search

TigerVNC / tigervnc

High performance, multi-platform VNC client and server
https://tigervnc.org
GNU General Public License v2.0
5.09k stars 934 forks source link

Websockify + noVNC disconnects after desktop has been running and idle for around 1 minute #1775

Closed kevin-niland closed 3 months ago

kevin-niland commented 3 months ago

I have a few components in place that allows me to access a remote desktop at https:///path/to/vnc.html. This includes a Kubernetes service, Ingress, a broker that performs a remote proxy to websockify in Go, and my pod which starts Xvnc and websockify:

/usr/bin/Xvnc :10 -auth $HOME/.Xauthority -fp /usr/share/fonts/misc,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/Type1 -listen tcp -pn -rfbauth $HOME/.vnc/passwd -rfbport 5910 2>&1 & websockify --verbose -D --cert=/rd.crt --key=/rd.key 6080 localhost:5910

A HTTPD sidecar provides the /usr/share/novnc/ that would normally be specified when running websockify.

The initial request will go Ingress to handle the websockify traffic (serves novnc websocket connection), which then sends it to the kubernetes service. A broker pod then proxies http/websocket connections. The actual pod will then receive this request and the desktop can be viewed.

However, I've noticed that the desktop will disconnect after around a minute. I've tried specifying a timeout in the above novnc and websockify commands, but that doesn't make a difference. Here are the logs from the pod:

Defaulted container "remotedesktop" out of: remotedesktop, remotedesktop-init (init)
+ vncpasswd
Would you like to enter a view-only password (y/n)? A view-only password is not used
Password:Verify:+ echo 'SSO_TOKEN: zn0y5lD_UCQXz4M4ggfEs5naG98.*AAJTSQACMDEAAlNLABxYTUZwUzZKQ0QwcXRNWGdhaktTTGgzRnUxcFk9AAR0eXBlAANDVFMAAlMxAAA.*'
SSO_TOKEN: zn0y5lD_UCQXz4M4ggfEs5naG98.*AAJTSQACMDEAAlNLABxYTUZwUzZKQ0QwcXRNWGdhaktTTGgzRnUxcFk9AAR0eXBlAANDVFMAAlMxAAA.*
+ export DISPLAY=:10
+ DISPLAY=:10
+ mkdir -p /home/shared/odpuser/.config/tint2/
+ cp /var/tmp/tint2rc /home/shared/odpuser/.config/tint2/
cp: cannot stat '/var/tmp/tint2rc': No such file or directory
+ websockify --verbose -D --cert=/rd.crt --key=/rd.key 6080 localhost:5910
+ /usr/bin/Xvnc :10 -auth /home/shared/odpuser/.Xauthority -fp /usr/share/fonts/misc,/usr/share/fonts/75dpi,/usr/share/fonts/100dpi,/usr/share/fonts/Type1 -listen tcp -pn -rfbauth /home/shared/odpuser/.vnc/passwd -rfbport 5910
_XSERVTransmkdir: ERROR: euid != 0,directory /tmp/.X11-unix will not be created.

Xvnc TigerVNC 1.12.0 - built ??? ?? ???? ??:??:??
Copyright (C) 1999-2021 TigerVNC Team and many others (see README.rst)
See https://www.tigervnc.org for information on TigerVNC.
Underlying X server release 12101004, The X.Org Foundation

Wed Jun 26 09:57:28 2024
 vncext:      VNC extension running!
 vncext:      Listening for VNC connections on all interface(s), port 5910
 vncext:      created VNC server for screen 0
The XKEYBOARD keymap compiler (xkbcomp) reports:
> Internal error:   Could not resolve keysym XF86WWAN
> Internal error:   Could not resolve keysym XF86RFKill
Errors from xkbcomp are not fatal to the X server
[mi] mieq: warning: overriding existing handler (nil) with 0x55fe174325a0 for event 2
[mi] mieq: warning: overriding existing handler (nil) with 0x55fe174325a0 for event 3
WebSocket server settings:
  - Listen on :6080
  - Flash security policy server
  - SSL/TLS support
  - Backgrounding (daemon)
+ sleep 5
+ sleep 5
+ tint2 -c /etc/xdg/tint2/tint2rc
(EE) Failed to open authorization file "/home/shared/odpuser/.Xauthority": No such file or directory
+ sleep infinity
+ openbox
Obt-Message: Xinerama extension is not present on the server
tint2: No XSETTINGS manager, tint2 uses config option 'launcher_icon_theme'.
tint2: Loading config file: /etc/xdg/tint2/tint2rc
tint2: real transparency off.... depth: 24
tint2: panel items: LT
tint2: nb monitors 1, nb monitors used 1, nb desktops 4
tint2: panel 1 uses scale 1 
tint2: Could not open file /usr/share/applications/org.gnome.gedit.desktop
tint2: Loading icon theme cache...
tint2: pixmap background detection failed
tint2: Kernel uevent interface initialized...
tint2: Could not find icon '(null)', using default.
tint2: pixmap background detection failed

Wed Jun 26 10:39:23 2024
 Connections: accepted: 127.0.0.1::40690
 SConnection: Client needs protocol version 3.8
 SConnection: Client requests security type VncAuth(2)
 VNCSConnST:  Server default pixel format depth 24 (32bpp) little-endian rgb888

Wed Jun 26 10:39:24 2024
 VNCSConnST:  Client pixel format depth 24 (32bpp) little-endian rgb888
 ComparingUpdateTracker: 0 pixels in / 0 pixels out
 ComparingUpdateTracker: (1:-nan ratio)
/home/abuild/rpmbuild/BUILD/tint2-v16.2-b810bad93ff65854137fbd2f344ad2f99338008f/src/util/signals.c 161: triggering tint2 restart, reason: configuration change in the root window
tint2: /home/abuild/rpmbuild/BUILD/tint2-v16.2-b810bad93ff65854137fbd2f344ad2f99338008f/src/main.c 782: restarting tint2...
tint2: No XSETTINGS manager, tint2 uses config option 'launcher_icon_theme'.
tint2: Loading config file: /etc/xdg/tint2/tint2rc
tint2: real transparency off.... depth: 24
tint2: panel items: LT
tint2: nb monitors 1, nb monitors used 1, nb desktops 4
tint2: panel 1 uses scale 1 
tint2: Could not open file /usr/share/applications/org.gnome.gedit.desktop
tint2: Loading icon theme cache...
tint2: pixmap background detection failed
tint2: Kernel uevent interface initialized...
tint2: Could not find icon '(null)', using default.
tint2: pixmap background detection failed

Wed Jun 26 10:41:19 2024
 VNCSConnST:  closing 127.0.0.1::40690: Clean disconnection
 EncodeManager: Framebuffer updates: 290
 EncodeManager:   Tight:
 EncodeManager:     Solid: 11 rects, 3.59622 Mpixels
 EncodeManager:            176 B (1:81733 ratio)
 EncodeManager:     Bitmap RLE: 280 rects, 61.91 kpixels
 EncodeManager:                 8.27051 KiB (1:29.6375 ratio)
 EncodeManager:     Indexed RLE: 5 rects, 3.96 kpixels
 EncodeManager:                  1.4502 KiB (1:10.7071 ratio)
 EncodeManager:   Tight (JPEG):
 EncodeManager:     Full Colour: 5 rects, 114.81 kpixels
 EncodeManager:                  29.6689 KiB (1:15.118 ratio)
 EncodeManager:   Total: 301 rects, 3.7769 Mpixels
 EncodeManager:          39.5615 KiB (1:373.015 ratio)
 Connections: closed: 127.0.0.1::40690
 ComparingUpdateTracker: 74.82 kpixels in / 74.82 kpixels out
 ComparingUpdateTracker: (1:1 ratio)

Would there be something in the ingress or the reverse proxy I have that is causing this disconnect? As I have tested through Remmina and the desktop does not disconnect.

CendioOssman commented 3 months ago

Difficult to say where the issue is, given so many components. It doesn't seem to be in TigerVNC at least, given that it reports a clean disconnection.

I would suggest using tcpdump between the relevant components and see the order of events. That should tell you which component is initiating the shutdown.