背景:
為什麼要安裝vpn,因為vpn能幫我們打通網路,極大的方便我們開發除錯和執行維護,不用把所有的內部埠都暴露到外面主機上。掛上vpn,就可以進行本機除錯和開發。
1.安裝vpn
從應用商店搜尋vpn,如下圖
選擇OpenVPN for Rancher with "Rancher local" authentication 這個,也就是第四個,點選詳情進去
2.服務端配置vpn
啟動完之後,修改服務端配置,
點選右上角【升級】按鈕,
一定要記得修改,AUTHRANCHERLOCALURL 這個後面會驗證使用者名稱和密碼需要用到。將http[s]://hostname[:port] 改成自己訪問rancher的地址,然後點選升級
3.客戶端配置
客戶端新建配置檔案rancher_product.ovpn,內容如下
remote 118.191.2.218 1194clientdev tunproto tcpremote-randomresolv-retry infinitecipher AES-128-CBCauth SHA1nobindlink-mtu 1500persist-keypersist-tuncomp-lzoverb 3auth-user-passauth-retry interactns-cert-type server<ca>-----BEGIN CERTIFICATE-----MIIEmzCCA4OgAwIBAgIJANYjZIooTEHeMA0GCSqGSIb3DQEBCwUAMIGPMQswCQYDVQQGEwJVUzELMAkGA1UECBMCQUwxEzARBgNVBAcTCkJpcm1pbmdoYW0xDTALBgNVBAoTBEFDTUUxCzAJBgNVBAsTAklUMRAwDgYDVQQDEwdBQ01FIENBMRAwDgYDVQQpEwdFYXN5UlNBMR4wHAYJKoZIhvcNAQkBFg9mb29AZXhhbXBsZS5jb20wHhcNMjAwMzA5MDczOTU5WhcNMzAwMzA3MDczOTU5WjCBjzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkFMMRMwEQYDVQQHEwpCaXJtaW5naGFtMQ0wCwYDVQQKEwRBQ01FMQswCQYDVQQLEwJJVDEQMA4GA1UEAxMHQUNNRSBDQTEQMA4GA1UEKRMHRWFzeVJTQTEeMBwGCSqGSIb3DQEJARYPZm9vQGV4YW1wbGUuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx/ua+3SFRCmSjHti5B/fspH4GfpfWiNrJmcDoLjm42hDIEkVbdXvHBuCeJF9jak31u7PsVtn9nAbAD+9GLZaC/92jiYvDDuu6p0Dw7xy8l0Q8mZu67zMjS29ofd9PEqAps6fJ3GR1J4LGrAner6oAgAMfop3CGmMAxWKtXCRLFILUoFrH9Zt+eEubb6wnIidlDHBCaFzU55ru0Pb16W/9IKT7k15UFiKCfbMc/4iH3WIi0GS+Z3mEztQDlOciogx5LXntTRXMlc/M15dB8uz9AZAdqQnUAGXQ3NNgVeUC+1cfh94jSyFzSQ5iCGvr6dmERm+6hIgD2n086wKn0DxtwIDAQABo4H3MIH0MB0GA1UdDgQWBBQOoMICoTXLuswJjjpIr6QpFDN3RTCBxAYDVR0jBIG8MIG5gBQOoMICoTXLuswJjjpIr6QpFDN3RaGBlaSBkjCBjzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAkFMMRMwEQYDVQQHEwpCaXJtaW5naGFtMQ0wCwYDVQQKEwRBQ01FMQswCQYDVQQLEwJJVDEQMA4GA1UEAxMHQUNNRSBDQTEQMA4GA1UEKRMHRWFzeVJTQTEeMBwGCSqGSIb3DQEJARYPZm9vQGV4YW1wbGUuY29tggkA1iNkiihMQd4wDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAOCAQEACRwZqpNxswkVPfSnWMbe5Gdsq8ZYSGSFJVpSD+NZ9y4LVGAZKcKWzax2ifUVBTGUjU1VWrC6ufx58SD63vpJ+T1/kx3SJ5TH41zEUmCVEITfFFcl9e6qhzx1YA1zuJ6OfvX5XGNAqUFkqY6jxDUVh8OAYJWWqxbiME9FtQSCwCaPRqPWePoaLb2Vczueu7MI9RdcGqFCDgGgiv9OVZldERsDwqsEpVEJXXAmWs/ZhR4MmKhO5Hz5yei9ysfrP5ZnN6XxSURpY5kv7HWFloE4lJgJhQ6n3ul+BMObE+oI6KZB1hX+u20RJ/SpSyEew4o7OR/tttznE6hNS5THPJtELQ==-----END CERTIFICATE-----</ca>複製程式碼配置完之後匯入tunnelblick
4.驗證
啟動客戶端tunnelblick
點選連結,連線成功之後,日誌顯示
2020-03-16 16:28:24.021898 MANAGEMENT: >STATE:1584347304,CONNECTED,SUCCESS,10.43.0.6,118.190.1.218,1194,192.168.13.115,637132020-03-16 16:28:24.175641 *Tunnelblick: Could not determine this computer's apparent public IP address before the connection was completed2020-03-16 16:28:24.246528 *Tunnelblick: DNS address 169.254.169.250 is being routed through the VPN2020-03-16 16:28:27.869402 *Tunnelblick: process-network-changes: A system configuration change was ignored2020-03-16 16:46:34.715189 *Tunnelblick: process-network-changes: A system configuration change was ignored2020-03-16 16:51:18.458545 *Tunnelblick: process-network-changes: A system configuration change was ignored複製程式碼開啟終端驗證一下網路是否聯通,
說明已經連線了,大功告成