One of the issues that we find in the research teams is how, given a new software tool, we install it on the computers of all the investigators. Usually, we must call the IT department, create the incident ticket, let them come and install the application and the dependencies of this application, etc. Then if a new researcher joins the team and needs the application, the same procedure is applied again. Something similar happens if you have to update the application to a new version.

In our platform, we have solved this by creating Docker containers that can be accessed through the web. What are Docker containers? It is an Open Source project designed to create lightweight and portable containers for applications so that they can run on any operating system with Docker installed, for more information you can consult https://www.docker.com/.

To access the web interface we install in the container a VNC web client. In this particular case, we use noVNC. So in the Dockerfile of the image, you must put the following lines:

ENV NOVNC=/opt/noVNC

RUN git clone --depth 1 --branch v1.0.0 https://github.com/novnc/noVNC.git $NOVNC && \
    git clone --depth 1 --branch v0.8.0 https://github.com/novnc/websockify.git \ 
   $NOVNC/utils/websockify && find ${NOVNC} -name ".git*" | xargs rm -rf &&  \
    ln -s $NOVNC/vnc.html $NOVNC/index.html 

In Reixmor we try to use the non-root containers and bash containers to define a more complex startup behavior.

USER reixmor
WORKDIR /home/reixmor
EXPOSE 5901 6080 
ENTRYPOINT ["/opt/startscript/start.sh"]

In the start.sh we call the script vncpass.sh

#!/bin/bash
printf "${DEFAULT_VNC_PASSWORD}\n${DEFAULT_VNC_PASSWORD}\n\n" | vncpasswd

Where DEFAULT_VNC_PASSWORD is an environment variable used to store the VNC access password, in the start.sh we have

# Create VNC Password
vncpass.sh  > /dev/null 2>&1

cd $HOME   
echo "source /etc/profile.d/bash_completion.sh" >> ~/.bashrc
/usr/bin/vncserver -localhost no > /dev/null 2>&1 
/opt/noVNC/utils/launch.sh --vnc localhost:5901 > /dev/null 2>&1  

Then execute the docker run command

docker run -it --rm  -e RUN_AS="1001"  \ 
           -e DEFAULT_VNC_PASSWORD="password123"  \
           -p 5901:5901 \
           -p 6080:6080 \
           .....

Open the url http://localhost:6080/vnc.html

Click in Connect and type your VNC password

Type the vnc password and your desktop interface is shown. It is recommended that the visual interface that is displayed consumes few resources, such as xfce.

Using this procedure you can create multiples docker images with different tools. This allows us to say that the only requirement is to have a web browser and an account in our system. You can contact me for further information.

Categories:

Tags:

Comments are closed