ksa的内网穿透docker服务端部署

ksa的内网穿透docker服务端部署

1. ksa的docker服务端部署

• 安装docker环境

  • 操作系统基础服务关闭

    # 关闭防火墙
    systemctl stop firewalld
    systemctl disable firewalld
    
    # 关闭selinux
    sed -i 's/enforcing/disabled/' /etc/selinux/config  # 永久
    setenforce 0  # 临时
    

  • 安装docker环境

    wget https://mirrors.aliyun.com/docker-ce/linux/centos/docker-ce.repo -O /etc/yum.repos.d/docker-ce.repo
    yum install -y yum-utils device-mapper-persistent-data   lvm2
    yum -y install docker-ce
    systemctl enable docker && systemctl start docker
    

  • 配置docker镜像下载加速器

    cat > /etc/docker/daemon.json << EOF
    {
      "registry-mirrors": ["https://b9pmyelo.mirror.aliyuncs.com"]
    }
    EOF
    

  • 安装docker的tab补全功能

    yum install -y bash-completion
    

  • 重启docker

    systemctl daemon-reload  && systemctl restart docker
    

• 阿里云镜像拉取

  docker pull registry.cn-chengdu.aliyuncs.com/sc_cd/ksa:latest
  

• ksa进行docker部署

  [root@ansible opt]# docker run -it -d --name ksa --net=host registry.cn-chengdu.aliyuncs.com/sc_cd/ksa:latest
  Unable to find image 'registry.cn-chengdu.aliyuncs.com/sc_cd/ksa:latest' locally
  latest: Pulling from sc_cd/ksa
  2d473b07cdd5: Already exists 
  0c7fef242cb5: Already exists 
  1613ca36083e: Already exists 
  253eaf1e4bc2: Already exists 
  205778bc6bb3: Already exists 
  Digest: sha256:36cde7640d6ca99b8595e3930a8782db3278d130ec3a016ea8080255a7dd4fe1
  Status: Downloaded newer image for registry.cn-chengdu.aliyuncs.com/sc_cd/ksa:latest
  a8a1b7a17c9d2901e614681b1c24fc50e9052dee05eaa8512afadb5f236b223f
  

• 查看ksa的docker运行情况

  [root@ansible opt]# docker run -it -d --name ksa --net=host registry.cn-chengdu.aliyuncs.com/sc_cd/ksa:latest
  cec68f3475c06a6fc11d6a65530b9055c9ff81852e24046196a10171220607f3
  [root@ansible opt]# docker ps -a 
  CONTAINER ID   IMAGE                                               COMMAND                  CREATED         STATUS         PORTS     NAMES
  cec68f3475c0   registry.cn-chengdu.aliyuncs.com/sc_cd/ksa:latest   "/bin/bash -c /run.sh"   2 seconds ago   Up 2 seconds             ksa
  [root@ansible opt]# docker logs cec68f3475c0
  KSA ID:2115671385
  KSA PSK:200022
  KSA SERVER:nat.kanxue.com
  KSA LINK:UDP
  KSA NAT MODE:KERNEL TUN
  KSA SERVER START
  2023-10-24 15:58:40 on_netlink_ev_s:vethbd30cbe 1043 up
  2023-10-24 15:58:40 on_netlink_ev_s:vethbd30cbe 1043 up
  2023-10-24 15:58:40 on_netlink_ev_s:vethbd30cbe 11043 up
  2023-10-24 15:58:40 on_netlink_ev_s:vethbd30cbe 11043 up
  2023-10-24 15:58:40 on_netlink_ev_s:vethbd30cbe 11043 up
  2023-10-24 15:58:40 on_netlink_ev_s:vethbd30cbe 11043 up
  2023-10-24 15:58:40 on_netlink_ev_s:docker0 11043 up
  2023-10-24 15:58:40 on_netlink_ev_s:docker0 1043 up
  2023-10-24 08:13:56 KSA server start...
  2023-10-24 08:13:56 KSA server 2115671385 10.0.0.0/24 started
  2023-10-24 08:13:56 KSA server:nat.kanxue.com/47.92.108.254
  2023-10-24 08:13:56 KSA conn:TLS CONN...
  2023-10-24 08:13:56 KSA server:nat.kanxue.com udp mode:1 port:5000 
  2023-10-24 08:13:56 KSA conn:TLS CONN OK
  2023-10-24 08:13:56 KSA NAT NIC:eth0 172.16.128.59
  2023-10-24 08:13:56 KSA conn:SEVER CONN OK
  2023-10-24 08:13:56 KSA tun dev failed:ksa_eth0 -1
  

  

• 客户端连接测试