Install Ubuntu Desktop Docker Using Portainer and Access it From Browser (VNC/noVNC) (x86) - NETSEC

Latest

Learning, Sharing, Creating

Cybersecurity Memo

Tuesday, February 23, 2021

Install Ubuntu Desktop Docker Using Portainer and Access it From Browser (VNC/noVNC) (x86)

It will be helpful for the testing if you have a Linux Desktop environment in the cloud. But I do not want to install a desktop environment to pollute my Linux installation. If I can get a docker environment and let Linux Desktop running inside, that would be a perfect solution. 

Recently I found one Github project "docker-ubuntu-vnc-desktop" to show how to get your own Ubuntu Desktop in the docker. I decided to use Portainer to manage this docker as I did for other docker image. Here are all my steps to get it working. 


Note: The dockers in this post is good for x86 architecture. If you are looking for Arm based docker image, check post: https://blog.51sec.org/2021/07/run-free-arm-based-oracle-linux-with-1.html

Change System Swap File Size

It is usually same size as your RAM. But if your RAM is less than 1GB, you can make your swap file size double.


wget https://raw.githubusercontent.com/51sec/swap/main/swap.sh && bash swap.sh
Follow the prompt to add or delete your swap file size. You do not need to reboot and it will take into effect right away.


Install Docker and Docker Compose

1  Update Package list and Upgrade Packages for Ubuntu 18.04

Update and Upgrade Ubuntu to latest 

$ sudo apt-get -y update && sudo apt-get -y upgrade

2  Install Docker on Ubuntu

sudo apt install docker.io -y
sudo -i
systemctl start docker
systemctl enable docker
docker version
3  Install Docker Compose on Ubuntu

Here is an example using version 1.19.0. You might want to check current release (current is 1.28.2) to update the command. 

root@ip-172-31-28-5:~# curl -L "https://github.com/docker/compose/releases/download/1.19.0/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
  % Total    % Received % Xferd  Average Speed   Time    Time     Time  Current
                                 Dload  Upload   Total   Spent    Left  Speed
100   651  100   651    0     0   7076      0 --:--:-- --:--:-- --:--:--  7076
100 8288k  100 8288k    0     0  4671k      0  0:00:01  0:00:01 --:--:-- 7520k
root@ip-172-31-28-5:~# chmod +x /usr/local/bin/docker-compose

root@ip-172-31-28-5:~# docker-compose version
docker-compose version 1.19.0, build 9e633ef
docker-py version: 2.7.0
CPython version: 2.7.13
OpenSSL version: OpenSSL 1.0.1t  3 May 2016
root@ip-172-31-28-5:~#


If it is CentOS, the commands to install Docker are different, but for Docker Compose, they are same:

For CentOS 7 install Docker:

sudo -i
yum -y update
curl -sSL https://get.docker.com/ | sh
systemctl start docker.service
systemctl enable docker.service
For Ubuntu 20.04 version


#Ubuntu 20.04
sudo apt install docker.io
sudo apt install docker-compose


Install Portainer

Commands to install latest Portainer Docker. 

docker volume create portainer_data
docker run -d -p 9000:9000 --name portainer --restart always -v /var/run/docker.sock:/var/run/docker.sock -v portainer_data:/data portainer/portainer
docker ps
Use your browser to access URL http://<public ip of your linuxserver>:9000
First time, it will ask you to set up admin user's password.



Command to Launch Docker-Ubuntu-VNC-Desktop 

Originally from docker-ubuntu-vnc-desktop, the command to run this docker is :

docker run -p 6080:80 -v /dev/shm:/dev/shm dorowu/ubuntu-desktop-lxde-vnc
With http basic authentication password for root user:

docker run -p 6080:80 -e HTTP_PASSWORD=mypassword -v /dev/shm:/dev/shm dorowu/ubuntu-desktop-lxde-vnc

The container has been set to use host's Shared Memory Directory, /dev/shm.

Another interesting Docker file we can take a look is from imlala/ubuntu-xfce-vnc-novnc:

version: '3.5'

services:
    ubuntu-xfce-vnc:
        container_name: xfce
        image: imlala/ubuntu-xfce-vnc-novnc:latest
        shm_size: "1gb"
        ports:
            - 5900:5900
            - 6080:6080
        environment: 
            - VNC_PASSWD=mypassword
            - GEOMETRY=1280x720
            - DEPTH=24
        volumes: 
            - ./Downloads:/root/Downloads
            - ./Documents:/root/Documents
            - ./Pictures:/root/Pictures
            - ./Videos:/root/Videos
            - ./Music:/root/Music
        restart: unless-stopped


Command to Launch Docker-Ubuntu-VNC-Desktop 


Note: https://github.com/kejilion/docker/blob/main/Ubuntu%20Novnc
docker run -d \
  --name ubuntu-novnc \
  -p 6080:80 \
  -v $PWD:/workspace:rw \
  -e HTTP_PASSWORD=P12345 \
  -e RESOLUTION=1280x720 \
  --restart=always \
  fredblgr/ubuntu-novnc:20.04


Use Portainer to Launch Docker-Ubuntu-VNC-Desktop 

Create a new container from Portainer Containers page:






Set restart policy to Unless stopped.

Environment variables:
for security, we can add one variable, HTTP-PASSWORD, value is the any password you want to set. HTTP-PASSWORD is for user root. 


Now, using a browser to browse to http://<Public IP>:6080




For CentOS 7 To Install noVNC


Enable snapd

Snap is available for CentOS 7.6+, and Red Hat Enterprise Linux 7.6+, from the Extra Packages for Enterprise Linux (EPEL) repository. The EPEL repository can be added to your system with the following command:

  • sudo yum install epel-release
Snap can now be installed as follows:

  • sudo yum install snapd

Once installed, the systemd unit that manages the main snap communication socket needs to be enabled:

  • sudo systemctl enable --now snapd.socket

To enable classic snap support, enter the following to create a symbolic link between /var/lib/snapd/snap and /snap:

  • sudo ln -s /var/lib/snapd/snap /snap

Either log out and back in again, or restart your system, to ensure snap’s paths are updated correctly.


Install noVNC

To install noVNC, simply use the following command:

  • sudo snap install novnc


References









2 comments:

  1. Hello
    I love your article.
    I was wondering what to do if I want to run multiple containers on the same VM.
    And Also enable the password to log into the docker VM.

    ReplyDelete
  2. Great!!
    Just getting one error:
    Line 74
    /etc/docker/daemon.json No such file or directory
    How do I fix this?

    Would love to see a Debian version also.

    Thanks!

    ReplyDelete