Cloud Auto-Scaling

Kasm has the ability to automatically provision and destroy Agents based on user demand. The overall goal of the features is to ensure hot spare compute resources are always available to support user requests to create Kasm sessions, and to reduce costs by destroying those resources when no longer needed.

Note

This feature requires a special license. Please contact your Kasm Technologies representative for details.

At the Zone level, administrators configure how many free Slots should be available at any given time to fulfill requests for a Kasm. As sessions are requested, the available free Slots decrease. The Kasm Manager Service will provision more Agents via supported cloud providers to ensure the desired free Slots are always maintained. The Primary Manager for each Zone is responsible for provisioning/destroying cloud resources. As sessions are destroyed by end users, the available free Slots increase. Kasm will destroy excess Agent nodes that are no longer needed to achieve the desired free Slots.

  • Slot

    A Slot is a slice of CPU and Memory resources on an Agent needed to provision a Kasm Image. An Agent that has 2 Cores and 3GB of ram has 2 available Slots, if the Image requires 1CPU and 1GB of ram.

Default Image

Kasm will use the default_image_memory_gb and default_image_cores defined in the Server Settings when doing Slot calculations

General Settings

../../_images/general_settings.png
General Auto Scaling Settings

Name

Description

Scaling Enabled

Enable the Auto-scaling feature. Note: This option and all other auto-scaling options will not be seen if the installation is not licensed.

Prioritize Static Agents

If the deployment is using Agents that are provisioned manually, the system will prioritize creating sessions on those Agents. This is useful if auto-scaling is used to supplement static resources.

Minimum Available Slots

The number of Slots that the system should try to keep “always available” at any given time. If the number of available Slots falls below this number, more Agents are created. If the number of available Slots rises above this number, Agents are deleted as long as it wont result in the number of available slots falling below this number.

Agent Cores Override

When an Agent is created, the compute resource (e.g AWS EC2 / Digital Ocean Droplet) will have a set amount of CPU and Ram as defined by the cloud provider’s instance type. This setting should typically be set to match the instance type but can be set to a preferred value. The system uses this value to calculate how many slots a new Agent will provide.

Agent Memory Override (GB)

When an Agent is created, the compute resource (e.g AWS EC2 / Digital Ocean Droplet) will have a set amount of CPU and Ram as defined by the cloud provider’s instance type. This setting should typically be set to match the instance type but can be set to a preferred value. The system uses this value to calculate how many slots a new Agent will provide.

Register DNS

If enabled, the Agent’s IP will be registered in DNS.

DNS Registration Provider

Select the cloud provider that hosts the desired DNS Zone.

Base Domain Name

Define a base name for the automatic DNS registration for the Agent. The system will create a full name using <ID>.<Base Domain Name>. If the Base Domain Name is “agents.kasm.example.com”, the full DNS name generated will be <ID>.agents.kasm.example.com (e.g 123abcd.agents.kasm.example.com). This Base Domain Name, must already be a registered DNS zone within the cloud provider’s DNS system.

NGINX Cert

The PEM encoded SSL certificate to use for the kasm_proxy role on the created Agents. This cert should be a wildcard for the Base Domain Name (e.g *.agents.kasm.example.com)

NGINX Key

The PEM encoded SSL Key to use for the kasm_proxy role on the created Agents.

AWS Settings

A number of settings are required to be defined to use this functionality. The AWS settings appear in the Deployment Zone configuration when the feature is licensed.

../../_images/aws_settings.png
AWS Auto Scaling Settings

Name

Description

AWS Access Key ID

The AWS Access Key used for the AWS API

AWS Secret Access Key

The AWS Secret Access Key used for the AWS API

AWS Scaling Enabled

Turn on or of Auto-Scaling via AWS

AWS: Region

The AWS Region the EC2 Nodes should be provisioned in. e.g (us-east-1)

AWS: EC2 Agent AMI ID

The AMI ID to use for the provisioned EC2 nodes. This should be an OS that is supported by the Kasm installer.

AWS: EC2 Agent Instance Type

The EC2 Instance Type (e.g t3.micro). Note the Cores and Memory override settings don’t necessarily have to match the instance configurations. This is to allow for over provisioning.

AWS: EC2 Agent Key Pair Name

The SSH Key pair to assign the EC2 node

AWS: Max EC2 Nodes

The maximum number of EC2 nodes to provision regardless of the need for available free slots

AWS: EC2 Security Group ID

The security group ID to assign the EC2 nodes

AWS: EC2 Agent Subnet ID

The subnet ID to place the EC2 nodes in.

AWS: EC2 Agent EBS Volume Size (GB)

The size of the root EBS Volume for the EC2 nodes.

AWS: EC2 Agent EBS Volume Type

The EBS Volume Type (e.g gp2)

AWS: EC2 Agent IAM

The IAM to assign the EC2 Nodes. Administrators may want to assign CloudWatch IAM access.

AWS: EC2 Custom Tags

A Json dictionary for custom tags to assigned on auto-scaled Agent EC2 Nodes. e.g {"foo":"bar", "bin":"baz"}

AWS: EC2 Agent Startup Script

When the EC2 Nodes are provision this script is executed. The script is responsible for installing and configuring the Kasm Agent.

Digital Ocean Settings

A number of settings are required to be defined to use this functionality. The Digital Ocean settings appear in the Deployment Zone configuration when the feature is licensed.

Warning

Please review Tag Does Not Exist Error for known issues and workarounds

../../_images/do_settings.png
Digital Ocean Auto Scaling Settings

Name

Description

Token

The Digital Ocean API Token

Digital Ocean Scaling Enabled

When checked the system will attempt to auto-provision Agents in Digital Ocean

Max Droplets

The maximum number of Digital Ocean droplets to provision , regardless of whether more are needed to fulfill user demand.

Region

The Digital Ocean Region where droplets should be provisioned. (e.g nyc1)

Image

The Image to use when creating droplets. (e.g docker-18-04)

Droplet Size

The droplet size configuration (e.g c-2)

Tags

A tag to assign the droplet when it is created. This tag must already exist in the Digital Ocean Account

SSH Key Name

The SSH Key to assign to the newly created droplets. The SSH Key must already exist in the Digital Ocean Account.

Firewall Name

The name of the Firewall to apply to the newly created droplets. This Firewall must already exist in the Digital Ocean Account.

Startup Script

When droplets are provision this script is executed. The script is responsible for installing and configuring the Kasm Agent.

Tag Does Not Exist Error

Upon first testing AutoScaling with Digital Ocean, you may be presented with the error similar to the follow:

 Future generated an exception: tag zone:abc123 does not exist
 traceback:
 ..
 File "digitalocean/Firewall.py", line 225, in add_tags
 File "digitalocean/baseapi.py", line 196, in get_data
 digitalocean.DataReadError: tag zone:abc123 does not exist
 process: manager_api_server

This error occurs when Kasm Workspaces tries to assign a unique tag based on the Zone Id to the Digital Ocean Firewall. If that tag does not already exist in Digital Ocean, the operation will fail and present the error. To workaround the issue, manually create a tag matching the one specified in the error (e.g zone:abc123) via the Digital Ocean console. This can be done via API, or simply creating the tag on a temporary Droplet.

Oracle Cloud (OCI) Settings

A number of settings are required to be defined to use this functionality. The OCI settings appear in the Deployment Zone configuration when the feature is licensed.

../../_images/oci_settings.png
OCI Auto Scaling Settings

Name

Description

User OCID

The OCID of the user to authenticate with the OCI API. (e.g ocid1.user.oc1..xyz)

Public Key Fingerprint

The public key fingerprint of the authenticated API user. (e.g xx:yy:zz:11:22:33)

Private Key

The private key (PEM format) of the authenticated API user.

Region

The OCI Region name. (e.g us-ashburn-1)

Tenancy OCID

The Tenancy OCID for the OCI account. (e.g ocid1.tenancy.oc1..xyz)

Compartment OCID

The Compartment OCID where the auto-scaled agents will be placed. (ocid1.compartment.oc1..xyx)

OCI Scaling Enabled

Turn on or of Auto-Scaling via OCI.

Max Instances

The maximum number of OCI compute instances to provision regardless of the need for available free slots.

Availability Domain

The availability domain where the OCI compute instances will be placed. (e.g BEol:US-ASHBURN-AD-1)

Image OCID

The OCID of the Image to use when creating the compute instances. (e.g ocid1.image.oc1.iad.xyz)

Shape

The name of the shape used for the created compute instances. (e.g VM.Standard.E4.Flex)

Flex CPUs

The number of OCPUs to assign the compute instance. This is only applicable when a Flex shape is used.

Flex Memory GB

The amount of memory (in GB) to assign the compute instance. This is only applicable when a Flex shape is used.

Boot Volume GB

The size (in GB) of the boot volume to assign the compute instance.

Custom Tags (JSON)

A Json dictionary of custom freeform tags to assigned the auto-scaled instances. e.g {"foo":"bar", "bin":"baz"}

Subnet OCID

The OCID of the Subnet where the auto-scaled instances will be placed. (e.g ocid1.subnet.oc1.iad.xyz)

SSH Public Key

The SSH public key to insert into the compute instances. (e.g ssh-rsa XYABC)

Startup Script

When instances are provisioned, this script is executed and is responsible for installing and configuring the Kasm Agent.