๐Ÿณ KASM Workspaces Guide

Abstract

Streaming containerized apps and desktops to end-users.
The Workspaces platform provides enterprise-class orchestration, data loss prevention, and web streaming technology to enable the delivery of containerized workloads directly to your browser.


๐Ÿ” Overview

  • Product Type: Containerized Application Platform

  • Focus: Deliver secure, containerized desktop environments via web browser.

  • Use Cases:

    • Secure remote workspaces

    • Web-isolated browsing

    • Application sandboxing


๐Ÿ› ๏ธ Features

  • Web-Streamed Workspaces: Access apps and desktops directly in the browser.

  • Security: Built-in DLP and user session isolation.

  • Container Orchestration: Customize and control container behavior.

  • Docker Support: Import custom container images and registries.

  • SSL Management: Easily integrate self-signed or trusted certificates.


๐Ÿƒ Getting Started

Tip

Ensure Docker is installed and running before starting Kasm Workspaces setup.

๐Ÿ”’ Add Self-Signed SSL Certificates

๐Ÿ›‘ 1. Stop the Kasm services

sudo /opt/kasm/bin/stop

๐Ÿ“ 2. Replace certificate files

sudo cp <your_cert> /opt/kasm/current/certs/kasm_nginx.crt
sudo cp <your_key> /opt/kasm/current/certs/kasm_nginx.key

โ–ถ๏ธ 3. Start the Kasm services

sudo /opt/kasm/bin/start

๐Ÿ”ง Customization and Configuration

๐Ÿงฑ Custom Images

๐ŸŒ Docker Registry URL

https://index.docker.io/v1/

Tag Required

You must include a tag in your Docker image.
Kasm will not pull or launch the image properly without it.

๐Ÿ‹ Docker Run Config (Example)

{
  "cap_add": ["NET_ADMIN"],
  "devices": ["dev/net/tun", "/dev/net/tun"],
  "sysctls": {
    "net.ipv6.conf.all.disable_ipv6": "0"
  }
}

๐Ÿ› ๏ธ Troubleshooting

๐Ÿ’  Kasm Agent

Todo

Add Kasm Agent troubleshooting steps here.

๐Ÿ—„๏ธ Database Access

sudo docker exec -it kasm_db psql -U kasmapp -d kasm

๐Ÿงน Clean Up Invalid Users from user_groups

1๏ธโƒฃ Check the table for invalid entries

select * from user_groups;

Output

 user_group_id                          | user_id                               | group_id
----------------------------------------+----------------------------------------+----------------------------------------
 07c54672-739f-42d8-befc-bb2ba29fa22d   | 71899524-5b31-41ac-a359-1aa8a008b831   | 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
 e291f1f7-86be-490f-9f9b-3a520d4d1dfa   | 71899524-5b31-41ac-a359-1aa8a008b831   | b578d8e9-5585-430b-a70b-9935e8acaaa3
 07b6f450-2bf5-48c0-9c5e-3443ad962fcb   |                                        | 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
 8c4c7242-b2b5-4a7a-89d3-e46d24456e5c   |                                        | b578d8e9-5585-430b-a70b-9935e8acaaa3

2๏ธโƒฃ Delete invalid rows (where user_id is NULL)

delete from user_groups where user_id is null;

3๏ธโƒฃ Verify the cleanup

select * from user_groups;

Clean Output

 user_group_id                          | user_id                               | group_id
----------------------------------------+----------------------------------------+----------------------------------------
 07c54672-739f-42d8-befc-bb2ba29fa22d   | 71899524-5b31-41ac-a359-1aa8a008b831   | 68d557ac-4cac-42cc-a9f3-1c7c853de0f3
 e291f1f7-86be-490f-9f9b-3a520d4d1dfa   | 71899524-5b31-41ac-a359-1aa8a008b831   | b578d8e9-5585-430b-a70b-9935e8acaaa3

  • Docker โ€” Foundation for container image management and runtime.

  • PostgreSQL โ€” Default database backend for Kasm.

  • nginx โ€” Used as a reverse proxy within Kasm for SSL termination.


๐ŸŒ Explore More


๐Ÿ“š Tags