Mukakumana ndi funso ndikupumula zolemba zambiri, yesani kukonza ndikulemba zomwe mwaphunzira kukumbukira bwino. Komanso pangani malangizo pankhaniyi kuti musadutsenso njira yonse.
Zolemba zoyambira zimapezeka zambiri pa
Kupanga kwa vuto
Wofuna chithandizo akufuna kuphatikiza ma seva angapo obwereketsa mu netiweki imodzi kuti achotse kufunikira kolipirira ma subnets angapo, kupachika banja lake lonse kumbuyo kwa rauta, kuwapatsa maadiresi am'deralo, ndikutetezedwa ndi firewall. Chifukwa chake magalimoto onse amayendera mkati mwa VLAN. Kuphatikiza apo, sunthani makina enieni kuchokera pa seva imodzi yakale kupita ku yatsopano ndikuyisiya, konzani zida zakale zomwe mukugwiritsa ntchito ndipo nthawi yomweyo pitani ku Proxmox yatsopano.
Poyamba, kasitomala ali ndi ma seva a 5, aliyense ali ndi subnet yowonjezera, adilesi yoyamba kuchokera ku subnet yodzipatulira imaperekedwa ku mlatho wowonjezera pa Proxmox.
Pa nthawi yomweyi, ma VM amayenda pa Windows ndipo ali ndi adilesi 85.xx177/29 yokonzedwa ndi chipata 85.xx176
Ndipo ma seva onse 5 omwe ali ndi makina awo enieni amapangidwa mofananamo.
Ndizoseketsa kuti kasinthidwe kameneka ndi kolakwika pakukhazikitsa netiweki mwatsatanetsatane; gwiritsani ntchito adilesi ya netiweki pa node yoyamba komanso chimodzimodzi pachipata. Ngati muyesa kuyendetsa izi pamakina a Ubuntu, maukonde sagwira ntchito.
β
Π Π΅Π°Π»ΠΈΠ·Π°ΡΠΈΡ
- Timapanga vSwitch mu mawonekedwe, timagawira VlanID, ndikuwonjezera vSwitch iyi kumaseva onse omwe tikufuna.
- Tikupanga seva yoyesera kuti tithe kukhazikitsa ndikuyenda popanda mavuto.
Timakweza makina oyambirira a chr ndi .
Ngati mugwiritsa ntchito script pamwambapa, chonde dziwani kuti imayang'ana kaye kupezeka kwa -d /root/ temp directory, ndipo ngati palibe, /home/root/ temp directory imapangidwa, koma ntchito ina ikuchitikabe. kunja ndi /root/temp directory. Zolemba ziyenera kukonzedwa kuti mupange chikwatu choyenera.
- Kukhazikitsa netiweki ya Proxmox.
Timawonjezera kamphindi kakang'ono ndi nambala ya VLAN, kusonyeza kuti maadiresi adzakonzedwa pa milatho pogwiritsa ntchito buku la inet. ZOFUNIKA. Simungathe kukhazikitsa ma adilesi a IP pamakina omwe mudzaphatikizepo pamlatho; momwe izi zidzagwirira ntchito komanso ngati zidzagwira ntchito sizidziwika kwa aliyense.
Kenako, timapanga mlatho vmbr0 - ndikuyikapo adilesi yoyamba ya seva yokhayo, yomwe tapatsidwa ndi opereka a Hetzner, tikuwonetsa doko la mlatho - mawonekedwe oyamba opanda VLAN, komanso kufotokozeranso ndi lamulo lowonjezera. ya njira yopita ku netiweki yathu yowonjezera, yoyitanidwa kuchokera kwa Hetzner pa seva iyi kudzera pamlathowu. Kuwonjezera njira kudzagwira ntchito pamene mawonekedwe akukwera.
Mlatho wachiwiri udzakhala mawonekedwe athu amtundu wa anthu amderalo, timawonjezera adilesi kuti tipeze kulumikizana pakati pa ma seva osiyanasiyana a Proxmox pa netiweki yam'deralo popanda intaneti ndikutchula doko ngati subinterface eno1.4000, yomwe idaperekedwa kwa VlanID yathu.
Pakukhazikitsa koyambirira, mumapeza upangiri woti mutha kukhazikitsa pulogalamu yowonjezera ya ifupdown2 ya Proxmox ndipo simuyenera kuyambitsanso seva yonse ngati pali zosintha pamaneti. Komabe, izi zimangochitika pakukhazikitsa koyamba, ndipo mukamagwiritsa ntchito milatho ndikukhazikitsa makina enieni, mumakumana ndi zovuta pakulephera kwa maukonde pamakina enieni. Ngakhale kuti mudasintha, mwachitsanzo, mawonekedwe a vmbr2, ndipo mukamagwiritsa ntchito kasinthidwe, maukonde amagwera pamitundu yonse yamkati ndipo sachira mpaka seva itayambiranso. ifdown&&ifup sizithandiza. Ngati wina ali ndi yankho, ndingayamikire.
Mawonekedwe oyamba okhazikitsidwa pa seva amakhalabe akugwira ntchito komanso kupezeka.
-
Kugawa ma adilesi a CHR kuti musataye ma adilesi padziwe
Phukusi la ma adilesi omwe Hetzner amapanga amawoneka odabwitsa kwambiri kwa ochezera pa intaneti, monga chonchi:
Chodabwitsa ndichakuti chipata chikuwonetsa kugwiritsa ntchito adilesi yake ya seva yeniyeni.
Njira yachikale yoperekedwa ndi Hetzner mwiniyo ikuwonetsedwa m'mawu ovuta ndipo idakhazikitsidwa ndi kasitomala payekha. Mwanjira iyi, kasitomala amataya adilesi yoyamba ku adilesi ya netiweki, adilesi yachiwiri ku mlatho wa proxmox ndipo idzakhalanso chipata, ndi adilesi yomaliza yowulutsira. Maadiresi a IPv4 sakhala ochepa. Ngati muyesa mwachindunji kulembetsa adilesi ya IP 136.x.x.177/29 ndi chipata cha 0.0.0.0/0 148.x.x.165 pa CHR, mutha kuchita izi, koma chipata sichikhala Cholumikizidwa Mwachindunji motero sichidzafikirika. .
Titha kutuluka mu izi pogwiritsa ntchito netiweki 32 pa adilesi iliyonse ndikutchula adilesi yomwe tikufuna, yomwe ingakhale chilichonse, monga dzina la intaneti. Zimakhala zofanana ndi kugwirizana kwa mfundo ndi mfundo.
Pachifukwa ichi, chipatacho chidzakhalapo, ndipo zonse zidzagwira ntchito momwe tikufunikira.
Kumbukirani kuti pakusintha kotere sikuvomerezeka kugwiritsa ntchito lamulo la SRC-NAT, chifukwa adilesi yotulutsa idzakhala yosiyana, ndipo ndikoyenera kutchulapo kanthu: src-NAT ndi adilesi yeniyeni yomwe mungachokere. kumasula kasitomala.
- Ndipo potsiriza.
Kuti mulepheretse kupezeka kwa Proxmox pa intaneti, gwiritsani ntchito zida zomangidwira: pali chowotcha moto chabwino kwambiri.
Simuyenera kugwiritsa ntchito firewall yoperekedwa ndi hetzner, kuti musasokonezedwe ndi malo omwe makonda. Hetzner adzagwiranso ntchito pa maukonde onse, kuphatikizapo omwe adakhazikitsidwa pa CHR, ndikutsegula ndi kupititsa patsogolo madoko, padzakhalanso kofunikira kuti atsegule pa intaneti ya wothandizira.
Source: www.habr.com