search

jupyterhub / jupyter-remote-desktop-proxy

Run a Linux Desktop on a JupyterHub
BSD 3-Clause "New" or "Revised" License
113 stars 105 forks source link

Ensure project works against TurboVNC - currently broken? #98

Closed consideRatio closed 6 months ago

consideRatio commented 7 months ago

By @goekce in https://github.com/jupyterhub/jupyter-remote-desktop-proxy/pull/96#issuecomment-1972940545

I believe the command line arguments to tigervnc and turbovnc may be different. In #69 I had mentioned that -xstartup is not accepted by tigervnc:

https://github.com/jupyterhub/jupyter-remote-desktop-proxy/blob/024ab7d61dbe403dc10b090bde4eb2239b030d8e/jupyter_remote_desktop_proxy/__init__.py#L34-L35

I searched for but could neither find any reference to xstartup in the source code of tigervnc nor in the documentation:

https://github.com/search?q=repo%3ATigerVNC%2Ftigervnc%20xstartup&type=code

Further arguments must also be tested:

https://github.com/jupyterhub/jupyter-remote-desktop-proxy/blob/024ab7d61dbe403dc10b090bde4eb2239b030d8e/jupyter_remote_desktop_proxy/__init__.py#L37-L46

This is the reason why I think in the long term the arguments should be configurable by the user.

consideRatio commented 7 months ago

I think what we pass now doesn't work with TurboVNC, or at least something is broken for TurboVNC right now. I have issues to get TurboVNC to provide something functional by doing.

docker run -p 8888:8888 --security-opt seccomp=unconfined -e JUPYTER_TOKEN=secret quay.io/jupyterhub/jupyter-remote-desktop-proxy:main-turbovnc
# then visiting http://127.0.0.1:8888/lab?token=secret
# then clicking on "desktop" button in jupyterlab
# possibly refreshing page a few times
# I should see the desktop now

Doing the same, but with -tigervnc suffix works after one page refresh.

consideRatio commented 6 months ago

Summary of how this project work

(extracted to https://github.com/jupyterhub/jupyter-remote-desktop-proxy/issues/98)

consideRatio commented 6 months ago

What goes wrong?

The browser manages to connect to the jupyter-server-proxy provided websocket, but it doesn't seem like that

Jupyter server logs after pressing the Desktop JupyterLab launcher button the first time

It seems like we acquire index.html from /desktop/, load viewer.js referenced by the index.html, access /desktop-websockify/ and manages to open a websocket connection (Websocket connection established to ws://localhost:34489/). But this is just one part, browser -> jupyter-server-proxy, then jupyter-server-proxy needs to successfully open a websocket connection to the VNC server as well, and this fails (Failed to connect to 127.0.0.1:55791: [Errno 111] Connection refused).

``` [I 2024-03-08 05:00:52.506 ServerApp] 302 GET /desktop (a8901255e4c94c0ebf8738196903bc27@172.19.1.1) 1.47ms WebSocket server settings: - Listen on :34489 - No SSL/TLS support (no cert file) - proxying from :34489 to '/bin/sh -c cd /home/jovyan && /opt/TurboVNC/bin/vncserver -xstartup /opt/install/jupyter_remote_desktop_proxy/share/xstartup -verbose -geometry 1680x1050 -SecurityTypes None -fg' (port 55791) Starting '/bin/sh -c cd /home/jovyan && /opt/TurboVNC/bin/vncserver -xstartup /opt/install/jupyter_remote_desktop_proxy/share/xstartup -verbose -geometry 1680x1050 -SecurityTypes None -fg' xauth: file /home/jovyan/.Xauthority does not exist 127.0.0.1: new handler Process 127.0.0.1 - - [08/Mar/2024 05:00:52] code 405, message Method Not Allowed 127.0.0.1 - - [08/Mar/2024 05:00:52] "GET / HTTP/1.1" 405 - [I 2024-03-08 05:00:52.726 ServerApp] Trying to establish websocket connection to ws://localhost:34489/ 127.0.0.1: new handler Process 127.0.0.1 - - [08/Mar/2024 05:00:52] "GET / HTTP/1.1" 101 - 127.0.0.1 - - [08/Mar/2024 05:00:52] 127.0.0.1: Plain non-SSL (ws://) WebSocket connection 127.0.0.1 - - [08/Mar/2024 05:00:52] connecting to command: '/bin/sh -c cd /home/jovyan && /opt/TurboVNC/bin/vncserver -xstartup /opt/install/jupyter_remote_desktop_proxy/share/xstartup -verbose -geometry 1680x1050 -SecurityTypes None -fg' (port 55791) [I 2024-03-08 05:00:52.730 ServerApp] Websocket connection established to ws://localhost:34489/ 127.0.0.1 - - [08/Mar/2024 05:00:52] Failed to connect to 127.0.0.1:55791: [Errno 111] Connection refused Desktop 'TurboVNC: f0407bb15b20:1 ()' started on display f0407bb15b20:1 Starting applications specified in /opt/install/jupyter_remote_desktop_proxy/share/xstartup Log file is /home/jovyan/.vnc/f0407bb15b20:1.log ```

TurboVNC reports the following in /home/jovyan/.vnc/f0407bb15b20:1.log, compared to TigerVNC it misses a connection entry in the end:

``` TurboVNC Server (Xvnc) 64-bit v3.1.1 (build 20240127) Copyright (C) 1999-2024 The VirtualGL Project and many others (see README.md) Visit http://www.TurboVNC.org for more information on TurboVNC 08/03/2024 05:00:52 Using security configuration file /etc/turbovncserver-security.conf 08/03/2024 05:00:52 Enabled security type 'none' _XSERVTransmkdir: Cannot create /tmp/.X11-unix with root ownership 08/03/2024 05:00:52 Desktop name 'TurboVNC: f0407bb15b20:1 ()' (f0407bb15b20:1) 08/03/2024 05:00:52 Protocol versions supported: 3.3, 3.7, 3.8, 3.7t, 3.8t 08/03/2024 05:00:52 Listening for VNC connections on TCP port 5901 08/03/2024 05:00:52 Interface 0.0.0.0 08/03/2024 05:00:52 Framebuffer: BGRX 8/8/8/8 08/03/2024 05:00:52 New desktop size: 1680 x 1050 08/03/2024 05:00:52 New screen layout: 08/03/2024 05:00:52 0x00000040 (output 0x00000040): 1680x1050+0+0 08/03/2024 05:00:52 Maximum clipboard transfer size: 1048576 bytes (II) Initializing extension Generic Event Extension (II) Initializing extension SHAPE (II) Initializing extension MIT-SHM (II) Initializing extension XInputExtension (II) Initializing extension XTEST (II) Initializing extension BIG-REQUESTS (II) Initializing extension SYNC (II) Initializing extension XKEYBOARD (II) Initializing extension XC-MISC (II) Initializing extension SECURITY (II) Initializing extension XFIXES (II) Initializing extension XFree86-Bigfont (II) Initializing extension RENDER (II) Initializing extension RANDR (II) Initializing extension COMPOSITE (II) Initializing extension DAMAGE (II) Initializing extension MIT-SCREEN-SAVER (II) Initializing extension RECORD (II) Initializing extension DPMS (II) Initializing extension Present (II) Initializing extension X-Resource (II) Initializing extension XVideo (II) Initializing extension XVideo-MotionCompensation (II) Initializing extension GLX (II) IGLX: Loaded and initialized swrast (II) GLX: Initialized DRISWRAST GL provider for screen 0 (II) Initializing extension VNC-EXTENSION 08/03/2024 05:00:52 VNC extension running! (II) XKB: Reusing cached keymap (II) XKB: Reusing cached keymap (DB) Selection owner change for _DBUS_SESSION_BUS_SELECTION_jovyan_7dd77b1e557846c1885577e8013caa26 _IceTransmkdir: ERROR: euid != 0,directory /tmp/.ICE-unix will not be created. xfce4-session: No SSH authentication agent found gpg-agent[155]: directory '/home/jovyan/.gnupg' created gpg-agent[155]: directory '/home/jovyan/.gnupg/private-keys-v1.d' created gpg-agent[156]: gpg-agent (GnuPG) 2.2.27 started (DB) Selection owner change for WM_S0 (xfwm4:157): GLib-CRITICAL **: 05:00:54.090: g_str_has_prefix: assertion 'prefix != NULL' failed (DB) Selection owner change for _NET_WM_CM_S0 (DB) Selection owner change for COMPOSITING_MANAGER (xfwm4:157): xfwm4-WARNING **: 05:00:54.411: Another compositing manager is running on screen 0 (DB) Selection owner change for _XSETTINGS_S0 (xfsettingsd:172): libupower-glib-WARNING **: 05:00:54.430: Couldn't connect to proxy: Could not connect: No such file or directory (xfsettingsd:172): GLib-CRITICAL **: 05:00:54.440: g_str_has_prefix: assertion 'prefix != NULL' failed (xfsettingsd:172): GLib-GObject-CRITICAL **: 05:00:54.441: g_value_get_string: assertion 'G_VALUE_HOLDS_STRING (value)' failed (xfsettingsd:172): GLib-GObject-CRITICAL **: 05:00:54.442: g_value_get_string: assertion 'G_VALUE_HOLDS_STRING (value)' failed (xfsettingsd:172): GLib-GObject-CRITICAL **: 05:00:54.446: g_value_get_string: assertion 'G_VALUE_HOLDS_STRING (value)' failed (DB) Selection owner change for CLIPBOARD_MANAGER (DB) Selection owner change for XFDESKTOP_SELECTION_0 (DB) Selection owner change for _NET_DESKTOP_MANAGER_S0 ** (xiccd:191): CRITICAL **: 05:00:54.730: Failed to connect to colord: Could not connect: No such file or directory (xfce4-session:127): xfce4-session-WARNING **: 05:00:54.733: Unable to launch "xfce4-screensaver" (specified by autostart/xfce4-screensaver.desktop): Failed to execute child process “xfce4-screensaver” (No such file or directory) Connection failure: Connection refused pa_context_connect() failed: Connection refused (polkit-gnome-authentication-agent-1:192): polkit-gnome-1-WARNING **: 05:00:54.743: Error getting authority: Error initializing authority: Could not connect: No such file or directory (DB) Selection owner change for _NET_DESKTOP_LAYOUT_S0 (xfdesktop:188): GVFS-RemoteVolumeMonitor-WARNING **: 05:00:54.828: remote volume monitor with dbus name org.gtk.vfs.UDisks2VolumeMonitor is not supported ** (xfdesktop:188): WARNING **: 05:00:54.872: Failed to get system bus: Could not connect: No such file or directory xfce4-panel-Message: 05:00:54.886: Plugin "(null)-7" was not found and has been removed from the configuration xfce4-panel-Message: 05:00:54.888: Plugin "power-manager-plugin-9" was not found and has been removed from the configuration (wrapper-2.0:245): GLib-GIO-CRITICAL **: 05:00:55.353: g_file_new_for_path: assertion 'path != NULL' failed (wrapper-2.0:245): GLib-GIO-CRITICAL **: 05:00:55.353: g_file_monitor_file: assertion 'G_IS_FILE (file)' failed (wrapper-2.0:245): GLib-GObject-WARNING **: 05:00:55.353: invalid (NULL) pointer instance (wrapper-2.0:245): GLib-GObject-CRITICAL **: 05:00:55.353: g_signal_connect_data: assertion 'G_TYPE_CHECK_INSTANCE (instance)' failed (wrapper-2.0:245): Gtk-WARNING **: 05:00:55.353: Attempting to add a widget with type GtkToggleButton to a container of type XfcePanelPlugin, but the widget is already inside a container of type XfcePanelPlugin, please remove the widget from its existing container first. (wrapper-2.0:245): Gtk-WARNING **: 05:00:55.408: Negative content width -3 (allocation 1, extents 2x2) while allocating gadget (node button, owner GtkToggleButton) (wrapper-2.0:244): Gtk-WARNING **: 05:00:55.416: Negative content width -3 (allocation 1, extents 2x2) while allocating gadget (node button, owner PulseaudioButton) (DB) Selection owner change for _NET_SYSTEM_TRAY_S0 (wrapper-2.0:252): libactions-WARNING **: 05:00:55.421: Calling CanShutdown failed GDBus.Error:org.xfce.SessionManager.Error.Failed: Could not connect: No such file or directory (wrapper-2.0:252): libactions-WARNING **: 05:00:55.422: Calling CanRestart failed GDBus.Error:org.xfce.SessionManager.Error.Failed: Could not connect: No such file or directory (xfce4-session:127): xfce4-session-WARNING **: 05:00:55.423: failed to run script: Failed to execute child process “/usr/bin/pm-is-supported” (No such file or directory) (xfce4-session:127): xfce4-session-WARNING **: 05:00:55.426: failed to run script: Failed to execute child process “/usr/bin/pm-is-supported” (No such file or directory) (xfce4-session:127): xfce4-session-WARNING **: 05:00:55.428: failed to run script: Failed to execute child process “/usr/bin/pm-is-supported” (No such file or directory) (wrapper-2.0:252): Gtk-WARNING **: 05:00:55.436: Negative content width -1 (allocation 1, extents 1x1) while allocating gadget (node button, owner XfceArrowButton) ```

The logs from TurboVNC looks similar to the logs from TigerVNC, also including some CRITICAL entries:

``` _XSERVTransmkdir: ERROR: euid != 0,directory /tmp/.X11-unix will not be created. Xvnc TigerVNC 1.12.0 - built 2024-01-23 19:20 Copyright (C) 1999-2021 TigerVNC Team and many others (see README.rst) See https://www.tigervnc.org for information on TigerVNC. Underlying X server release 12101004, X.Org Fri Mar 8 05:16:04 2024 vncext: VNC extension running! vncext: Listening for VNC connections on /tmp/tmp383yf_8r/vnc-socket (mode 0600) vncext: Listening for VNC connections on local interface(s), port 5901 vncext: created VNC server for screen 0 [mi] mieq: warning: overriding existing handler (nil) with 0x55b551573b90 for event 2 [mi] mieq: warning: overriding existing handler (nil) with 0x55b551573b90 for event 3 Connections: accepted: /tmp/tmp383yf_8r/vnc-socket 3NI3X0 New Xtigervnc server '3abbc879c03b:1 (jovyan)' on port 5901 and unix socket /tmp/tmp383yf_8r/vnc-socket for display :1. 3NI3X0 Use xtigervncviewer -SecurityTypes None :1 to connect to the VNC server. VNCSConnST: Failed to flush remaining socket data on close: write: Broken pipe (32) VNCSConnST: closing /tmp/tmp383yf_8r/vnc-socket: write: Broken pipe (32) EncodeManager: Framebuffer updates: 0 EncodeManager: Total: 0 rects, 0 pixels EncodeManager: 0 B (1:-nan ratio) Connections: closed: /tmp/tmp383yf_8r/vnc-socket ComparingUpdateTracker: 0 pixels in / 0 pixels out ComparingUpdateTracker: (1:-nan ratio) Connections: accepted: /tmp/tmp383yf_8r/vnc-socket SConnection: Client needs protocol version 3.8 SConnection: Client requests security type None(1) VNCSConnST: Server default pixel format depth 24 (32bpp) little-endian rgb888 VNCSConnST: Client pixel format depth 24 (32bpp) little-endian bgr888 _IceTransmkdir: ERROR: euid != 0,directory /tmp/.ICE-unix will not be created. xfce4-session: No SSH authentication agent found gpg-agent[157]: directory '/home/jovyan/.gnupg' created gpg-agent[157]: directory '/home/jovyan/.gnupg/private-keys-v1.d' created gpg-agent[158]: gpg-agent (GnuPG) 2.2.27 started (xfwm4:159): GLib-CRITICAL **: 05:16:05.279: g_str_has_prefix: assertion 'prefix != NULL' failed (xfwm4:159): xfwm4-WARNING **: 05:16:05.608: Another compositing manager is running on screen 0 (xfsettingsd:175): libupower-glib-WARNING **: 05:16:05.631: Couldn't connect to proxy: Could not connect: No such file or directory (xfsettingsd:175): GLib-CRITICAL **: 05:16:05.640: g_str_has_prefix: assertion 'prefix != NULL' failed (xfsettingsd:175): GLib-GObject-CRITICAL **: 05:16:05.641: g_value_get_string: assertion 'G_VALUE_HOLDS_STRING (value)' failed (xfsettingsd:175): GLib-GObject-CRITICAL **: 05:16:05.642: g_value_get_string: assertion 'G_VALUE_HOLDS_STRING (value)' failed (xfsettingsd:175): GLib-GObject-CRITICAL **: 05:16:05.645: g_value_get_string: assertion 'G_VALUE_HOLDS_STRING (value)' failed ** (xiccd:194): CRITICAL **: 05:16:05.931: Failed to connect to colord: Could not connect: No such file or directory (xfce4-session:120): xfce4-session-WARNING **: 05:16:05.934: Unable to launch "xfce4-screensaver" (specified by autostart/xfce4-screensaver.desktop): Failed to execute child process “xfce4-screensaver” (No such file or directory) Connection failure: Connection refused pa_context_connect() failed: Connection refused (polkit-gnome-authentication-agent-1:195): polkit-gnome-1-WARNING **: 05:16:05.946: Error getting authority: Error initializing authority: Could not connect: No such file or directory (xfdesktop:191): GVFS-RemoteVolumeMonitor-WARNING **: 05:16:06.028: remote volume monitor with dbus name org.gtk.vfs.UDisks2VolumeMonitor is not supported ** (xfdesktop:191): WARNING **: 05:16:06.071: Failed to get system bus: Could not connect: No such file or directory xfce4-panel-Message: 05:16:06.090: Plugin "(null)-7" was not found and has been removed from the configuration xfce4-panel-Message: 05:16:06.092: Plugin "power-manager-plugin-9" was not found and has been removed from the configuration (wrapper-2.0:248): GLib-GIO-CRITICAL **: 05:16:06.585: g_file_new_for_path: assertion 'path != NULL' failed (wrapper-2.0:248): GLib-GIO-CRITICAL **: 05:16:06.585: g_file_monitor_file: assertion 'G_IS_FILE (file)' failed (wrapper-2.0:248): GLib-GObject-WARNING **: 05:16:06.585: invalid (NULL) pointer instance (wrapper-2.0:248): GLib-GObject-CRITICAL **: 05:16:06.585: g_signal_connect_data: assertion 'G_TYPE_CHECK_INSTANCE (instance)' failed (wrapper-2.0:248): Gtk-WARNING **: 05:16:06.585: Attempting to add a widget with type GtkToggleButton to a container of type XfcePanelPlugin, but the widget is already inside a container of type XfcePanelPlugin, please remove the widget from its existing container first. (wrapper-2.0:255): libactions-WARNING **: 05:16:06.627: Calling CanShutdown failed GDBus.Error:org.xfce.SessionManager.Error.Failed: Could not connect: No such file or directory (wrapper-2.0:255): libactions-WARNING **: 05:16:06.627: Calling CanRestart failed GDBus.Error:org.xfce.SessionManager.Error.Failed: Could not connect: No such file or directory (xfce4-session:120): xfce4-session-WARNING **: 05:16:06.629: failed to run script: Failed to execute child process “/usr/bin/pm-is-supported” (No such file or directory) (xfce4-session:120): xfce4-session-WARNING **: 05:16:06.631: failed to run script: Failed to execute child process “/usr/bin/pm-is-supported” (No such file or directory) (wrapper-2.0:248): Gtk-WARNING **: 05:16:06.632: Negative content width -3 (allocation 1, extents 2x2) while allocating gadget (node button, owner GtkToggleButton) (xfce4-session:120): xfce4-session-WARNING **: 05:16:06.633: failed to run script: Failed to execute child process “/usr/bin/pm-is-supported” (No such file or directory) (wrapper-2.0:255): Gtk-WARNING **: 05:16:06.649: Negative content width -1 (allocation 1, extents 1x1) while allocating gadget (node button, owner XfceArrowButton) (wrapper-2.0:247): Gtk-WARNING **: 05:16:06.654: Negative content width -3 (allocation 1, extents 2x2) while allocating gadget (node button, owner PulseaudioButton) Fri Mar 8 05:19:28 2024 Connections: accepted: /tmp/tmphhixngku/vnc-socket SConnection: Client needs protocol version 3.8 SConnection: Client requests security type None(1) VNCSConnST: Server default pixel format depth 24 (32bpp) little-endian rgb888 VNCSConnST: Client pixel format depth 24 (32bpp) little-endian bgr888 ```

Not configuring port?

Turbo VNC reported:

08/03/2024 05:00:52 Listening for VNC connections on TCP port 5901

jupyter-server-proxy reported:

127.0.0.1 - - [08/Mar/2024 05:00:52] Failed to connect to 127.0.0.1:55791: [Errno 111] Connection refused

I think we start TurboVNC without detailing what port it should listen to, and that is the issue. Sure we can't use a unix socket - but we need to specify a port.