蓝灯服务端Lantern Chained Server基于Apache Traffic
Server(ATS)实现,相关的文档已经在github上公开,现在你也可以在VPS上部署专属的蓝灯Lantern Chained
Server服务端。以下教程以DEBIAN/Ubuntu环境为例。
部署步骤:
1,配置环境
2,生成你的私钥与证书(要在安装ATS之前生成)
英文来源:https://github.com/getlantern/ats
-------------
部署步骤:
1,配置环境
sudo apt-get update
sudo apt-get install -y git libtool tcl openjdk-7-jre-headless openssl2,生成你的私钥与证书(要在安装ATS之前生成)
CERT_PASS=MY_VERY_OWN_PASSWORD
IP=`ifconfig eth0 | grep "inet addr" | awk -F ':' '{print $2}' | awk '{print $1}'`
keytool -genkeypair -keystore keystore.jks -alias ats -keypass "$CERT_PASS" -storepass "$CERT_PASS" -ext san=ip:$IP -dname 'CN=Seacoasts Furtwngler, O=Poising Parched, L=Bin, S=California, C=US' -startdate -3m-27d -keyalg RSA -keysize 2048 -validity 730
keytool -v -importkeystore -srckeystore keystore.jks -srcalias ats --srcstorepass "$CERT_PASS" -destkeystore keystore.p12 -deststoretype PKCS12 --deststorepass "$CERT_PASS"
openssl pkcs12 -in keystore.p12 -passin pass:"$CERT_PASS" -out key.pem -passout pass:"$CERT_PASS" # key.pem will be used by ATS
keytool -export -alias ats -keystore keystore.jks --storepass "$CERT_PASS" -rfc -file cert.pem # cert.pem will be the in chained server config
3,通过github安装蓝灯Lantern Chained Server服务端
git clone https://github.com/getlantern/ats
cd ats
sudo AUTH_TOKEN=xxx CERT_FILE=<path of key.pem> CERT_PASS=xxx ./install.shchainedservers:
my-fallback-server:
addr: <ip>:443
pipelined: true
cert: "<content of cert.pem here>"
authtoken: "<AUTH_TOKEN here>"
weight: 1000000
qos: 10
trusted: true
5,配置一个简单的Auth
sudo apt-get -y install autoconf libtool pkg-config libssl-dev tcl-dev libxml2-dev libpcre3-dev
(cd ~; wget http://mirror.bit.edu.cn/apache/trafficserver/trafficserver-5.3.1.tar.bz2 && tar jxvf trafficserver-5.3.1.tar.bz2)
# To generate headers required by plugin
(cd ~/trafficserver-5.3.1 && autoreconf -if && ./configure --prefix=/opt/ts)
tsxs -I ~/trafficserver-5.3.1/lib/ts/ -o lantern-auth.so -c lantern-auth.c
最后激活该蓝灯Lantern Chained Server服务
cp lantern-auth.so /opt/ts/libexec/trafficserver
sudo service trafficserver reload英文来源:https://github.com/getlantern/ats
-------------
Apache Traffic Server
Traffic Server is a high-performance building block for cloud services.
It's more than just a caching proxy server; it also has support for
plugins to build large scale web applications.
1. DIRECTORY STRUCTURE
traffic/ ............... top src dir
|-- ci/ ................ quality assurance and other CI tools and configs
|-- cmd/ ............... various command applications
|-- traffic_cop/ ..
|-- traffic_crashlog/
|-- traffic_ctl/ ... traffic_ctl command line management application
|-- traffic_layout/
|-- traffic_manager/
|-- traffic_top/ ... traffic_top application
|-- traffic_via/ ...
|-- traffic_wccp/ ..
|-- contrib ............ various contributed auxiliary pieces
|-- doc/ ...............
|-- admin/ ......... Admin guide documentations
|-- dot/ ........... Graphviz source files for docs pictures
|-- man/ ........... Unix style man-pages
|-- plugins/ ....... Documentation for our core plugins
|-- sdk/ ........... Plugin developer guide
|-- example/ ........... example plugins
|-- install/ ........... installation programs and scripts
|-- iocore/ ............
|-- aio/ ........... Asynchronous I/O core
|-- cache/ ......... Disk and RAM cache
|-- cluster/ ....... Cache and configuration clustering
|-- dns/ ........... DNS (asynchronous)
|-- hostdb/ ........ Internal DNS cache
|-- net/ ........... Network
|-- lib/ ...............
|-- atscppapi/ ....... C++ api wrapper for plugin developers
|-- records/ ....... library for config files
|-- perl/ .......... Perl libraries for e.g. mgmt access and configurations
|-- ts/ ............ Base / core library
|-- tsconfig/....... New config parser and library (experimental)
|-- wccp/ .......... WCCP implementation
|-- m4/ ................ custom macros for configure.ac
|-- mgmt/ .............. Management server and tools (including traffic_manager)
|-- plugins/ ........... Stable core plugins
|-- experimental/ .. Experimental core plugins
|-- proxy/ ............. HTTP proxy logic
|-- api/ ........... Plugin API includes
|-- config/ ........ Configurations
|-- congest/ ....... Congestion control
|-- hdrs/ .......... Headers parsing and management
|-- http/ .......... The actual HTTP protocol implementation
|---http2/ ......... HTTP/2 implementation
|-- logging/ ....... Flexible logging
|-- README ............. intro, links, build info
|-- README-EC2 ......... info on EC2 support
|-- REVIEWERS .......... (incomplete) list of areas with committer interest
|-- LICENSE ............ full license text
`-- NOTICE ............. copyright notices
2. REQUIREMENTS
This section outlines build requirements for different OS
distributions. This may be out of date compared to the on-line
requirements at
<https://cwiki.apache.org/confluence/display/TS/Building>.
As of ATS v7.0.0 and later, gcc 4.8.1 or later is required, since we now use
and require the C++11 standard.
Fedora / CentOS / RHEL:
autoconf
automake
libtool
pkgconfig
perl-ExtUtils-MakeMaker
gcc/g++ or clang/clang++
openssl-devel
tcl-devel
expat-devel
pcre-devel
ncurses-devel and libcurl-devl(optional, needed for traffic_top)
libcap-devel (optional, highly recommended)
hwloc-devel (optional, highly recommended)
flex (optional, needed for e.g. WCCP)
Ubuntu / Debian
autoconf
automake
libtool
pkg-config
libmodule-install-perl
gcc/g++ or clang/clang++
libssl-dev
tcl-dev
expat
libexpat-dev
libpcre3-dev
libcap-dev (optional, highly recommended)
libhwloc-dev (optional, highly recommended)
libncurses5-dev (optional, required for e.g.: traffic_top)
libcurl4-openssl-dev (optional, required for e.g.: traffic_top)
flex (optional, required for e.g. WCCP)
OSX (we recommend HomeBrew):
autoconf
automake
pkgconfig
libtool
tcl
expat
openssl
pcre
FreeBSD
devel/gmake
devel/autoconf
devel/automake
devel/pkgconf
devel/libtool
lang/tcl85
textproc/expat (or expat2)
security/openssl
devel/pcre
textproc/flex (optional, install newer version from ports, fix PATH)
devel/hwloc (optional, highly recommended)
OmniOS:
developer/gcc46
developer/build/gnu-make
developer/build/autoconf
developer/build/automake-111
developer/build/libtool
omniti/runtime/tcl-8
library/expat
library/security/openssl
library/pcre
3. Building from distribution
You can download the latest source code from the official Apache Traffic
Server site:
http://trafficserver.apache.org/downloads
(or via the URL shortener: http://s.apache.org/uG). Once downloaded,
follow the instructions:
tar xf trafficserver-2.1.8-unstable.tar.bz2
cd trafficserver-2.1.8-unstable
./configure # configure the build environment to create Makefiles
make # execute the compile
This will build with a destination prefix of /usr/local. You can finish
the installation with
sudo make install
4. BUILDING FROM GIT REPO
mkdir -p ~/dev # make yourself a development dir
cd ~/dev # enter your development dir
git clone ... # get the source code from ASF Git repo
cd trafficserver # enter the checkout dir
autoreconf -if # generate the configure script and Makefile.in files
./configure # configure the build environment to create Makefiles
make # execute the compile
4b. Instructions for building on EC2
NOTE: Alternately you may use the scripts under 'contrib' which will
automate the install for trafficserver under EC2 which is
HIGHLY RECOMMENDED. See 'README-EC2' for further details.
# As root do the following when using Ubuntu
mkdir -p /mnt #EC2 Storage Mount, where storage is located
cd /mnt
git clone ... # get the source code from ASF Git repo
cd trafficserver # enter the checkout dir
autoreconf -i --force # generate the configure script and Makefile.in files
./configure
make
# As root do the following when using Fedora Core 8 kernel
mkdir -p /mnt #EC2 Storage Mount, where storage is located
cd /mnt
git clone ... # get the source code from ASF Git repo
cd trafficserver # enter the checkout dir
autoreconf -i --force # generate the configure script and Makefile.in files
./configure --disable-eventfd
make
4c. Instructions for building on FreeBSD
The only difference is how to run configure and make:
MAKE=gmake ./configure # make sure that gmake is the make we use
gmake
5. INSTALLATION
DEFAULT DIR CONTENTS
/usr/local/var/log/trafficserver log files created at runtime
/usr/local/var/trafficserver runtime files
/usr/local/etc/trafficserver configuration files
/usr/local/bin executable binaries
/usr/local/libexec/trafficserver plugins
6. CRYPTO NOTICE
This distribution includes cryptographic software. The country in
which you currently reside may have restrictions on the import,
possession, use, and/or re-export to another country, of
encryption software. BEFORE using any encryption software, please
check your country's laws, regulations and policies concerning the
import, possession, or use, and re-export of encryption software, to
see if this is permitted. See <http://www.wassenaar.org/> for more
information.
The U.S. Government Department of Commerce, Bureau of Industry and
Security (BIS), has classified this software as Export Commodity
Control Number (ECCN) 5D002.C.1, which includes information security
software using or performing cryptographic functions with asymmetric
algorithms. The form and manner of this Apache Software Foundation
distribution makes it eligible for export under the License Exception
ENC Technology Software Unrestricted (TSU) exception (see the BIS
Export Administration Regulations, Section 740.13) for both object
code and source code.
The following provides more details on the included cryptographic
software:
The functionality of OpenSSL <http://www.openssl.org/> is
utilized in parts of the software.
7. ADDITIONAL INFO
Web page: https://trafficserver.apache.org/
Wiki: http://cwiki.apache.org/confluence/display/TS/
from https://github.com/apache/trafficserver
