System Architecture

The following system roles make up the Kasm Architecture:

API Service (container: kasmweb/kasm_api)

This service contains the API endpoints used by the web application. The web application content is automatically installed as part of this service.

Manager Service (container: kasmweb/kasm_manager)

This service is responsible for monitoring the status of Agents and user sessions. Agents report to this service via an automatic check in process.

Agent Service (container: kasmweb/agent)

The agent is responsible for provisioning instances of end user session containers when requested via the web application. The Agent reports the available system resources to the manager. These Agents are represented in the Servers tab in the Administration tab of the web application. This service automatically downloads all Kasm Images defined within the application so they are available to provision new sessions on demand.

Proxy Service (container: kasm_proxy)

This container, based on nginx, is used to forward traffic to the correct service container. This container is required to be run in tandem with any of the following services:

  • API Service

  • Manager Service

  • Agent Service

  • Database Services (container: kasmweb/kasm_db, kasmweb/kasm_redis)

    Houses the postgresql and Redis Kasm application databases

Share Service (container: kasmweb/kasm_share)

This service is the chat handler for the sharing feature in sessions. It handles synchronising messages between chat clients using the Kasm redis database.

Connection Proxy (container: kasmweb/kasm_guac)

This service is a custom Guacamole connection handler. This encodes and proxies standard RDP, VNC, and SSH connections to a websocket format usable by a modern web browser.

Sessions – End User Sessions/Containers (container: e.g kasmweb/firefox)

End users request to create sessions that are on-demand instances of Images registered in the application. These instances are provisioned by and on the Agent. These containers house the desktop or application presented to the end user via the web application.

Workspaces

A Workspace is full desktop, single application, or a direct web link made available to users based on their group membership. In the case of desktops and applications these can be containerized workloads that are spun up on demand or direct connections to KasmVNC/RDP/VNC/SSH endpoints. Any number of Workspaces can be registered via the web application and can be customized by the administrator to add additional software and configurations. The administrator can also configure the CPU, memory and network resources available to each Workspace via the Workspaces Settings. By default, several Workspaces are installed and registered.