VNC Server on Login-Nodes

If users like to work similarly as used to do with Remote Desktop (Windows) or comparable systems, this is also feasible on the LRZ Login Nodes. Please, be aware that there is not hardware acceleration available on these systems. Some software thus might not work. In those cases, please use the dedicated Remote Visualization Systems!

Caution:

Please, don't start several or many VNC servers unless this is really justified!
   You share the login nodes with other users!
Please, kill manually those VNC servers you started once you've finished your work!

   Every night, all running VNC servers are killed by the system - so safe your work in time!

Please, don't start elaborate processes (programs, simulations, ...) on the login nodes!
   The compute clusters or the Remote Visualization are available for these cases!

Getting started ...

We describe here only the mode which uses a VNC client on the local site. Please, download one.

The general workflow is as follows:

  • Login to a Login node
  • Prepare the VNC session (needs to be done only once)
  • Start the VNC server
  • Setup an SSH tunnel
  • Start the VNC viewer on local system (Laptop/PC)
  • Handling issues with XScreenSaver (see below)

And, once finished, kill the VNC server again.

Example Session

Login to LRZ login node:

local> ssh <LRZ Login-Node>

<LRZ Login Node>  is the DNS name of the login node you had to choose.

Prepare your VNC session (needs to be done only once!):

The 2nd command is of particular importance. It creates the file $HOME/.vnc/xstartup with entries for the start of the nicewm Window Manager. Without a valid xstartup file the vncserver will not be able to show a working graphical user environment in the local VNC-Client after establishing a VNC connection. The usually observed error pattern for a not working xstartup file is an all-black non-operational VNC window. In that case the user should check the xstartup settings.

remote> vncpasswd
remote> echo -e '
#!/bin/sh\n[ -x /etc/vnc/xstartup ] && exec /etc/vnc/xstartup\n[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources\nxsetroot -solid black\nicewm-session &'> .vnc/xstartup && chmod u+x .vnc/xstartup

The first command is used to set a VNC session password. It should be one safe enough, different from the SSH password! Once you forgot your VNC password, you can create a new one via vncpasswd.

Start VNC server:

remote> vncserver
New 'remote:2 (<user>)' desktop is remote:2

Starting applications specified in ~/.vnc/xstartup
Log file is ~/.vnc/remote:2.log

There is twofold information.

1) The display is chosen to be :2. But it can be any other number. Keep this information in mind.

2) The VNC server tells you that ~/.vnc/xstartup is executed.
    If you forgot to do the preparation steps, VNC server will create a default xstartup script for you. This will not work, however, and will show an all-black and non-operational VNC window on your screen!

Setup a SSH tunnel:

In a new terminal, (or with the same terminal if you know how to use SSH escape characters) create a SSH tunnel

local> ssh -L 12345:localhost:5902 <LRZ Login-Node>

It must be the SAME LRZ Login-Node as you started the VNC server on!
The local port 12345 is rather an arbitrary number. But you need to remember it when starting the VNC viewer.
The remote port 5902 is calculated as 5900 + <VNC display number>; in the above example, the display number was 2. Therefore: 5902.

Start the VNC Viewer:

Again on your local system, start the VNC viewer

local> vncviewer localhost:12345

The port number is the same as that chosen for the SSH tunnel!

XScreenSaver Issues:

After some time of inactivity the icewm Window Manager might activate a XScreenSaver, which requires a login/PW combination to get it unlocked again. Unfortunately there is a bug, so that the unlocking does not work with your LRZ user ID and password. Instead you can do the following in order to unlock and resume your VNC session.

First you go to an existing SSH connection to the login node, where you started the VNC server before. The SSH conncetion for the SSH tunnel should still be opened and is suitable for this purpose. In this SSH shell on the login node you can enter:

cm2loginX> ps axu | grep -i xscreensaver | grep $USER
# from the resulting output you should find the process ID (PID) of the running xscreensaver process on the login node; use this PID in the following command to get it killed
cm2loginX> kill -9 <PID>

After invoking the kill command, the VNC session should be unlocked again and you can resume to work.

Once finished ...

Kill the VNC server and logout.

remote> vncserver -kill :2

For killing the VNC session, you need to specify the correct display number via which you session is identified. If you forgot it, use vncserver -list to see your running VNC sessions.
During night, all VNC sessions are killed by the system. But it's good habit to kill it by oneself (after correctly saving the work and closing the open programs, ...)

Example of a Valid xstartup Script

The file $HOME/.vnc/xstartup should have a content similar to the following one:

#!/bin/sh +x
[ -r $HOME/.Xresources ] && xrdb $HOME/.Xresources
xsetroot -solid black
icewm-session &

The most important line is surely the last one, as here the icewm-session (window manager) is started. In principle, users can change this according to his/her own needs and to the available resources. The icewm Window Manager is installed and working on Linux Cluster login nodes. Whether other Window Managers work depends on the Login Node installation. But for most graphical purposes this simple Window Manager should be sufficient. Please keep in mind, that Login Nodes do not have an OpenGL Graphics Card support and therefore some GUI tools potentially need to be started in MESA mode (OpenGL emulation/compatibility mode).

Furthermore users are asked to keep an eye on their memory consumption and processor load on the login nodes. It is the responsibility of VNC users to make sure not to disturb other users of the Login Nodes, since they are provided for shared, i.e. non-exclusive usage!