(1), so can be accessed from just
about anywhere.
- provides Kerberos authentication
- complete logging of all console output
- as well as plain ASCII logs (real "unmodified" output),
can also have XML logs which annotate output with
the originating username and timestamps, allowing
full replay functionality.
- you can use 'chat'-like scripts (agents) that can
auto-login to a console (useful when the initial
connection drops you at a out-of-band manager or
a password prompt, or combinations thereof).
- multiple users can share a console in any combination
of read-only or read-write mode.
- consoles can be restricted to only allow a single
user in read-write mode at a time (with associated
configurable behaviour for allowing auto-steal-on-idle,
or explicit stealing of the "write token")
- configurable auto-retry of failed connections
- entitlements based on a filesystem-like model, whereby
directories of consoles can be protected (or unprotected)
in the same way, even allowing for users to create new
consoles in writable directories.
- can invoke actions based on failing consoles (for example
in an effort to fix a wedged terminal server port).
- has been tested with well over 2,000 consoles
connected simultaneously
Differences between this and other products:
How does this compare to conserver?
\ multicons | conserver |
Feature \ | |
-------------------------------*-----------+-----------+
Logging of individual consoles | yes | yes |
replay-able logfiles | yes | no |
Can log console data to syslog | no | yes |
Client works from anywhere | yes | no(1) |
Kerberos authentication | yes | no |
Service Discovery(2) | no | yes |
Auto-forking server | no | yes |
Serial port management | no | yes |
Chat-scripts for connecting | yes | no |
Dynamic reconfiguration | yes | yes |
Dynamic user configuration | yes | no |
SSL certificates (+ encryption)| no | yes |
"serviceability" commands(3) | yes | yes |
xterm-like titlebar management | yes | no(4) |
macros | yes | no |
redirecting local commands | no | yes |
staggered reconnects(5) | yes | yes |
ability to fix broken consoles | yes(6) | no |
-------------------------------+-----------+-----------+
(1) multicons uses plain 'ol telnet(1), which is available
without recompiling on pretty much everything, however the
kerberos authentication requires a client which supports
the Kerberos authentication option. Without such a feature
in your telnet client, you will be able to connect to the
server but you may not have priviledges to *do* much, depending
on config.
(2) how do you know which console server to connect to for
a given console? conserver provides a redirect functionality
within the protocol (an advantage of using a custom client
over the plain ol' telnet client).
(3) functionality such as "who's connected, what consoles
are available, what's the state of the server, of the console,
etc"
(4) although you can configure your .consolerc so that the
titlebar will be set correctly on connect, it does not
provide a notification method to change the titlebar as
other users connect or the write-token passes between
users.
(5) conserver calls this throttling and it serialises
connections. multicons calls this 'scatter' and is a
randomization of connection times.
(6) The ability of multicons is to callout
to a configured commandline if the server detects a problem
with the console. The external script is not provided
with the multicons distribution and must be provided by
the local system administrator. At the author's site, we
expect to determine if a clear line on the terminal server
would be appropriate and if so, to do it.
