1 / 16

Remote Operation of Light Source Beamlines with (Free)NX Zhijian Yin, Peter Siddons, NSLS, BNL

Remote Operation of Light Source Beamlines with (Free)NX Zhijian Yin, Peter Siddons, NSLS, BNL. Controls at NSLS Facility Beamlines What Is NX, FreeNX Cybersecurity Requirements at BNL Remote Operation with NX, ssh Tunneling Live Demo Concluding Remarks.

yadid
Télécharger la présentation

Remote Operation of Light Source Beamlines with (Free)NX Zhijian Yin, Peter Siddons, NSLS, BNL

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Remote Operation of Light Source Beamlines with (Free)NXZhijian Yin, Peter Siddons, NSLS, BNL • Controls at NSLS Facility Beamlines • What Is NX, FreeNX • Cybersecurity Requirements at BNL • Remote Operation with NX, ssh Tunneling • Live Demo • Concluding Remarks

  2. Controls at NSLS facility Beamlines:Light Source Beamlines

  3. Controls at NSLS facility Beamlines:A Typical Beamline Layout

  4. Controls at NSLS Facility Beamlines: Typical Network Configurations • EPICS based, VME IOC for motor/scaler/ADC etc. • Linux workstation, running EPICS clients • Dual NIC cards:eth0: to interneteth1: private network for instrumentation VME EPICS IOC eth0: BNL network 130.199.192.x eth1: 172.16.1.x

  5. What is NX, freeNX • X is a network protocol, X remote display, “ssh -XC”can be used for remote monitoring/operation • Issues: • too much round trip traffic, network latency • long distance, unresponsive • To achieve fast response the NX way: • Efficient compression • Proxy server and cache-files to reduce round trip x-traffic

  6. What is NX, freeNX: Continued • Products at Nomachine.com:Servers – Personal server (2 connections) free - Business server $$$Client – closed source, but freely downloadable Windows, Linux, MacNoMachine.com provides support • Nomachine.com GPLed the core library • FreeNX: based on the core library, a suite of shell scripts to make a GPLed NX server. Clients is in the works.FreeNX server works with NoMachine clients

  7. What is NX, freeNX: Procedures • Setup freeNX server, download packages (rpm, deb, etc.) • Download NX clients from NoMachine.com • Configure NX client

  8. What is NX, freeNX: Remote Desktop Screen

  9. Cybersecurity Requirements at BNL:Perimeter Defense

  10. Cybersecurity Requirements at BNL:Ways for Remote Access • Employees: VPN, ssh gateway • Users: ssh gateway only • Outside of BNL: • ssh to ssh gateway (linux server) • ssh from ssh gateway to the beamline machine

  11. Remote Operations With NX: Through Ssh Gateway: Ssh Tunneling • Ssh tunneling • Procedures: • Unix: ssh -L localport:remotehost:ssh_port# username@ssh_gateway • Windows: Putty, similar configuration • Now to ssh to the remote host can be achieved byssh localhost -p localport -l username • With ssh tunneling, configure nxclient to use localhost

  12. Remote Operations with NX: Putting It Together • First set up ssh tunnel: • Example: ssh -L 3322:lsx21pc.nsls.bnl.gov:22 zyin@ssh.bnl.gov(leave the terminal open) • Windows: configure Putty or other ssh clients • Next configure NoMachine Client, to use host “localhost” and port 3322

  13. Remote Operations with NX: Putting together • Create ssh tunnel:remote host port 22 map to localhost: 3322through ssh gateway,ssh -L 3322:lsx21pc.nsls.bnl.gov:22 zyin@ssh.bnl.gov • Leave the terminal open • Configure NoMachine NX clientlocalhost port 3322

  14. Remote Operations with NX: Live Demo • Remote login to my office, or a beamline • Checking with webcam locally connected (private network) • Move some motors, check scalers • Run some other applications

  15. Concluding Remarks • Secure (all traffic through ssh) • Fast response • Generic solution: Configure, no programming • Open source server, free downloadable multi-platform clients (Windows, Mac, Linux) • Almost all x-windows programs run fine • Problems: • application specific fonts: set up font servers • use blank screensaver (to reduce resource usage) • Linux hosts: straight forwardOther Unix flavors: setup a Linux server, as a “stepping stone”

  16. Acknowledgement • Developers at Nomachine.com • FreeNX package developers/maintainers • BNL colleagues for testing and feedback

More Related