NoMachine Support

Your questions answered

Knowledge Base

Searching in: Articles & FAQs
Filter the search results
Applies to:
Last update:
Searching in: Articles & FAQs
ID: AR04R01082
Applies to: NoMachine Server
Added on: 2020-04-06
Last update: 2020-05-07
How to set-up a Cloud Server multi-server environment

Prerequisites are:

- Install NoMachine Cloud Server, CS1 on machineA.
- Install a NoMachine server (e.g. the Enterprise Desktop, ED1) on machineB.
- Create the same system account for user01 on machineA and machineB. Username must be the same.

Step 1 - Add the child server to the Cloud Server
You can do that via graphical interface, https://www.nomachine.com/adding-servers-to-nomachine-cloud-server-via-the-user-interface.

Otherwise, it's possible to add it via command line. On CS1 execute the followng command:

nxserver --serveradd IP_of_ED1 --label "My server label"

E.g. on Linux and macOS, execute from a terminal:
$ sudo /etc/NX/nxserver --serveradd 109.155.20.16 --label "Enterprise Desktop ED1"

On Windows, open a CMD console as administrator, then move to the 'bin' directory under the NoMachine installation:
> cd C:\Program files (x86)\NoMachine\bin\
> nxserver --serveradd 109.155.20.16 --label "Enterprise Desktop ED1"

How the client traffic is forwarded to the child server
The Cloud Server is able to forward the client connection to the child server in three ways:
token - the client will authenticate to the child server with OTP, One Time Password token which uniquely identifies the client. Connection will be forwarded after that the user is authorized on the Cloud Server (CS1). This method works when the client can reach the child server directly. It's the default method when user connects by NX protocol.

system - the client will authenticate to the child server by using the same credentials already used for authenticating on the Cloud Server host. Connection will be forwarded after that the user is authorized on the Cloud Server. This method requires that the user's account has the same username and password on both machineA (CS1) and machineB (ED1). This method works when the client can reach the child server directly. It's the default method when user connects by SSH protocol.

tunnel - the client traffic is relayed through the Cloud Server with the protocol specified for the server-to-server communication. This method is the fallback for token and system methods when the client cannot reach the child server. Force the Cloud Server to always use this method when the client and child server are not on the same network. To do that, add the child server by specifying the tunnel method:

nxserver --serveradd 109.155.20.16  --forward-nx-methods tunnel --label "Enterprise Desktop ED1"
nxserver --serveradd 109.155.20.16  --forward-ssh-methods tunnel --label "Enterprise Desktop ED1"

If the child server is already added, you can edit it at any moment:
nxserver --serveredit 109.155.20.16  --forward-nx-methods tunnel --label "Sample Server"
nxserver --serveredit 109.155.20.16  --forward-ssh-methods tunnel --label "Sample Server"


Step 2 - Optionally, dispatch the user's connection or limit access to a pool of servers

2.1) You can dispatch the client connection to a specific child server.

To forward automatically user01 to a particular host :
nxserver --useredit user01 --forward-connection SERVER:PORT

SERVER:PORT is the name of the child server, as it appears in the output of 'nxserver --serverlist --extended'.

This setting is recommended when users don't need to access more than one child server.
 

2.2) If users need instead to access more than one child server, it's possible to limit their access to a pool of server.

To allow/deny user01  to access a specific:
nxserver --ruleadd --class server --type SERVER:PORT --value yes --user user01
nxserver --ruleadd --class server --type SERVER:PORT --value no --user user01

 

Step 3 - Set-up two Cloud Servers in an active/passive failover cluster (optional)
Once the multiserver setup is completed, you can add a second Cloud Server to the first one and create a failover cluster. The second Cloud Server is passive and monitors the first one. It will take the role of the first Cloud Server when this for some reasons goes down.

Let's call CS1 the first Cloud Server and CS2 the second Cloud Server.

On CS1, execute:
nxserver --clusteradd --local <local IP of CS1> --shared <IP of the cluster host>
nxserver --clusteradd <local IP of CS2>

Then restart CS1 and CS2. Firstly on CS1, then on CS2 execute:
nxserver --restart
 


Ref.

- Setting up highly available centralized access to remote physical desktops
  https://www.nomachine.com/DT03O00131

- NoMachine Cloud Server - Installation and Configuration Guide
  https://www.nomachine.com/DT02O00123

- Other server's guides, section 'Installation'
  https://www.nomachine.com/all-documents