Setup n2n-supernode » Historie » Version 1
Jeremias Keihsler, 12.01.2017 09:56
| 1 | 1 | Jeremias Keihsler | h1. Install n2n-Supernode |
|---|---|---|---|
| 2 | |||
| 3 | h2. Requirements |
||
| 4 | |||
| 5 | To install n2n you will need the following: |
||
| 6 | * a installed and supported operating system (e.g. CentOS 6.x) |
||
| 7 | * root-access |
||
| 8 | * EPEL repository |
||
| 9 | * a fast internet connection |
||
| 10 | |||
| 11 | h2. Preliminary note |
||
| 12 | |||
| 13 | most of this is taken from |
||
| 14 | * [[http://www.ntop.org/products/n2n/]] |
||
| 15 | * [[https://github.com/lukablurr/n2n_v2_fork/blob/master/doc/multiple-supernodes.pdf]] |
||
| 16 | * [[http://listgateway.unipi.it/mailman/listinfo/n2n]] |
||
| 17 | * [[http://listgateway.unipi.it/pipermail/n2n/2009-October/000300.html]] |
||
| 18 | |||
| 19 | h2. Install |
||
| 20 | |||
| 21 | <pre><code class="bash"> |
||
| 22 | yum install n2n |
||
| 23 | </code></pre> |
||
| 24 | |||
| 25 | h2. manual testing |
||
| 26 | |||
| 27 | h3. starting Supernode |
||
| 28 | |||
| 29 | <pre><code class="bash"> |
||
| 30 | supernode -l 5422 |
||
| 31 | </code></pre> |
||
| 32 | |||
| 33 | h3. setting up firewall |
||
| 34 | |||
| 35 | in order to access the supernode from one of the edge-clients the given UDP-port must be accessible from outside. Therefore we need to open the firewall. |
||
| 36 | <pre><code class="bash"> |
||
| 37 | system-config-firewall-tui |
||
| 38 | </code></pre> |
||
| 39 | |||
| 40 | h2. running n2n-Supernode as a service |
||
| 41 | |||
| 42 | if everything is working as expected we maybe want n2n-Supernode to survive a system-reboot. |
||
| 43 | |||
| 44 | The following should work without modification for RHEL/CentOS linux and similar: |
||
| 45 | |||
| 46 | Create a folder /etc/n2n and create configuration files (as described below) using following file name format: |
||
| 47 | |||
| 48 | <pre><code class="bash"> |
||
| 49 | mkdir /etc/n2n |
||
| 50 | </code></pre> |
||
| 51 | |||
| 52 | <pre><code class="bash"> |
||
| 53 | supernode-gw1.example.com |
||
| 54 | supernode-gw2.example.com |
||
| 55 | supernode-*.example.com |
||
| 56 | </code></pre> |
||
| 57 | |||
| 58 | The interesting contents of supernode-gw1.example.com would look similar to this: |
||
| 59 | |||
| 60 | <pre><code class="bash"> |
||
| 61 | vim /etc/n2n/supernode-gw1.example.com |
||
| 62 | </code></pre> |
||
| 63 | <pre> |
||
| 64 | # == supernode config values parsed by /etc/rc.d/init.d/edged == |
||
| 65 | # Read 'man supernode' for details about these values... |
||
| 66 | # |
||
| 67 | # Example port number to listen on... |
||
| 68 | N2N_PORT="8765" |
||
| 69 | |||
| 70 | # Verbose or not (-v logs to std out)... |
||
| 71 | # N2N_OPTS="-v" |
||
| 72 | N2N_OPTIONS="" |
||
| 73 | # === end supernode-gw1.example.com config file |
||
| 74 | ========== |
||
| 75 | </pre> |
||
| 76 | |||
| 77 | Read comments in the scripts below to make more sense out of how they work. |
||
| 78 | |||
| 79 | Here are copies of some scripts that work when used with configuration files as described above: |
||
| 80 | |||
| 81 | <pre><code class="bash"> |
||
| 82 | vim /etc/init.d/supernoded |
||
| 83 | </code></pre> |
||
| 84 | <pre> |
||
| 85 | #!/bin/sh |
||
| 86 | # $Id: supernoded.init,v 1.9 2009/10/23 12:34:56 |
||
| 87 | # n2n supernode startup script. |
||
| 88 | # |
||
| 89 | # chkconfig: 345 96 26 |
||
| 90 | # processname: supernode |
||
| 91 | # pidfile: /var/run/n2n-supernode.pid |
||
| 92 | # |
||
| 93 | # short-description: Provides client-to-client VPN access via Internet |
||
| 94 | # description: This is startup script for n2n 'edge', |
||
| 95 | # n2n edge + supernode provide internet connection for vpn peers |
||
| 96 | # |
||
| 97 | # SEE: |
||
| 98 | # for more options n2n 'man edge' and 'man supernode' |
||
| 99 | # |
||
| 100 | # NOTE: |
||
| 101 | # Option to enter 'debug' as second var: e.g 'supernode start debug' |
||
| 102 | # Using grep -w switch searches for whole word reduces ambiguity |
||
| 103 | # Comment in/out the 'echo' stuff depending if thigs work as expected |
||
| 104 | # Config files located/named in: /etc/n2n/supernode-your.example.com |
||
| 105 | # Assumes CentOS linux init scripts located in /etc/rc.d/init.d/ |
||
| 106 | # |
||
| 107 | # Created: FOOFORCE RB 2009-10-24 |
||
| 108 | # License GPL: free to copy, improve and use. |
||
| 109 | # http://fuji.unipi.it/pipermail/n2n/2009-October/000300.html |
||
| 110 | # |
||
| 111 | ========================================================= |
||
| 112 | |||
| 113 | # ==== main init script variables |
||
| 114 | ========================= |
||
| 115 | # Make sure you include path where 'supernode' + sh + tools are installed.. |
||
| 116 | # PATH="/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin" |
||
| 117 | PATH="/sbin:/bin:/usr/sbin:/usr/bin" |
||
| 118 | |||
| 119 | # The name + path to the program/daemon... |
||
| 120 | NAME="supernode" |
||
| 121 | DAEMON="/usr/sbin/${NAME}" |
||
| 122 | |||
| 123 | # Modify $NAME to filter on 'grep -w [s]supernode' - faster than 'grep -v grep'... |
||
| 124 | GREPNAME=$(echo "[s]${NAME#s}") |
||
| 125 | |||
| 126 | # Enable some simple debug messages when running this script... |
||
| 127 | if [[ "${2}" == "debug" ]]; then |
||
| 128 | echo "DEBUG: ${GREPNAME}" |
||
| 129 | fi |
||
| 130 | |||
| 131 | PIDFILE="/var/run/supernode.pid" |
||
| 132 | LOGFILE="/var/log/n2n-${NAME}.log" |
||
| 133 | STAMP=$(/bin/date +"%d/%b/%Y %H:%M:%S") |
||
| 134 | |||
| 135 | # Get the host/domain name to identify local configfile.. |
||
| 136 | HOST=$(/bin/hostname) |
||
| 137 | FQDN=$(/bin/hostname -f) |
||
| 138 | |||
| 139 | # Initialise configfile variable to empty value... |
||
| 140 | CONFIGDIR="/etc/n2n" |
||
| 141 | |||
| 142 | # Initialise configfile variable to empty value... |
||
| 143 | CONFIGFILE="" |
||
| 144 | |||
| 145 | # Source function library. |
||
| 146 | . /etc/rc.d/init.d/functions |
||
| 147 | |||
| 148 | # Load values from configfile using our local domain name: |
||
| 149 | # Example: |
||
| 150 | # Our local FQDN = 'myhost.example.com' |
||
| 151 | # Our configfile = 'supernode-myhost.example.com' |
||
| 152 | # |
||
| 153 | # if [[ "${HOST}" == "" ]]; then |
||
| 154 | if [[ "${FQDN}" == "" ]]; then |
||
| 155 | echo " ERROR: Missing ${FQDN} hostname in config file /etc/rc.d/init.d/${NAME}" |
||
| 156 | exit 1 |
||
| 157 | else |
||
| 158 | CONFIGFILE="/etc/n2n/supernode-${FQDN}" |
||
| 159 | fi |
||
| 160 | |||
| 161 | if [[ -f "${CONFIGFILE}" ]]; then |
||
| 162 | # Get values from local configuration file... |
||
| 163 | if [[ "${2}" == "debug" ]]; then |
||
| 164 | echo " Found config file: ${CONFIGFILE}" |
||
| 165 | fi |
||
| 166 | . ${CONFIGFILE} |
||
| 167 | else |
||
| 168 | echo "ERROR: Missing config file ${CONFIGFILE}" |
||
| 169 | exit 1 |
||
| 170 | fi |
||
| 171 | |||
| 172 | # See if pid file exists and get pid number... |
||
| 173 | if [[ -f "${PIDFILE}" ]]; then |
||
| 174 | CURPID=$(cat ${PIDFILE}) |
||
| 175 | fi |
||
| 176 | |||
| 177 | # Quit if we can't find application... |
||
| 178 | test -f ${DAEMON} || exit 0 |
||
| 179 | |||
| 180 | set -e |
||
| 181 | |||
| 182 | # Set any value to enable this script... |
||
| 183 | # N2N_RUN=1 |
||
| 184 | # |
||
| 185 | # test -n "${N2N_RUN}" || exit 0 |
||
| 186 | |||
| 187 | # Optionaly change into n2n config directory... |
||
| 188 | if [[ -d "${CONFIGDIR}" ]]; then |
||
| 189 | cd ${CONFIGDIR} |
||
| 190 | fi |
||
| 191 | # |
||
| 192 | ======================================================== |
||
| 193 | # Should not need to change much below here... |
||
| 194 | # ==== see how we were called + act accordingly |
||
| 195 | ========= |
||
| 196 | |||
| 197 | if [ "${N2N_PORT}" == "" ]; then |
||
| 198 | N2N_PORT="1304" |
||
| 199 | echo "No port specified in ${CONFIGFILE} - using default port: ${N2N_PORT}" |
||
| 200 | fi |
||
| 201 | |||
| 202 | case "${1}" in |
||
| 203 | start) |
||
| 204 | # echo " ${NAME} ${1} process is ${0} on pid: ${$})..." |
||
| 205 | echo "${STAMP} start n2n /etc/rc.d/init.d/${NAME}" >> ${LOGFILE} |
||
| 206 | |||
| 207 | if [[ -n "${CURPID}" ]]; then |
||
| 208 | echo " A PID:${CURPID} already exists for ${0}:" |
||
| 209 | echo " To re-start with current config settings, run '$0 stop' then '$0 start' ..." |
||
| 210 | else |
||
| 211 | if [ -d /var/lock/subsys ] ; then |
||
| 212 | touch /var/lock/subsys/${NAME}; |
||
| 213 | fi |
||
| 214 | |||
| 215 | # |
||
| 216 | ============================================== |
||
| 217 | # All variables read from ${CONFIGFILE}... |
||
| 218 | # If variable value not empty then add command-line switch to variable... |
||
| 219 | if [[ -n "${N2N_PORT}" ]]; then |
||
| 220 | N2N_PORT="-l ${N2N_PORT}"; |
||
| 221 | fi |
||
| 222 | |||
| 223 | # next line for debug: |
||
| 224 | if [[ "${2}" == "debug" ]]; then |
||
| 225 | echo " DEBUG: ${DAEMON} ${N2N_PORT} ${N2N_OPTIONS}" |
||
| 226 | fi |
||
| 227 | |||
| 228 | # Execute the command + switches + values sources from config file... |
||
| 229 | echo -n $"Starting $NAME: " |
||
| 230 | ${DAEMON} ${N2N_PORT} ${N2N_OPTIONS} >> ${LOGFILE} & |
||
| 231 | RETVAL=$? |
||
| 232 | |||
| 233 | [ $RETVAL -eq 0 ] && echo_success |
||
| 234 | [ $RETVAL -ne 0 ] && echo_failure |
||
| 235 | echo |
||
| 236 | |||
| 237 | # |
||
| 238 | =========================================== |
||
| 239 | if [[ "${2}" == "debug" ]]; then |
||
| 240 | echo " NOTICE: Creating new ${NAME} pidfile - deleting old ${CURPID}..." |
||
| 241 | fi |
||
| 242 | |||
| 243 | rm -f ${PIDFILE} |
||
| 244 | touch ${PIDFILE} |
||
| 245 | |||
| 246 | for PID in $(ps ax | grep -w "${GREPNAME}" | grep -v "(restart|stop|start)" | awk '{ print $1 }'); do |
||
| 247 | if [[ "${2}" == "debug" ]]; then |
||
| 248 | echo " Saving into pidfile - new pid: ${PID}" |
||
| 249 | fi |
||
| 250 | echo ${PID} >> ${PIDFILE} |
||
| 251 | done |
||
| 252 | fi |
||
| 253 | ;; |
||
| 254 | stop) |
||
| 255 | # echo " DEBUG: Searching for at least one live process id..." |
||
| 256 | PID=$(ps ax | grep -w "${GREPNAME}" | grep -v "(restart|stop|start)" | awk '{ print $1 }') |
||
| 257 | |||
| 258 | if [[ "${2}" == "debug" ]]; then |
||
| 259 | echo " This ${NAME} ${1} init query ${0} is running on pid: ${$}) for ${PID}..." |
||
| 260 | fi |
||
| 261 | |||
| 262 | # echo " ${NAME} ${1} process is ${0} on pid: ${$})..." |
||
| 263 | echo "${STAMP} stop /etc/rc.d/init.d/${NAME}" >> ${LOGFILE} |
||
| 264 | |||
| 265 | # echo " NOTICE: Kill name:${NAME} pid:${pid} before stopping..." |
||
| 266 | # kill -9 $(cat /var/run/${NAME}_pid) && rm /var/run/${NAME}_pid |
||
| 267 | |||
| 268 | # If a pid value found in file or in process id, then kill it... |
||
| 269 | if [[ -n "${PID}" ]]; then |
||
| 270 | echo -n $"Stopping ${NAME}: " |
||
| 271 | # kill -9 $(cat /var/run/${NAME}.pid) && rm /var/run/${NAME}.pid |
||
| 272 | kill ${PID} |
||
| 273 | RETVAL=$? |
||
| 274 | sleep 4s |
||
| 275 | rm -f ${PIDFILE} |
||
| 276 | if [ $RETVAL -eq 0 ] ; then |
||
| 277 | echo_success |
||
| 278 | echo |
||
| 279 | else |
||
| 280 | echo_failure |
||
| 281 | echo |
||
| 282 | fi |
||
| 283 | else |
||
| 284 | # Else assume stale pid... |
||
| 285 | if [[ "${2}" == "debug" ]]; then |
||
| 286 | echo " NOTICE: No current active process ${PID}..." |
||
| 287 | fi |
||
| 288 | |||
| 289 | if [[ -f "${PIDFILE}" ]]; then |
||
| 290 | rm -f "${PIDFILE}" |
||
| 291 | fi |
||
| 292 | fi |
||
| 293 | |||
| 294 | # Indiscriminate pid killer... |
||
| 295 | # for PID in $(ps ax | grep -w ${NAME} | grep -v stop | awk '{ print $1 }'); do |
||
| 296 | # echo " Killing currently active ${NAME} pid(s): ${PID}" |
||
| 297 | # # kill -HUP $PID |
||
| 298 | # kill ${PID} |
||
| 299 | # done |
||
| 300 | |||
| 301 | if [ -f /var/lock/subsys/${NAME} ]; then |
||
| 302 | if [[ "${2}" == "debug" ]]; then |
||
| 303 | echo " Removing stale lock..." |
||
| 304 | fi |
||
| 305 | rm -f /var/lock/subsys/${NAME} |
||
| 306 | fi |
||
| 307 | |||
| 308 | if [ -f "${PIDFILE}" ]; then |
||
| 309 | echo " Removing stale pidfile..." |
||
| 310 | rm -f ${PIDFILE} |
||
| 311 | fi |
||
| 312 | ;; |
||
| 313 | restart) |
||
| 314 | echo "* Re-start ${NAME}..." |
||
| 315 | ${0} stop ${2} |
||
| 316 | |||
| 317 | # Not a race... |
||
| 318 | sleep 4s |
||
| 319 | |||
| 320 | ${0} start ${2} |
||
| 321 | ;; |
||
| 322 | status) |
||
| 323 | # status ${NAME} |
||
| 324 | |||
| 325 | if [[ "${2}" == "debug" ]]; then |
||
| 326 | echo " This init script ${NAME} ${1} query ${0} is running on pid: ${$})..." |
||
| 327 | fi |
||
| 328 | |||
| 329 | PID=$(ps ax | grep -w "${GREPNAME}" | grep -v status | awk '{ print $1 }') |
||
| 330 | |||
| 331 | # If at least one active session then find all... |
||
| 332 | if [[ -n "${PID}" ]]; then |
||
| 333 | for PID in $(ps ax | grep -w "${GREPNAME}" | grep -v status | awk '{ print $1 }'); do |
||
| 334 | if [[ -n "${PID}" ]]; then |
||
| 335 | echo "${NAME} (pid ${PID}) is running..." |
||
| 336 | else |
||
| 337 | echo "${NAME} is stopped" |
||
| 338 | fi |
||
| 339 | done |
||
| 340 | else |
||
| 341 | echo "${NAME} is stopped" |
||
| 342 | fi |
||
| 343 | ;; |
||
| 344 | *) |
||
| 345 | echo " Usage: ${0} {start|stop|status|restart|any debug}" >&2 |
||
| 346 | exit 1 |
||
| 347 | ;; |
||
| 348 | esac |
||
| 349 | exit 0 |
||
| 350 | # === end supernoded |
||
| 351 | ================================ |
||
| 352 | </pre> |
||
| 353 | |||
| 354 | make init-script executeable |
||
| 355 | <pre><code class="bash"> |
||
| 356 | chmod +x /etc/init.d/supernoded |
||
| 357 | </code></pre> |
||
| 358 | |||
| 359 | Using CentOS tools to activate the systemV init scripts: |
||
| 360 | <pre><code class="bash"> |
||
| 361 | chkconfig --add supernoded |
||
| 362 | chkconfig supernoded on |
||
| 363 | </code></pre> |
||
| 364 | |||
| 365 | Command line syntax: |
||
| 366 | <pre><code class="bash"> |
||
| 367 | service supernoded [start|stop|restart|any debug] |
||
| 368 | </code></pre> |
||
| 369 | For example: |
||
| 370 | <pre><code class="bash"> |
||
| 371 | service supernoded restart |
||
| 372 | </code></pre> |
||
| 373 | … OR… |
||
| 374 | <pre><code class="bash"> |
||
| 375 | service supernoded restart debug |
||
| 376 | </code></pre> |
||
| 377 | provides some extra clues. |