Conventions and Tools » History » Version 47
Leon Mualem, 05/27/2019 07:48 PM
updated server configs and deleted obsolete configs for detectors that no longer exist.
| 1 | 1 | Peter Shanahan | h1. Conventions and Tools |
|---|---|---|---|
| 2 | 1 | Peter Shanahan | |
| 3 | 1 | Peter Shanahan | h2. Overview |
| 4 | 1 | Peter Shanahan | |
| 5 | 1 | Peter Shanahan | The user interface environment to the DAQ system is hosted in VNC servers running on DAQ cluster computers at various sites. Users interact with these via VNC viewers hosted on control room desktops, and for experts, on their own desktop or laptop. |
| 6 | 1 | Peter Shanahan | |
| 7 | 46 | Leon Mualem | The NovaControlRoom package contains icons and scripts to automatically set up the needed ssh tunnels, and launch the VNC viewers. |
| 8 | 9 | Peter Shanahan | |
| 9 | 1 | Peter Shanahan | |
| 10 | 10 | Peter Shanahan | h3. VNC Viewers |
| 11 | 10 | Peter Shanahan | |
| 12 | 10 | Peter Shanahan | |
| 13 | 46 | Leon Mualem | The command to start a viewer is in the script launched by the desktop icons, but the underlying command is of the form |
| 14 | 10 | Peter Shanahan | <pre> vncviewer -Fullscreen -Shared -passwd ~/.vnc/passwd :<NN> </pre> |
| 15 | 10 | Peter Shanahan | where |
| 16 | 10 | Peter Shanahan | <pre> -Fullscreen # starts in full screen mode |
| 17 | 30 | Matthew Strait | -Shared # keeps other users from getting disconnected from the server when you connect |
| 18 | 10 | Peter Shanahan | NN # two-digit port number (relative to 5900) </pre> |
| 19 | 9 | Peter Shanahan | |
| 20 | 13 | Peter Shanahan | h2. Conventions |
| 21 | 1 | Peter Shanahan | |
| 22 | 4 | Peter Shanahan | h3. VNC Servers |
| 23 | 4 | Peter Shanahan | |
| 24 | 47 | Leon Mualem | In the current model (as of 2019-05-27), we employ 2 VNC servers for each detector, 2 expert desktops, and one for synoptic displays. In order to allow for different desktop environments on a single host machine, each VNC server on is run under a different account, using a dedicated port. We tend to use certain servers for particular functions, but this is subject to change. |
| 25 | 1 | Peter Shanahan | |
| 26 | 47 | Leon Mualem | The table below gives the machine, account, and port information for the stations used at a Remote Operation Center (ROC): |
| 27 | 1 | Peter Shanahan | |
| 28 | 1 | Peter Shanahan | | *Station* |*Functions* | *Host* | *Account* | *Gateway* | *Remote Port* | *Gateway Port* | *Local Port* | |
| 29 | 27 | Keith Matera | | 1 | FD Run Control |
| 30 | 47 | Leon Mualem | Message Logger | novadaq-far-master-02 | novacr01 | novadaq-far-gateway-01 | 5951 | variable | 5981 | |
| 31 | 31 | Matthew Strait | | 2 | FD Event Display |
| 32 | 1 | Peter Shanahan | Online Monitoring |
| 33 | 47 | Leon Mualem | APD Cooling GUI | novadaq-far-master-02 | novacr02 | novadaq-far-gateway-01 | 5952 | variable | 5982 | |
| 34 | 47 | Leon Mualem | | 3 | Synoptics | nova-cr-03 | novacr03 | novadaq-near-gateway-01 | 5953 | variable | 5973 | |
| 35 | 45 | Teresa Lackey | | 5 | ND Run Control |
| 36 | 47 | Leon Mualem | Message Logger| novadaq-near-master | novacr01 | novadaq-near-gateway-01 | 5951 | variable | 5991 | |
| 37 | 45 | Teresa Lackey | | 6 | ND Event Display |
| 38 | 27 | Keith Matera | Online Monitoring |
| 39 | 47 | Leon Mualem | APD Cooling GUI | novadaq-near-master | novacr02 | novadaq-near-gateway-01 | 5952 | variable | 5992 | |
| 40 | 47 | Leon Mualem | | -- | FD Expert Desktop | novadaq-far-master | novacr03 | novadaq-far-gateway-01 | 5953 | variable | 5983 | |
| 41 | 47 | Leon Mualem | | -- | ND Expert Desktop | novadaq-near-master | novacr03 | novadaq-near-gateway-01 | 5953 | variable | 5993 | |
| 42 | 27 | Keith Matera | |
| 43 | 47 | Leon Mualem | The *gateway* and *gateway port* are what you need to know to set up your own SSH tunnels so that you can view the sessions from your local machine. The gateway port can vary depending on the order the tunnels are set up. There are ROC scripts that determine the correct tunnel and can setup a new one if the tunnel does not exist. The *local port* is a recommendation for what port to use on your local machine. |
| 44 | 25 | Keith Matera | |
| 45 | 47 | Leon Mualem | The servers for each of these is set up to occupy a 1x2 monitor grid, with total pixel count 2560x2880. |
| 46 | 25 | Keith Matera | |
| 47 | 25 | Keith Matera | h3. ssh Tunnels |
| 48 | 25 | Keith Matera | |
| 49 | 25 | Keith Matera | ssh tunnels are required to access the port for a VNC server on a remote host (e.g., novacr01@novadaq-ctrl-master.fnal.gov for station 1 on NDOS) from a localhost (e.g., your laptop, or a control room desktop). Once launched, the tunnel can remain active indefinitely. The ssh command has the form |
| 50 | 25 | Keith Matera | <pre>ssh -L <local_port>:localhost:<remote_port> -N -f -l <remote account> <remote host> </pre> |
| 51 | 25 | Keith Matera | The ssh tunnel is authenticated using a kerberos ticket on the localhost, usually for a special use (i.e., non-personal) principle. That principle must be in the k5login file for the remote account, and the remote host must be directly reachable from the localhost (i.e., the localhost must be in the fnal.gov domain.) |
| 52 | 25 | Keith Matera | |
| 53 | 19 | Eric Flumerfelt | *EXPERTS ONLY* |
| 54 | 19 | Eric Flumerfelt | On Windows, using RealVNC Viewer (renamed to vncviewer.exe), MIT Kerberos for Windows, and plink; the following batch file (FarDet1.bat) connects to the first screen of the Far Detector: |
| 55 | 19 | Eric Flumerfelt | Start plink -ssh -L 5981:localhost:5981 <Principal>@<Gateway> "ssh -L 5981:localhost:5951 -N novacr01@novadaq-far-master-02.fnal.gov" |
| 56 | 1 | Peter Shanahan | pause |
| 57 | 1 | Peter Shanahan | start vncviewer -Shared -passwd passwd localhost:81 |
| 58 | 1 | Peter Shanahan | |
| 59 | 1 | Peter Shanahan | passwd is a file with the MD5'd VNC viewer password, and <Gateway> is a machine connected to the Fermilab network accessible from the outside. Using the tables above, it is possible to connect to any detector/station combination. |