在VPS上部署专属的蓝灯Lantern Chained Server服务端简明教程

2015/10/08
蓝灯服务端Lantern Chained Server基于Apache Traffic Server(ATS)实现,相关的文档已经在github上公开,现在你也可以在VPS上部署专属的蓝灯Lantern Chained Server服务端。以下教程以Ubuntu 14.10环境为例。

部署步骤:


1,配置环境
sudo apt-get update
sudo apt-get install -y git libtool tcl openjdk-7-jre-headless openssl

2,生成你的私钥与证书(要在安装ATS之前生成)

CERT_PASS=MY_VERY_OWN_PASSWORD
IP=`ifconfig eth0 | grep "inet addr" | awk -F ':' '{print $2}' | awk '{print $1}'`
keytool -genkeypair -keystore keystore.jks -alias ats -keypass "$CERT_PASS" -storepass "$CERT_PASS" -ext san=ip:$IP -dname 'CN=Seacoasts Furtwngler, O=Poising Parched, L=Bin, S=California, C=US' -startdate -3m-27d -keyalg RSA -keysize 2048 -validity 730
keytool -v -importkeystore -srckeystore keystore.jks -srcalias ats --srcstorepass "$CERT_PASS" -destkeystore keystore.p12 -deststoretype PKCS12 --deststorepass "$CERT_PASS"
openssl pkcs12 -in keystore.p12 -passin pass:"$CERT_PASS" -out key.pem -passout pass:"$CERT_PASS" # key.pem will be used by ATS
keytool -export -alias ats -keystore keystore.jks --storepass "$CERT_PASS" -rfc -file cert.pem # cert.pem will be the in chained server config

3,通过github安装蓝灯Lantern Chained Server服务端 
git clone https://github.com/getlantern/ats
cd ats
sudo AUTH_TOKEN=xxx CERT_FILE=<path of key.pem> CERT_PASS=xxx ./install.sh
4,配置蓝灯Lantern Chained Server服务端
chainedservers:
    my-fallback-server:
      addr: <ip>:443
      pipelined: true
      cert: "<content of cert.pem here>"
      authtoken: "<AUTH_TOKEN here>"
      weight: 1000000
      qos: 10
      trusted: true

5,配置一个简单的Auth
sudo apt-get -y install autoconf libtool pkg-config libssl-dev tcl-dev libxml2-dev libpcre3-dev
(cd ~; wget http://mirror.bit.edu.cn/apache/trafficserver/trafficserver-5.3.1.tar.bz2 && tar jxvf trafficserver-5.3.1.tar.bz2)
# To generate headers required by plugin
(cd ~/trafficserver-5.3.1 && autoreconf -if && ./configure --prefix=/opt/ts)
tsxs -I ~/trafficserver-5.3.1/lib/ts/ -o lantern-auth.so -c lantern-auth.c
最后激活该蓝灯Lantern Chained Server服务
cp lantern-auth.so /opt/ts/libexec/trafficserver
sudo service trafficserver reload

英文来源:https://github.com/getlantern/ats

Related Posts