Ci gaba da labarin game da ZeroTier, daga ka'idar da aka tsara a cikin labarin "", Na ci gaba da yin aiki a cikin abin da:
- Bari mu ƙirƙira kuma saita mai sarrafa hanyar sadarwa mai zaman kansa
- Bari mu ƙirƙiri hanyar sadarwa mai kama-da-wane
- Bari mu saita kuma mu haɗa nodes zuwa gare shi
- Bari mu duba haɗin yanar gizo tsakanin su
- Bari mu toshe damar shiga GUI na mai sarrafa hanyar sadarwa daga waje
Mai sarrafa hanyar sadarwa
Kamar yadda aka ambata a baya, don ƙirƙirar cibiyoyin sadarwa masu kama-da-wane, sarrafa su, da kuma haɗa nodes, mai amfani yana buƙatar mai sarrafa cibiyar sadarwa, ƙirar hoto (GUI) wanda ya wanzu a cikin nau'i biyu:
ZeroTier GUI Zabuka
- Ɗaya daga cikin mai haɓaka ZeroTier, yana samuwa azaman mafita na SaaS na jama'a tare da tsare-tsaren biyan kuɗi guda huɗu, gami da kyauta, amma iyakance a cikin adadin na'urorin sarrafawa da matakin tallafi.
- Na biyu ya fito ne daga mai haɓakawa mai zaman kansa, ɗan sauƙi a cikin aiki, amma ana samun shi azaman mafita mai buɗewa mai zaman kansa don amfani a kan-gida ko kan albarkatun girgije.
A cikin aikina, na yi amfani da duka biyu kuma a sakamakon haka, na ƙarshe zauna a kan na biyu. Dalilin haka shi ne gargadin mai haɓakawa.
“Masu kula da hanyar sadarwa suna aiki azaman hukumomin takaddun shaida don cibiyoyin sadarwar ZeroTier. Fayilolin da ke ɗauke da maɓallan sirrin mai sarrafawa dole ne a kiyaye su a hankali kuma a adana su cikin aminci. Amincewa da su yana ba da damar maharan da ba su da izini don ƙirƙirar saitunan cibiyar sadarwa na yaudara, kuma asarar su tana haifar da asarar ikon sarrafawa da sarrafa hanyar sadarwar, ta yadda ba za a iya amfani da ita ba."
→
Hakanan kuma, alamun paranoia na cybersecurity na ku :)
- Ko da Cheburnet ya zo, dole ne in sami damar yin amfani da mai sarrafa hanyar sadarwa ta;
- Ni kadai ya kamata in yi amfani da mai sarrafa hanyar sadarwa. Idan ya cancanta, samar da dama ga wakilan ku masu izini;
- Ya kamata ya yiwu a ƙuntata samun dama ga mai sarrafa cibiyar sadarwa daga waje.
A cikin wannan labarin, ban ga ma'ana mai yawa ba a cikin zama daban kan yadda ake tura mai sarrafa hanyar sadarwa da GUI akan sa akan kayan aikin zahiri ko na zahiri. Kuma akwai dalilai guda 3 akan haka:
- za a sami haruffa fiye da yadda aka tsara
- game da wannan riga akan GUI mai haɓaka GitHab
- batun labarin ya shafi wani abu dabam
Saboda haka, zabar hanyar mafi ƙarancin juriya, zan yi amfani da wannan labarin mai kula da hanyar sadarwa tare da GUI dangane da VDS, wanda aka kirkira ta , abokan aiki na daga RuVDS suka haɓaka da kirki.
Saitin farko
Bayan ƙirƙirar uwar garken daga ƙayyadadden samfuri, mai amfani ya sami damar zuwa mai sarrafa Yanar Gizo-GUI ta hanyar mai lilo ta hanyar shiga https: // :3443
Ta hanyar tsoho, uwar garken ya riga ya ƙunshi takardar shaidar TLS/SSL mai sa hannun riga da aka ƙirƙira. Wannan ya ishe ni, tunda na toshe hanyar shiga daga waje. Ga waɗanda ke son yin amfani da wasu nau'ikan takaddun shaida, akwai akan GUI mai haɓaka GitHab.
Lokacin da mai amfani ya shiga da farko Shiga tare da tsoho login da kalmar sirri - admin и password:
Yana ba da shawarar canza tsohuwar kalmar sirri zuwa ta al'ada
Ina yin shi da ɗan bambanta - Ba na canza kalmar sirrin mai amfani da ke yanzu, amma ƙirƙirar sabo - Ƙirƙiri Mai amfani.
Na saita sunan sabon mai amfani - Sunan mai amfani:
Na saita sabon kalmar sirri - Shigar da sabon kalmar sirri:
Na tabbatar da sabon kalmar sirri - Sake saka kalmar shiga:
Haruffan da ka shigar suna da hankali - a yi hankali!
Duba akwatin don tabbatar da canjin kalmar sirri a shiga na gaba - Canja kalmar sirri a shiga na gaba: Ba na yin bikin.
Don tabbatar da bayanan da aka shigar, danna Saita kalmar sirri:
Sannan: Na sake shiga - Fita / Shiga, riga a ƙarƙashin shaidar sabon mai amfani:
Na gaba, zan je shafin masu amfani - Masu amfani kuma share mai amfani adminta danna gunkin kwandon shara dake gefen hagu na sunansa.
A nan gaba, zaku iya canza kalmar sirri ta mai amfani ta danna ko dai akan sunansa ko a saita kalmar sirri.
Ƙirƙirar hanyar sadarwa mai kama-da-wane
Don ƙirƙirar cibiyar sadarwar kama-da-wane, mai amfani yana buƙatar zuwa shafin Ƙara cibiyar sadarwa. Daga batu Mai amfani ana iya yin hakan ta hanyar shafi Gida - babban shafin yanar gizo-GUI, wanda ke nuna adireshin ZeroTier na wannan mai sarrafa cibiyar sadarwa kuma ya ƙunshi hanyar haɗi zuwa shafin don jerin cibiyoyin sadarwa da aka kirkira ta hanyarsa.
A shafi Ƙara cibiyar sadarwa mai amfani ya sanya suna ga sabuwar hanyar sadarwar da aka ƙirƙira.
Lokacin amfani da bayanan shigarwa - Ƙirƙiri hanyar sadarwa an kai mai amfani zuwa shafi mai jerin hanyoyin sadarwa, wanda ya ƙunshi:
Sunan cibiyar sadarwa — sunan cibiyar sadarwa ta hanyar hanyar haɗin yanar gizo, idan ka danna shi zaka iya canza shi
ID na hanyar sadarwa - mai gano hanyar sadarwa
daki-daki - haɗi zuwa shafi mai cikakken sigogin cibiyar sadarwa
sauki saitin - hanyar haɗi zuwa shafi don sauƙi mai sauƙi
yan - hanyar haɗi zuwa shafin sarrafa kumburi
Don ƙarin saitin sai ku bi hanyar haɗin sauki saitin. A shafin da ke buɗewa, mai amfani yana ƙayyade kewayon adiresoshin IPv4 don cibiyar sadarwar da ake ƙirƙira. Ana iya yin wannan ta atomatik ta latsa maɓalli Ƙirƙirar adireshin cibiyar sadarwa ko da hannu ta shigar da abin rufe fuska na cibiyar sadarwa a filin da ya dace CID.
Lokacin tabbatar da nasarar shigar da bayanai, dole ne ku koma shafin tare da jerin cibiyoyin sadarwa ta amfani da maɓallin Baya. A wannan gaba, ana iya ɗaukar saitin cibiyar sadarwa na asali cikakke.
Haɗin nodes na cibiyar sadarwa
- Da farko, dole ne a shigar da sabis na ZeroTier One akan kumburin da mai amfani ke son haɗawa da hanyar sadarwa.
Menene ZeroTier One?ZeroTier Daya sabis ne da ke gudana akan kwamfyutocin kwamfyutoci, kwamfutoci, sabobin, injunan kama-da-wane da kwantena waɗanda ke ba da haɗin kai zuwa cibiyar sadarwar kama-da-wane ta hanyar tashar sadarwar kama-da-wane, kama da abokin ciniki na VPN.
Da zarar an shigar da sabis ɗin kuma an fara, zaku iya haɗawa zuwa cibiyoyin sadarwar kama-da-wane ta amfani da adireshi masu lamba 16. Kowace cibiyar sadarwa tana bayyana azaman tashar sadarwa mai kama-da-wane akan tsarin, wanda ke aiki kamar tashar tashar Ethernet ta yau da kullun.
Ana iya samun hanyoyin haɗin kai zuwa rarrabawa, da kuma umarnin shigarwa .Kuna iya sarrafa sabis ɗin da aka shigar ta hanyar tashar layin umarni (CLI) tare da haƙƙin gudanarwa/tushen. A kan Windows/MacOS kuma ta amfani da keɓancewar hoto. A cikin Android/iOS kawai ta amfani da GUI.
- Duba nasarar shigar da sabis:
CLI:
zerotier-cli statusSakamako:
200 info ebf416fac1 1.4.6 ONLINE
GUI:Gaskiyar cewa aikace-aikacen yana gudana da kasancewar a cikin sa na layi tare da Node ID tare da adireshin kumburi.
- Haɗa kumburi zuwa cibiyar sadarwa:
CLI:
zerotier-cli join <Network ID>Sakamako:
200 join OKGUI:
Windows: danna dama akan gunkin ZeroTier Daya a cikin tray ɗin tsarin kuma zaɓi abu - Shiga Network.
macOS: Kaddamar da aikace-aikacen ZeroTier Daya a cikin mashaya menu, idan ba a riga an ƙaddamar da shi ba. Danna gunkin kuma zaɓi Shiga Network.Android/iOS: + (da hoto) a cikin app
A cikin filin da ya bayyana, shigar da mai sarrafa cibiyar sadarwa da aka ƙayyade a cikin GUI ID na hanyar sadarwa, kuma danna Shiga/Ƙara Cibiyar sadarwa. - Sanya adireshin IP ga mai watsa shiri
Yanzu mun koma mai kula da cibiyar sadarwa kuma a kan shafi tare da jerin cibiyoyin sadarwa bi hanyar haɗin yan. Idan ka ga hoto mai kama da wannan akan allon, yana nufin mai kula da cibiyar sadarwarka ya karɓi buƙatun tabbatar da haɗin kai zuwa cibiyar sadarwa daga kumburin da aka haɗa.
A wannan shafi mun bar komai kamar yadda yake a yanzu kuma mu bi hanyar haɗin gwiwa IP aiki je zuwa shafin don sanya adireshin IP zuwa kumburi:
Bayan sanya adireshin, danna maɓallin Back komawa zuwa shafin jerin nodes ɗin da aka haɗa kuma saita sunan - Sunan memba kuma duba akwatin rajistan don ba da izinin kumburi akan hanyar sadarwa - Izini. Af, wannan akwati abu ne mai matukar dacewa don cire haɗin / haɗawa daga cibiyar sadarwar mai watsa shiri a nan gaba.
Ajiye canje-canje ta amfani da maɓallin Refresh. - Duba matsayin haɗin haɗin gwiwa zuwa cibiyar sadarwa:
Don duba halin haɗin kai akan kumburin kanta, gudu:
CLI:zerotier-cli listnetworksSakamako:
200 listnetworks <nwid> <name> <mac> <status> <type> <dev> <ZT assigned ips>
200 listnetworks 2da06088d9f863be My_1st_VLAN be:88:0c:cf:72:a1 OK PRIVATE ethernet_32774 10.10.10.2/24
GUI:Matsayin hanyar sadarwa yakamata yayi OK
Don haɗa ragowar nodes, maimaita ayyukan 1-5 ga kowannensu.
Duba haɗin haɗin yanar gizo na nodes
Ina yin haka ta hanyar gudanar da umarni ping akan na'urar da aka haɗa da hanyar sadarwar da nake gudanarwa a halin yanzu.
A cikin hoton allo na mai sarrafa gidan yanar gizo-GUI zaka iya ganin nodes guda uku da aka haɗa zuwa cibiyar sadarwa:
- ZTNCUI - 10.10.10.1 - Mai sarrafa hanyar sadarwa na tare da GUI - VDS a ɗayan RuVDS DCs. Don aiki na yau da kullun babu buƙatar ƙara shi zuwa cibiyar sadarwar, amma na yi haka saboda ina so in toshe damar shiga yanar gizo daga waje. Karin bayani kan wannan daga baya.
- MyComp - 10.10.10.2 - kwamfutar aikina PC ce ta zahiri
- Ajiyayyen - 10.10.10.3 - VDS a cikin wani DC.
Don haka, daga kwamfutar aikina na duba samuwar wasu nodes tare da umarni:
ping 10.10.10.1
Pinging 10.10.10.1 with 32 bytes of data:
Reply from 10.10.10.1: bytes=32 time=14ms TTL=64
Reply from 10.10.10.1: bytes=32 time=4ms TTL=64
Reply from 10.10.10.1: bytes=32 time=7ms TTL=64
Reply from 10.10.10.1: bytes=32 time=2ms TTL=64
Ping statistics for 10.10.10.1:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 2ms, Maximum = 14ms, Average = 6ms
ping 10.10.10.3
Pinging 10.10.10.3 with 32 bytes of data:
Reply from 10.10.10.3: bytes=32 time=15ms TTL=64
Reply from 10.10.10.3: bytes=32 time=4ms TTL=64
Reply from 10.10.10.3: bytes=32 time=8ms TTL=64
Reply from 10.10.10.3: bytes=32 time=4ms TTL=64
Ping statistics for 10.10.10.3:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 4ms, Maximum = 15ms, Average = 7ms
Mai amfani yana da haƙƙin amfani da wasu kayan aikin don bincika samuwar nodes akan hanyar sadarwar, duka waɗanda aka gina a cikin OS kuma kamar NMAP, Advanced IP Scanner, da sauransu.
Muna ɓoye damar shiga GUI mai kula da hanyar sadarwa daga waje.
Gabaɗaya, Zan iya rage yuwuwar samun damar shiga VDS mara izini wanda mai sarrafa cibiyar sadarwa ta yake ta amfani da Tacewar zaɓi a cikin asusun RuVDS na. Wannan batu ya fi dacewa don wani labarin dabam. Don haka, a nan zan nuna yadda ake ba da damar yin amfani da mai sarrafa GUI kawai daga hanyar sadarwar da na ƙirƙira a cikin wannan labarin.
Don yin wannan, kuna buƙatar haɗi ta hanyar SSH zuwa VDS wanda mai sarrafawa yake kuma buɗe fayil ɗin sanyi ta amfani da umarnin:
nano /opt/key-networks/ztncui/.envA cikin fayil ɗin da aka buɗe, bayan layin "HTTPS_PORT=3443" mai ɗauke da adireshin tashar tashar da GUI ke buɗewa, kuna buƙatar ƙara ƙarin layi tare da adireshin da GUI zai buɗe - a cikin akwati na shine HTTPS_HOST=10.10.10.1. .XNUMX.
Na gaba zan ajiye fayil ɗin
Сtrl+C
Y
Enter
kuma gudanar da umurnin:
systemctl restart ztncuiKuma shi ke nan, yanzu GUI na mai sarrafa hanyar sadarwa na yana samuwa ne kawai don nodes na cibiyar sadarwa 10.10.10.0.24.
Maimakon a ƙarshe
Wannan shine inda nake so in gama ɓangaren farko na jagorar mai amfani don ƙirƙirar cibiyoyin sadarwar kama-da-wane bisa ZeroTier. Ina jiran ra'ayoyin ku.
A halin yanzu, don wuce lokaci har zuwa fitowar sashi na gaba, wanda zan gaya muku yadda ake hada hanyar sadarwa mai kama da jiki, yadda ake tsara yanayin "warrior" da wani abu, Ina ba ku shawara ku gwada. tsara hanyar sadarwar ku ta hanyar amfani da mai sarrafa cibiyar sadarwa mai zaman kansa tare da GUI dangane da VDS daga kasuwa RUVDS. Haka kuma, duk sabbin abokan ciniki suna da lokacin gwaji kyauta na kwanaki 3!
PS Ee! Na kusa manta! Kuna iya cire kumburi daga hanyar sadarwar ta amfani da umarni a cikin CLI na wannan kumburi.
zerotier-cli leave <Network ID>
200 leave OK
ko umarnin Share a cikin abokin ciniki GUI akan kumburi.
->
->
->
source: www.habr.com