How to Stream Apps and Desktops Using Kasm Workspaces

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hi i'm dj ware on this episode of the cyber gizmo i'm going to be looking at a solution that allows me to stream applications and complete linux desktops all using docker right after this [Music] so one of the things that you know we always talk about is using containers in order to be able to provide an additional layer of security as well as being able to provide additional capabilities in order to host additional things that you normally wouldn't be able to do but one of the solutions that allows you to stream containers and to stream the applications and the desktops to end users is chasm workspaces so that's what we're going to be looking at today chasm workspaces is a free and open source platform however i always have a trouble saying free and open source when it is a commercial application it is licensed and there's different ways you can do this so you can either self-host or you can go to a server sell software as a service which of course that's a cloud environment or you can go per user or concurrent session so however you want to license it they do offer this community of version which is free it has all the all of these features except it doesn't provide custom branding it doesn't do web categorization and it doesn't do dynamic scaling now dynamic scaling means that in this case that i have multiple servers that are running the chasm workspaces and i'm distributing my load equally across this the remote workspaces allows me to provide desktop as a service to employees and vendors so this would mean that these would be remotely hosted onto the cloud and then you have app streaming as well so browser isolation to protect what sites you're going to and also your whenever you're running applications or desktops that yeah you are actually running running those inside the browser so you can't obviously save documents to your local machine so that gives an additional layer of protection because you're not able to transmit malware in that way so the documentation uh will take you over here that i'm gonna go to the this version of the uh architecture so your end users are are accessing by a browser and there's a number of browsers that they support including mobile there's a the set the chasm server which provides the api the managerial service the proxy the database which and also the agent this also manages your persistence layer if you turn it on so by default though any of these sessions are non-persistent meaning that i cannot save data inside that session you can you can use uh 443 you can change that if you have a server that you're using that already has 443 and used for something else as far as system requirements are concerned for the server you need to have an operating system installed that is either ubuntu 1804 2004 uh and it has to be amd or arm 64. uh debian 910 or 11 same thing sent to os 7 or 8 so red hat will work rocky should work and oracle linux 7 and 8. i just think they don't have those listed simply because they haven't tested them resource requirements it takes two course at least this is now remember this is minimum memory to four gig storage uh 50 gig and it does have to be ssd because you're obviously wanting this to be as fast as possible uh when you're using this so yeah uh as far as the docker images 1806 or and docker compose greater than two you don't have to worry about installing those the install script will take care of that for you as far as end user requirements you do have uh this would be for uh desktop chrome 49 plus edge 14 plus firefox 48 plus so on so yeah those are i mean that gives you a pretty good range there as far as mobile is concerned it says that audio is not supported on mobile browsers so um i will be installing this on proxmox as far as what do i need let's go ahead and get started with the documentation here i'm going to need to download and i'm going to i'm just going to save the i'm just going to copy the link address and then i'm going to that's my local host this is the chasm server so what do we need to do here so first thing i'll need to do is a wget on this uh that address and it's coming off of an amazon server so i can go ahead download that that's not really too big but i don't really need that i already have it right here so that's just a tar file so zx and then we'll do a chasm now they recommend that you do this in temp uh yeah you could do that i guess i'm just gonna do it in my home folder and then i'll get rid of this when i'm done so like i said though they they they do updates on this particular software every day and then i will it'll create a directory called chasm release and here so i can do at this point i'm going to do in a sudo install that shell now if i want to move this port to something else like 8443 i could do that right here by doing the minus l now i'm not going to do that i'm just going to let it default alright so it's going to ask me to look at the license agreement this is not installed on the machine so we'll go ahead and get the packages down that we need first it goes through everything you don't have to do anything at this point it will completely set up populate the databases load the images the docker images get them started start up all of the services that it needs set up nginx which is the web server that it is using uh to be the the gui uh the user interface that you would be talking with in order to administer uh chasm workspaces we're done and you'll notice that the last thing it did was it told me the swap file exists it it would have tried to create that for me but it only creates a one gig of one if you don't have one so this part right here you'll want to keep and put in this password that i just copied and i'm under the administrative user so the first thing i see as an administrative user is the dashboard the dashboard gives you some information about you know how many failed logins created sessions successful logins yada yada yada so the first thing i'm going to want to do is uh well let's see first thing i'm going to want to do is go to my users folder here i'll come back to the dashboard in a second i want to reset my password for admin and as soon as i submit this it's going to kick me out of the system so now i can put in my new password and log back in so my now as far as the user is concerned i'm going to destroy that one and then i will add my user back if i had a realm i could enter that any notes if i want to reset my two-factor authentication secret i can do that so we'll go ahead and submit that and you'll these two users are now created i can go to groups and there's an administrative group and then there's this everybody else is in here so i can i can add a group and the groups are used to manage permissions you can set up different views into the system so i could create a custom set of images or applications that i want these particular users to be able to access to for example maybe if it's a developer group i create editors and test systems access and all that i might for accounting i might give them access to the financial information into whatever systems i'm using for accounting or payroll or whatever that might be but i would not allow anyone else in access to that group so i can protect not only the images that the particular group or you can also assign it to specific users as well so you can manage all of that agents uh yeah i don't think there's really a whole lot going on here as to what the agents are doing this is your communication mechanism between your images and the front end which is the this chasm workspace you're looking at here so the managers that you have currently i only have one host that's up and running if i had multiple hosts they would show up here and i could then you could manage the them as a cr as one just my deployment zone and now in my version of this i can't really use that staging allows me to stage images to so that users or groups will have faster access to them so it's kind of a quick load if you will i don't have to wait for it to spin up the container casting allows me to use a url you can see it right here pound cast i can define a cast and then if i go to that url it will automatically start an image a specific image yeah and there's also a there's a cast and then there's another one that's just go with slash go and that's the default so you can also have it if i put in the url slash go it'll just start up whatever session i have for that's defined for me sessions that are currently running these are all the images that are currently deployable once they are deployed because you can see that some of these are not enabled so let's just let's just go to another page here get kali linux you'll notice that it's not enabled and i this is kind of weird that i can't click enable here and turn it on instead i have to actually go edit this one you can also clone these two if you want to start with one and then configure it differently so in order to enable this i actually have to do this now if i want to pass my gpu to this i can so i'm going to start that up now if i go back to my dashboard and go to workspaces here you'll see kali linux is now here however you'll notice this triangle it says that it has not been detected on an agent so in other words it's not loaded up yet it's not downloaded so it says come back again in a little while and check this again or go check you with your administrator this just means that the chasm is in the background is working to download the docker image install it and configure it and get it ready to exit and to get it ready to start up so yeah that's all that means now as far as developers these allow me to create api keys so that i can leverage the chasm workspaces api there's filters that you can create there's branding which of course doesn't work on my version of this because it's not enabled uh you do have authorizations that you can perform now here's your cast setup and all of that um it this can communicate with back-end servers such as i mean i can authenticate to ldap i have saml so the system information about what it's running on and so forth what kind of license i have and what my limits are and then of course there's logging as well so let me log out as a administrator and we'll log in as a user so you can see the view that you would have of this so this would be how you would be presented to your users and this is the default because i remember everybody is in the default group so i can pair this down if i don't want to give grant blanket access to everybody i can pare this down a bit so let's take a look at brave here let's go ahead and bring up brave and i could get rid of some of this the display stuff that's happening here so this is the initial launch of brave and it's saying okay it runs completely private and blah blah blah got it i can do that so we can then we can then use the so if you want to use brave search engine you can replace it but remember you'll have to do that every time so also if i bookmark this page let's say that i'm going to add a bookmark to this we'll bookmark this tab should be showing up right here so it's bookmarked now however the next time i come back in here it will be gone this right here you'll notice this little pull out this allows me to set certain options that i'm allowed to set here now i can i can set my streaming quality i can now i can turn off and on these things but i don't really have a lot of things i can do here i can't for example control audio you have to be an administrator for that but i don't know yeah local cursor show keyboard console auto so if you're on a tablet device you might need the keyboard to come up and whatnot streaming quality i can set that defaults to medium if i want if i'm working on a graphics application and i need additional uh i need additional uh clarity to the images i can always go to high or extreme for that if i'm working on text if i'm just in a terminal window i might turn it down to do that so i have two things i can do here i can return and you'll notice that when i return i have an active session here and you'll notice it's been up for two minutes and it is also going to expire in 57 minutes so the chasm workspaces will automatically destroy this so let's go ahead and delete it we'll go ahead and that just means shut it down and burn all the stuff i just did so now if i come back into brave it's probably going to give me the default message over again yep i gotta go set everything up again and you'll notice that my bookmark is now gone so there's no persistence is basically the thing that you need to take away from that so we'll go ahead and delete the session and that'll automatically return me and there won't be anything here now kali i just brought down let's and it's ready now because the the little triangle with the exclamations the point is gone so as you can see there's also full desktops for uh centos and then there's also one for there's also one for ubuntu as well i mean i have access to all of my tools for cali here and so forth now one thing uh don't do that because the last time i did that on cali it went it just went to a black screen and never came back again so i would recommend just go here and then when you're if you want to resume it you can and if you don't want to resume it you can just trash it delete it and it's gone so you you'll see that uh there's quite a few here i mean there's only office there's romina signal slack sublime terminal if you're if you had people that were just doing you know access to servers or server admins then maybe that's all they need however you'll probably want to turn on persistence there since you'll probably have keys that you want to save and all that stuff there is a tour connection and let's take a look at ubuntu and try that and you'll notice that you can configure your desktops ahead of time so this is taking what they've done here there are core releases i guess probably the thing to do is to go out that's not really what i'm looking for there we go so what they've done here is this is a basic uh install of ubuntu bionic so this doesn't have any additional applications beyond the default that ubuntu installs so if you want additional ones what they have done over here is they've gone ahead and set up and installed all of these applications and then created a new image from this core that has everything in it so that's the way they recommend that you build up your own versions of of the system is that you start with a core and then you build it up the way you want it and how about we go to brave if you want to set up persistence you'll need a profile path path to do that so you'll need to have some directory on the host system or on the network that you are using to preserve the persistent information here's here's how to set up your persistent profiles and you can have them specific to the user so if i am creating a persistent profile for me and i want it to work for you i can insert a username variable which would get replaced by my user id or your user id so that each of us have our own yeah and then we would allow the setting a while persistent profile that's pretty much all i had for today i mean chasm offers kind of a virtual desktop interface or or yeah and it gives you the ability to you can use your browser on your local machine and you can isolate where it goes based on the like if i was connecting to another browser then i would be isolating the browser on my workstation from the internet so yeah and then anything that was maliciously copied down to the browser would be on chasm and that would be destroyed the minute i i left and deleted the session so yeah and but you know you do have to be aware that if you do have persistent data then you'd be careful that that doesn't happen uh and also i can expose desktops so that i can have a virtual desktop interface i have different levels of that so if i need graphics engine support i can add that to the image and allow that to happen so it's an interesting piece of software i think i'm gonna i'm gonna i'm i know i'm gonna be using this and i know i'm gonna put it into my workflow uh i've been looking for something like this for quite some time and uh yeah it's been sitting there for a couple of years now and just haven't discovered it so i hope you enjoyed this video today on chasm workspaces if you did please like and subscribe hope to see you all again real soon and as always bye for now [Music] [Applause] [Music] you
Info
Channel: DJ Ware
Views: 6,712
Rating: undefined out of 5
Keywords: DJ Ware, CyberGizmo, Linux, VDI, Streaming Apps, Streaming Desktops, Docker, KASM Workspaces, Virtual Desktop Infrastructure
Id: JPuhCtweh8o
Channel Id: undefined
Length: 22min 15sec (1335 seconds)
Published: Wed Jan 26 2022
Related Videos
Which Linux filesystem is best in 2022?
DJ Ware
75K
KASM Workspaces | Streaming containerized apps and desktops to end-users | Proxmox Home Server
MRP
10K
Kasm Workspaces Simplified: The Essential Guide for New Users
Learn Linux TV
56K
Looking for a Remote Desktop App - That Works (Fixed Version)
DJ Ware
27K
100+ Docker Concepts you Need to Know
Fireship
825K
KASM: Isolated Disposable Remote Workspace Via Your Browser
Novaspirit Tech
46K
Kasm Workspaces - Create Custom Images
Kasm Workspaces
14K
Build a custom Linux Desktop in Docker!
Christian Lempa
65K
Computex - AI means "All In"
DJ Ware
1.5K
Questions to Answer when Choosing a Linux Distro
DJ Ware
4.9K
Kasm Workspaces - User Guide
Kasm Workspaces
6.4K
Wayland vs X11
DJ Ware
147K
access EVERYTHING from your web browser!! (Linux and Windows Desktop, SSH) // Guacamole Install
NetworkChuck
1.6M
End of Support: Windows 10 - What to do
DJ Ware
297K
Step into Linux without Becoming Marooned
DJ Ware
13K
Kasm Workspaces v1.12.0
DJ Ware
3.1K
Cloudflare Tunnels: Getting Started with Domains, DNS, and Tunnels
DB Tech
137K
Power Apps Model Driven Apps FULL COURSE for Beginners
Lisa Crosbie
451K
What's New in FreeBSD 14.1?
DJ Ware
11K
Best Docker Containers in 2024
VirtualizationHowto
88K
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.