Practical Guide for Full Network Interoperability of Flying Squirrel Remote Networking Tools

Practical Guide to Full Network Interoperability of Flying Squirrel Remote Networking Tools

  • 1. Introduction to Flying Squirrel’s remote networking tools
    • 1.1 Introduction to Flying Squirrel Tools
    • 1.2 Flying Squirrel Tools official website
  • 2. Introduction to this practice
    • 2.1 Prerequisites for this practice
    • 2.2 Introduction to this practice
    • 2.3 Environmental planning for this practice
  • 3. Remote networking configuration
    • 3.1 Enter the central controller node management background
    • 3.2 Network card settings
    • 3.3 Enter the subnet node management background
    • 3.4 Network card settings
  • 4. Local router settings
    • 4.1 Log in to the local router
    • 4.2 Configure static routing
  • 5. Enable traffic forwarding
    • 5.1 Central controller node server configuration work
    • 5.2 Subnet node server configuration work
  • 6. Test network communication
    • 6.1 Test the local client 01ping the Alibaba Cloud server intranet IP
    • 6.2 Test the local client 02ping the Alibaba Cloud server intranet IP
  • 7. Deploy kodbox application
    • 7.1 Remotely connect to the central controller node server
    • 7.2 Create mounting directory
    • 7.3 Edit the docker-compose.yaml file
    • 7.4 Create kodbox application
    • 7.5 Check kodbox container status
    • 7.6 Check kodbox container logs
  • 8. Security settings check
    • 8.1 Firewall settings
    • 8.2 Cloud server release port
  • 9. Initial configuration of kodbox
    • 9.1 Enter the initial configuration page
    • 9.2 Environmental inspection
    • 9.3 Database configuration
    • 9.4 Account settings
    • 9.5 Complete initial configuration
  • 10. Local access to kodbox application
    • 10.1 Log in to kodbox
    • 10.2 Access the kodbox application
  • 11. Related links

1. Introduction to Flying Squirrel remote networking tool

1.1 Introduction to Flying Squirrel Tool

Flying Squirrel Remote Networking Tool is a powerful tool that can break through geographical restrictions and achieve efficient remote networking. It uses the standard OSPF routing protocol, has cross-platform compatibility, and can meet the needs of remote networking between large batches of data centers.

1.2 Flying Squirrel Tools Official Website

Feishuwg official website: https://www.feishuwg.com/

2. Introduction to this practice

2.1 Prerequisites for this practice

The premise for this practice is that the preliminary environment for flying squirrel’s remote networking has been set up.

  • Reference blog post:

Basic usage tutorial of Flying Squirrel remote networking tool

2.2 Introduction to this practice

1. This practice is to open up the network between two LANs;
2. The two LANs used in this practice are the local LAN and the Alibaba Cloud VPC private network;
3. The Alibaba Cloud server is the central controller node server, and Kedao cloud services are deployed on it;
4. The local LAN can access Kedao cloud services through the intranet IP of the cloud server.

2.3 Environmental planning for this practice

hostname IP address Operating system version Server category Role Remarks
cloud Intranet IP: 172.22.48.72, public IP: 120.79. 233.45 ubuntu22.04 Alibaba Cloud Server Central Controller (master) Alibaba Cloud VPC private network: 172.22. 48.0/24
jeven 192.168.3.246 ubuntu22.04 Local server Subnet node Local LAN: 192.168.3.0/24
docker 192.168.3.127 centos 7.6 Local server Local client 01 Local LAN: 192.168.3.0/24
mywin10 192.168.3.168 win10 Local client 02 192.168.3.0/24

3. Remote networking configuration

3.1 Enter the central controller node management background

Access address: https://120.79.233.45:8088/, replace the IP address with the public IP address in your environment.

3.2 Network card settings

Remote networking – routing – network card settings, select the local network card to start, here is the eth0 local network card.

3.3 Enter the subnet node management background

Access address: https://192.168.3.246:8088/, replace the IP address with the IP address of the subnet node in your environment.

3.4 Network card settings

In the subnet node management background, select Remote Networking – Routing – Network Card Settings, and save the local startup. Here is the ens18 local network card.

4. Local router setup work

4.1 Log in to the local router

Log in to the local LAN router. This is an ASUS router. IP address: 192.168.3.254


4.2 Configuring static routing

On the ASUS router management page, Advanced settings – Internal network (LAN), select router settings, enable the static route list, and add static routes. After adding, click “Apply settings on this page” and wait for the router to reload the network.

5. Enable traffic forwarding

5.1 Central controller node server configuration work

Remotely connect to the central controller node server and execute the following command to enable traffic forwarding. This command means to set the system’s default forwarding policy to ACCEPT, that is, all data packets will be forwarded.

iptables -P FORWARD ACCEPT

List the firewall rules and find that the forwarding policy has been successfully set to ACCEPT.

iptables -L -n

5.2 Subnet node server configuration work

Remotely connect to the subnet node server and execute the following command to enable traffic forwarding. This command means to set the system’s default forwarding policy to ACCEPT, that is, all data packets will be forwarded.

iptables -P FORWARD ACCEPT

List the firewall rules and find that the forwarding policy has been successfully set to ACCEPT.

iptables -L -n

6. Test network communication

6.1 Test local client 01ping Alibaba Cloud server intranet IP

On the local client 01: 192.168.3.127, ping the Alibaba Cloud intranet: 172.22.48.72. You can see that the ping has been successful.

ping 172.22.48.72


Note: If you want Alibaba Cloud’s VPC private network to be able to ping the host on the local intranet: 192.168.3.0/24, you need to configure a static route on Alibaba Cloud’s VPC. You can configure it yourself.

6.2 Test local client 02ping Alibaba Cloud server intranet IP

On the local client 02: 192.168.3.168, ping the Alibaba Cloud intranet: 172.22.48.72. You can see that the ping has been successful.

7. Deploy kodbox application

7.1 Remote connection to the central controller node server

Remote connection to central controller node server

ssh root@Alibaba Cloud elastic public IP address

7.2 Create mounting directory

Execute the following command to create a mounting directory.

mkdir -p /data/kodbox/{<!-- -->db,site} & amp; & amp; cd /data/kodbox

7.3 Edit docker-compose.yaml file

Edit the docker-compose.yaml file. The port mapped by kodbox can be modified by yourself. Here it is modified to 3655.

version: '3.5'

services:
  db:
    image:mariadb
    command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW
    volumes:
      - "./db:/var/lib/mysql" #./db is the database persistence directory and can be modified
      #- "./etc/mysql/conf.d:/etc/mysql/conf.d" #Add custom mysql configuration
    environment:
      TZ: Asia/Shanghai
      MYSQL_ROOT_PASSWORD: kodbox
      MYSQL_DATABASE: kodbox
      MYSQL_USER: kodbox
      MYSQL_PASSWORD:kodbox
    restart: always
      
  app:
    image: kodcloud/kodbox
    ports:
      - 3655:80 #The left side is the port used and can be modified.
    links:
      -db
      - redis
    volumes:
      - "./site:/var/www/html" #./site is the site directory location and can be modified
    restart: always

  redis:
    image: redis:alpine
    environment:
      - "TZ=Asia/Shanghai"
    restart: always

7.4 Create kodbox application

Use docker compsoe to quickly create kodbox applications.

 docker compose up -d

7.5 Check kodbox container status

Check the status of kodbox-related containers to ensure that the container starts normally.

root@cloud:/data/kodbox# docker compose ps
NAME IMAGE COMMAND SERVICE CREATED STATUS PORTS
kodbox-app-1 kodcloud/kodbox "/entrypoint.sh /usr/bin/supervisord -n -c /etc/supervisord.conf" app 5 minutes ago Up 5 minutes 443/tcp, 9000/tcp, 0.0.0.0 :3655->80/tcp, :::3655->80/tcp
kodbox-db-1 mariadb "docker-entrypoint.sh --transaction-isolation=READ-COMMITTED --binlog-format=ROW" db 5 minutes ago Up 5 minutes 3306/tcp
kodbox-redis-1 redis:alpine "docker-entrypoint.sh redis-server" redis 5 minutes ago Up 5 minutes 6379/tcp

7.6 Check kodbox container logs

Check the kodbox container running log to ensure that the kodbox service is running normally.

docker logs kodbox-app-1

8. Security settings check

8.1 Firewall Settings

Check the ufw status to ensure that ufw is closed. If ufw is enabled, port 3655 needs to be released.

root@cloud:/data/kodbox# systemctl status ufw
● ufw.service - Uncomplicated firewall
     Loaded: loaded (/lib/systemd/system/ufw.service; disabled; vendor preset: enabled)
     Active: inactive (dead)
       Docs: man:ufw(8)

Oct 28 23:09:51 cloud systemd[1]: Stopping Uncomplicated firewall...
Oct 28 23:09:51 cloud ufw-init[28623]: Skip stopping firewall: ufw (not enabled)
Oct 28 23:09:51 cloud systemd[1]: ufw.service: Succeeded.
Oct 28 23:09:51 cloud systemd[1]: Stopped Uncomplicated firewall.

8.2 Cloud server release port

Open Alibaba Cloud’s cloud server security group management page and allow TCP/3655 port in the inbound direction. If it is an Alibaba Cloud lightweight application server, the security group replaces the firewall management. You need to add rules on the firewall management page to allow port 3655.

9. Initial configuration of kodbox

9.1 Enter the initial configuration page

On the local Windows client, open the browser, enter the address: http://172.22.48.72:3655/, and replace the IP with the intranet address of the central controller node server in your own environment.

9.2 Environment Check

On the initial configuration page of kodbox, after the environment is automatically checked successfully, click “Next”.

9.3 Database configuration

Database type: MySQL
Server:db
Username: root
Password: kodbox
Database name: kodbox
System cache type: Redis
Server: redis
Port: 6379
Just click “OK”.

9.4 Account settings

Set the password for the account admin and customize the settings.

9.5 Complete initial configuration

After setting the admin password, it will prompt “Installation successful”, indicating that the current kodbox application initialization has been completed.

10. Access kodbox application locally

10.1 Log in to kodbox

Access address: http://172.22.48.72:3655/#user/login, replace the IP with the intranet IP of your central controller node server.

10.2 Access kodbox application

After entering the account password, enter the kodbox homepage.

11. Related links

  • Related Links:

Basic usage tutorial of Flying Squirrel remote networking tool
Flying Squirrel official website