"Mutha kupanga yankho (kuthetsa vuto) m'njira zingapo, koma njira yokwera mtengo kwambiri komanso / kapena yotchuka simakhala yothandiza kwambiri!"
Yambani
Pafupifupi zaka zitatu zapitazo, m'kati akupanga chitsanzo akutali kwa tsoka deta kuchira, ndinakumana chopinga chimodzi chimene sichinawonekere nthawi yomweyo - kusowa kwa chidziwitso chokhudza njira zatsopano zopangira maukonde virtualization mu magwero ammudzi.
Algorithm yachitsanzo chopangidwa idakonzedwa motere:
- Wogwiritsa ntchito wakutali yemwe adandilumikizana ndi ine, yemwe kompyuta yake idakana kuyambitsa, kuwonetsa uthenga wakuti "system disk sinapezeke / osasinthidwa," amayiyika pogwiritsa ntchito USB yamoyo.
- Panthawi yoyambira, dongosololi limangolumikizana ndi netiweki yotetezedwa yachinsinsi, yomwe kuphatikiza payokha imakhala ndi malo ogwirira ntchito a woyang'anira, pakadali pano laputopu, ndi node ya NAS.
- Kenako ndimalumikiza - mwina kutsitsimutsa magawo a disk, kapena kuchotsa deta kuchokera pamenepo.
Poyamba, ndinagwiritsa ntchito chitsanzochi pogwiritsa ntchito seva ya VPN pa rauta wamba mumaneti omwe ndimayang'anira, kenako pa VDS yobwereka. Koma, nthawi zambiri zimachitika ndipo malinga ndi lamulo loyamba la Chisholm, ngati mvula igwa, maukonde opereka intaneti adzatsika, ndiye mikangano pakati pa mabungwe amalonda idzachititsa kuti wothandizira awonongeke "mphamvu" ...
Choncho, ndinaganiza zoyamba kupanga zofunikira zomwe chida chofunikira chiyenera kukwaniritsa. Choyamba ndi kugawikana kwa mayiko. Kachiwiri, popeza ndili ndi ma USB angapo amoyo wotere, iliyonse ili ndi netiweki yakutali. Chabwino, chachitatu, kugwirizana mwamsanga kwa maukonde a zipangizo zosiyanasiyana ndi kasamalidwe yosavuta, kuphatikizapo ngati laputopu wanga nayenso kugwa ndi lamulo tatchulazi.
Kutengera izi komanso nditakhala miyezi iwiri ndi theka ndikufufuza kothandiza kwa zosankha zingapo zomwe sizinali zoyenera, ine, mwangozi komanso pachiwopsezo changa, ndidaganiza zoyesa chida china kuyambira poyambira chomwe sindimadziwa panthawiyo chotchedwa ZeroTier. Zomwe sindinadandaule nazo pambuyo pake.
Patchuthi cha Chaka Chatsopano ichi, ndikuyesera kumvetsetsa ngati zinthu zasintha kuyambira nthawi yosaiwalika, ndidachita kafukufuku wosankha za kupezeka kwa zolemba pamutuwu, pogwiritsa ntchito Habr ngati gwero. Pafunso la "ZeroTier" pazotsatira zakusaka pali zolemba zitatu zokha zomwe zikutchula, ndipo palibe imodzi yomwe ili ndi kufotokozera mwachidule. Ndipo izi ngakhale kuti pakati pawo pali kumasulira kwa nkhani yolembedwa ndi woyambitsa ZeroTier, Inc. mwiniwake. - .
Zotsatira zake zinali zokhumudwitsa ndipo zidandipangitsa kuti ndiyambe kulankhula za ZeroTier mwatsatanetsatane, ndikupulumutsa "ofunafuna" amakono kuti asapite njira yomwe ndinatenga.
Ndiye ndiwe chiyani?
Wopanga mapulogalamuwa amayika ZeroTier ngati chosinthira chanzeru cha Ethernet chapadziko lapansi.
"Ndi network yogawidwa ya hypervisor yomangidwa pamwamba pa netiweki yotetezedwa yapadziko lonse lapansi ya peer-to-peer (P2P). Chida chofanana ndi chosinthira chamakampani cha SDN, chopangidwa kuti chilinganize ma netiweki owoneka bwino, am'deralo ndi apadziko lonse lapansi, omwe amatha kulumikiza pafupifupi pulogalamu kapena chipangizo chilichonse. β
Izi ndizofotokozera zambiri zamalonda, tsopano zazinthu zamakono.
β Kernel:
ZeroTier Network Hypervisor ndi injini yoyimilira yokhayo yomwe imatsanzira netiweki ya Efaneti, yofanana ndi VXLAN, pamwamba pa netiweki yapadziko lonse lapansi ya encrypted peer-to-peer (P2P).
Ma protocol omwe amagwiritsidwa ntchito mu ZeroTier ndi apachiyambi, ngakhale amafanana ndi VXLAN ndi IPSec ndipo ali ndi zigawo ziwiri zosiyana, koma zogwirizana kwambiri: VL1 ndi VL2.
β
βVL1 ndi gawo loyambira la peer-to-peer (P2P), mtundu wa "virtual cable".
"Malo a data padziko lonse lapansi amafunikira 'chovala chapadziko lonse lapansi' cholumikizira."
Pamanetiweki wamba, L1 (OSI Layer 1) imatanthawuza zingwe zenizeni kapena mawayilesi opanda zingwe omwe amanyamula deta ndi zida za transceiver zomwe zimasintha ndikuzitsitsa. VL1 ndi netiweki ya peer-to-peer (P2P) yomwe imachita zomwezo, pogwiritsa ntchito kubisa, kutsimikizira, ndi njira zina zapaintaneti kukonza zingwe zomwe zikufunika.
Kuphatikiza apo, imachita izi zokha, mwachangu komanso popanda kugwiritsa ntchito wosuta kuyambitsa node yatsopano ya ZeroTier.
Kuti akwaniritse izi, VL1 imakonzedwa mofanana ndi dongosolo la mayina a mayina. Pamtima pa intaneti pali gulu la ma seva omwe amapezeka kwambiri, omwe udindo wawo ndi wofanana ndi wa DNS root name servers. Pakadali pano, ma seva akuluakulu (mapulaneti) ali m'manja mwa wopanga - ZeroTier, Inc. ndipo amaperekedwa ngati ntchito yaulere.
Komabe, ndizotheka kupanga ma seva amizu (luns) omwe amakulolani:
- kuchepetsa kudalira ZeroTier, Inc.;
- kuonjezera zokolola mwa kuchepetsa kuchedwa;
- pitilizani kugwira ntchito ngati mwachizolowezi ngati intaneti yatayika.
Poyamba, ma node amayambitsidwa popanda kulumikizana mwachindunji wina ndi mnzake.
Mnzake aliyense pa VL1 ali ndi adilesi yapadera ya 40-bit (10 hexadecimal) ZeroTier, yomwe, mosiyana ndi ma adilesi a IP, ndi chizindikiritso chobisika chomwe chilibe chidziwitso chamayendedwe. Adilesiyi imawerengedwa kuchokera kugawo lagulu la makiyi agulu/achinsinsi. Adilesi ya node, kiyi ya anthu onse, ndi kiyi yachinsinsi zonse zimapanga chizindikiritso chake.
Member ID: df56c5621c
|
ZeroTier address of nodePonena za kubisa, ichi ndi chifukwa cha nkhani ina.
β
Kuti akhazikitse kulumikizana, anzawo amayamba kutumiza mapaketi "mmwamba" pamtengo wa ma seva a mizu, ndipo mapaketiwa akamadutsa pa netiweki, amayamba kupanga mwachisawawa njira zopita patsogolo panjira. Mtengowo nthawi zonse ukuyesera "kugwa pawokha" kuti udzikonzekeretse pa mapu a njira yomwe imasunga.
Njira yokhazikitsira kulumikizana kwa anzanu ndi anzawo ndi motere:
- Node A ikufuna kutumiza paketi ku Node B, koma popeza sadziwa njira yachindunji, imatumiza kumtunda kwa Node R (mwezi, seva yogwiritsa ntchito).
- Ngati node R ili ndi kulumikizana mwachindunji ndi node B, imatumiza paketi pamenepo. Kupanda kutero, imatumiza paketi kumtunda isanafike ku mizu ya mapulaneti.Mizu ya mapulaneti imadziwa za node zonse, kotero paketiyo imafika pa node B ngati ili pa intaneti.
- Node R imatumizanso uthenga wotchedwa "rendezvous" ku node A, yomwe ili ndi malingaliro a momwe ingafikire node B. Panthawiyi, seva ya mizu, yomwe imatumiza paketi ku node B, imatumiza "rendezvous" yodziwitsa za momwe ingathere. kufika node A.
- Ma Node A ndi B amalandila mauthenga awo ndikuyesa kutumizana mauthenga oyesa kuyesa kuswa NAT kapena ma firewall odziwika omwe akumana nawo panjira. Ngati izi zikugwira ntchito, ndiye kuti kulumikizana kwachindunji kumakhazikitsidwa, ndipo mapaketi sabwereranso mmbuyo.
Ngati kulumikizana kwachindunji sikungakhazikitsidwe, kulumikizana kumapitilira kudzera pa relay, ndipo kuyesa kwachindunji kumapitilira mpaka zotsatira zopambana zitakwaniritsidwa.
VL1 ilinso ndi zinthu zina zokhazikitsira kulumikizana mwachindunji, kuphatikiza kupezeka kwa anzawo a LAN, kulosera zam'madoko pakuyenda kwa IPv4 NAT yofananira, komanso kupanga mapu omveka bwino pogwiritsa ntchito uPnP ndi/kapena NAT-PMP ngati ikupezeka pa LAN yakumaloko.
β
βVL2 ndi VXLAN-ngati Ethernet network virtualization protocol yokhala ndi magwiridwe antchito a SDN. Malo olumikizirana odziwika a OS ndi mapulogalamu ...
Mosiyana ndi VL1, kupanga ma VL2 network (VLANs) ndikulumikiza node kwa iwo, komanso kuwawongolera, kumafuna kutengapo gawo mwachindunji kuchokera kwa wogwiritsa ntchito. Akhoza kuchita izi pogwiritsa ntchito network controller. Kwenikweni, ndi ZeroTier node yokhazikika, pomwe ntchito zowongolera zimayendetsedwa m'njira ziwiri: mwina mwachindunji, mwa kusintha mafayilo, kapena, monga momwe wopanga amalimbikitsira, pogwiritsa ntchito API yofalitsidwa.
Njira iyi yoyendetsera maukonde a ZeroTier siwothandiza kwambiri kwa munthu wamba, chifukwa chake pali ma GUI angapo:
- Mmodzi wochokera kwa wopanga ZeroTier, wopezeka ngati njira ya SaaS yamtambo wapagulu yokhala ndi mapulani anayi olembetsa, kuphatikiza aulere, koma ochepera pazida zoyendetsedwa ndi mulingo wothandizira.
- Yachiwiri ndi yochokera kwa wopanga wodziyimira pawokha, wosavuta kugwiritsa ntchito, koma umapezeka ngati njira yachinsinsi yotsegulira kuti igwiritsidwe ntchito pamalopo kapena pazinthu zamtambo.
VL2 ikugwiritsidwa ntchito pamwamba pa VL1 ndipo imayendetsedwa ndi iyo. Komabe, imatenga cholowa ndi kutsimikizika kwa VL1 endpoint, komanso imagwiritsa ntchito makiyi ake asymmetric kusaina ndikutsimikizira zidziwitso. VL1 imakulolani kuti mugwiritse ntchito VL2 osadandaula ndi topology yomwe ilipo. Ndiko kuti, mavuto okhudzana ndi kulumikizana komanso kuyendetsa bwino njira ndizovuta za VL1. Ndikofunikira kumvetsetsa kuti palibe kulumikizana pakati pa ma VL2 pafupifupi maukonde ndi njira za VL1. Zofanana ndi kuchulukitsa kwa VLAN mu LAN yamawaya, ma node awiri omwe amagawana maumembala angapo amangokhala ndi njira imodzi yokha ya VL1 (virtual cable) pakati pawo.
Netiweki iliyonse ya VL2 (VLAN) imadziwika ndi adilesi ya 64-bit (16 hexadecimal) ZeroTier network, yomwe ili ndi adilesi ya 40-bit ZeroTier ya wowongolera ndi nambala ya 24-bit yozindikiritsa netiweki yopangidwa ndi wowongolerayo.
Network ID: 8056c2e21c123456
| |
| Network number on controller
|
ZeroTier address of controllerNode ikalowa pa netiweki kapena ikapempha kusinthidwa kwa netiweki, imatumiza uthenga wofunsira kasinthidwe (kudzera pa VL1) kwa wowongolera netiweki. Wowongolera ndiye amagwiritsa ntchito adilesi ya VL1 ya node kuti ayipeze pa netiweki ndikutumiza ziphaso zoyenera, zidziwitso, ndi chidziwitso cha kasinthidwe. Pamaso pa ma VL2 pafupifupi ma network, ma adilesi a VL1 ZeroTier amatha kuganiziridwa ngati manambala adoko pakusintha kwakukulu kwapadziko lonse lapansi.
Zidziwitso zonse zoperekedwa ndi oyang'anira ma netiweki kumamembala a netiweki yomwe wapatsidwa zimasainidwa ndi kiyi yachinsinsi ya wowongolera kuti onse omwe atenga nawo gawo pa netiweki awatsimikizire. Zidziwitso zili ndi masitampu anthawi zopangidwa ndi wowongolera, zomwe zimalola kufananitsa popanda kulumikizana ndi wotchi yapagulu.
Zidziwitso zimaperekedwa kwa eni ake okha ndiyeno zimatumizidwa kwa anzawo omwe akufuna kulumikizana ndi ma node ena pamaneti. Izi zimalola ma netiweki kukula mpaka kukula kwakukulu popanda kufunikira kosunga zidziwitso zambiri pama node kapena kulumikizana pafupipafupi ndi wowongolera maukonde.
Maukonde a ZeroTier amathandizira kugawa kwamitundu yambiri kudzera munjira yosavuta yosindikiza/yolembetsa.
β
Pamene node ikufuna kulandira mawayilesi ambiri pagulu linalake logawa, imalengeza umembala mu gululo kwa mamembala ena a netiweki yomwe ikulankhulana ndi woyang'anira maukonde. Node ikafuna kutumiza ma multicast, nthawi yomweyo imapeza zolemba zake zaposachedwa ndipo nthawi ndi nthawi imapempha zofalitsa zina.
Kuwulutsa (Ethernet ff: ff: ff: ff: ff: ff) imatengedwa ngati gulu la multicast lomwe otenga nawo mbali onse amalembetsa. Itha kuyimitsidwa pamlingo wamaneti kuti muchepetse kuchuluka kwa magalimoto ngati sikufunika.
ZeroTier imatsanzira chosinthira chenicheni cha Ethernet. Mfundo imeneyi imatithandiza kuchita zimenezi kuphatikiza maukonde opangidwa pafupifupi ndi maukonde ena Efaneti (waya LAN, WiFi, pafupifupi backplane, etc.) pa mlingo ulalo deta - ntchito Efaneti mlatho wokhazikika.
Kuti akhale ngati mlatho, woyang'anira ma netiweki amayenera kusankha wolandila kukhala wotero. Dongosololi limakhazikitsidwa pazifukwa zachitetezo, popeza omwe ali ndi ma network saloledwa kutumiza magalimoto kuchokera kugwero lina kupatula adilesi yawo ya MAC. Ma Node osankhidwa ngati milatho amagwiritsanso ntchito njira yapadera ya ma multicast algorithm, omwe amalumikizana nawo mwamphamvu komanso molunjika panthawi yolembetsa m'magulu ndikubwerezanso zopempha zonse zapawayilesi ndi zopempha za ARP.
Kusinthaku kumakhalanso ndi kuthekera kopanga maukonde a anthu ndi ad-hoc, makina a QoS ndi mkonzi wa malamulo a netiweki.
β Node:
ZeroTier One ndi ntchito yomwe ikuyenda pa laputopu, ma desktops, maseva, makina enieni ndi zotengera zomwe zimapereka kulumikizana ndi netiweki yeniyeni kudzera pa doko lapaintaneti, lofanana ndi kasitomala wa VPN.
Ntchito ikangokhazikitsidwa ndikuyamba, mutha kulumikizana ndi ma netiweki enieni pogwiritsa ntchito ma adilesi awo okhala ndi manambala 16. Netiweki iliyonse imawoneka ngati doko la netiweki pamakina, omwe amakhala ngati doko la Ethernet wamba.
ZeroTier One ikupezeka pa OS ndi machitidwe otsatirawa.
Os:
- Microsoft Windows - Okhazikitsa MSI x86/x64
- MacOS - PKG okhazikitsa
- apulo iOS - App Store
- Android - Play Store
- Linux - DEB/RPM
- FreeBSD - Phukusi la FreeBSD
NAS:
- Synology NAS
- QNAP NAS
- WD MyCloud NAS
Ena:
- Docker - fayilo ya docker
- OpenWRT - doko la anthu
- Kuyika kwa pulogalamu - SDK (libzt)
Kufotokozera mwachidule zonsezi, ndingazindikire kuti ZeroTier ndi chida chabwino kwambiri komanso chachangu chophatikizira zinthu zanu zakuthupi, zenizeni kapena zamtambo kukhala netiweki wamba wamba, ndikutha kuzigawa kukhala ma VLAN komanso kusakhala ndi vuto limodzi. .
Ndizo za gawo lazambiri mumtundu woyamba wa ZeroTier for Habr - mwina ndizo zonse! M'nkhani yotsatira, ndikukonzekera kuwonetseratu kukhazikitsidwa kwa makina ochezera a pa Intaneti pogwiritsa ntchito ZeroTier, kumene VDS yokhala ndi template yachinsinsi ya GUI idzagwiritsidwa ntchito ngati woyang'anira maukonde.
Wokondedwa owerenga! Kodi mumagwiritsa ntchito ukadaulo wa ZeroTier pama projekiti anu? Ngati sichoncho, ndi zida ziti zomwe mumagwiritsa ntchito polumikizira zinthu zanu?
Source: www.habr.com