Unifi Controller ntawm Google Cloud Platform (GCP): 6 Cov Kauj Ruam

2024 Tus sau: John Day | [email protected]. Kawg hloov kho: 2024-01-30 09:26

Ubiquity's Unifi Controller tso cai rau kev tswj hwm lub vev xaib ntawm lawv cov khoom Unifi suav nrog cov ntsiab lus siv wireless, routers, thiab hloov pauv. Lawv muaj cov lus qhia zoo rau teeb tsa tus tswj hwm ntawm Amazon AWS siv qib dawb uas muab VM pub dawb rau 12 lub hlis. Thaum lub xyoo dhau los, koj yuav tsum tau them nyiaj txuas ntxiv siv VM.

Nruab UniFi Cloud Controller ntawm Amazon Web Services

Google Cloud Platform (GCP) kuj tseem muaj qib dawb nrog dawb micro VM ib txhis nrog cov yam ntxwv zoo ib yam rau Amazon muab. Lub hom phiaj ntawm phau ntawv qhia no yog sau cov kauj ruam rau teeb tsa Unifi Controller hauv GCP.

Nco tseg: Lwm tus neeg siv, Petri, tau sau phau ntawv qhia tau zoo ntxiv rau tsab ntawv uas teeb tsa cov yam ntxwv ntxiv xws li Cia Nkag Nkag daim ntawv pov thawj, Fail2Ban txwv, thiab kev saib xyuas dav dav. Txheeb nws txhawm rau ntxiv cov lus qhia no:

Kauj ruam 1: Sau npe/Tsim Google Cloud Platform Account

1. Nkag mus rau: https://cloud.google.com/free/ thiab nyem qhov "Sim Dawb" khawm kom pib sau npe rau tus as khauj
2. Nkag mus nrog koj tus account ntawm:

3. Xaiv qhov haujlwm koj xav siv rau Unifi Controller. Yog tias teeb tsa tus as khauj dawb, koj yuav muaj "Kuv thawj qhov haujlwm" xaiv.

   Qhov no tuaj yeem hloov pauv los ntawm kev mus rau Ntawv qhia zaub mov> IAM & thawj coj> Chaw thiab hloov pauv Lub Npe Project

Kauj ruam 2: Scripted Instance Creation

Ntau dua li nyem los ntawm GUI ib qib zuj zus los tsim qhov piv txwv, Google muab Google Cloud Plhaub los tsim los ntawm kab hais kom ua. Qhov no tshem tawm qhov tsis raug teeb tsa tsis raug vim tsis ua raws cov kauj ruam lossis ua yuam kev.

Nco tseg: Qib Tier tsuas yog muaj nyob hauv Cov Cheeb Tsam hauv qab no: us-east1, us-west1, thiab us-central1

Yog tias siv txoj hauv kev no nrog tsab ntawv los ntawm Petri, tsis xav tau cov kauj ruam ntxiv raws li txhua yam ntxiv yog siv rau ntawm Debian. Rau cov neeg uas xav tsim nws tus kheej lossis nkag siab cov txiv ntoo thiab ntsia liaj qhov rooj tom qab lub ntsej muag, cov kauj ruam tom qab taug kev no los ntawm kev teeb tsa.

Nco tseg: Vim yog kev qhia ua qauv, qee zaum luam/muab tshuaj tsis ua haujlwm raws li qhov xav tau. Txuas nrog yog cov ntawv sau nrog txhua cov lus txib uas yuav tsum tau ua kom raug thiab muab tshuaj txhuam thiab yuav yooj yim dua los hloov kho rau koj lub npe tshwj xeeb lub npe, DNS npe, thiab thaj chaw.

Nco Ntsoov Kawg: Raws li ntawm 9/5/2018, Unifi software tseem xav tau qhov ua ntej ntawm MongoDB dua li dab tsi tau ntim nrog Ubuntu 18.04, xav tau ib qho OS txawv, lossis qee qhov kev ua haujlwm raws li tau piav qhia ntawm no. Raws li qhov tshwm sim, cov lus txib hauv qab no yuav siv Debian 9

Tom qab nkag mus rau hauv qhov chaw console, nyem lub pob nyob rau ntawm kaum sab xis saum toj kom qhib Cloud Shell. Lub thawv dub yuav tshwm nyob rau sab qis ntawm nplooj ntawv nrog Cloud Plhaub interface. Luam thiab paste cov lus txib, hloov cov ntawv raws li xav tau

Tsim kom muaj lub thoob ntim khoom

Ib lub thoob ntim khoom yuav tuav cov thaub qab hauv qhov chaw sib cais yog li peb tuaj yeem rhuav tshem tus tswj hwm thiab rov qab los ntawm qhov tsim nyog thaub qab sai sai. Nco ntsoov hloov qee qhov tshwj xeeb-lub npe nrog lub npe uas koj xaiv. Lwm thaj tsam muaj nyob hauv qib pub dawb tsuav yog lawv nyob hauv Asmeskas, tsis suav nrog peb-sab hnub tuaj 4 (Txheeb xyuas kom ntxaws ntawm no:

gsutil mb -c cheeb tsam -l peb-central1 gs: // qee qhov tshwj xeeb-npe

Tsim kom muaj IP sab nraud zoo li qub

Txhawm rau tiv thaiv tus IP sab nraud los ntawm kev hloov pauv nyob rau lub sijhawm, tus IP tuaj yeem tshwj tseg thiab tseem pub dawb yog tias nws txuas nrog VM piv txwv. Yog tias koj rhuav tshem qhov piv txwv yam tsis tsim kev hloov pauv, lossis tshem tawm nws ntau dua 1 teev, koj yuav raug them rau IP zoo li qub kom txog thaum koj rho tawm.

gcloud xam chaw nyob tsim unifi-external

-region peb-central1

Tsim Txoj Cai Firewall

Cov kab ntawm kab no yuav tsim ntau txoj cai tiv thaiv hluav taws uas xav tau rau Unifi tus tswj hwm thiab ntxiv lawv rau ib daim ntawv npe hu ua unifi-server uas tseem yuav raug xa mus rau lub server piv txwv

gcloud suav firewall-cov cai tsim "unifi-http"

-tso cai tcp: 80, tcp: 8443, tcp: 8880, tcp: 8843 / --description = "Cov chaw nres nkoj siv rau HTTP thiab HTTPS ntawm cov chaw nres nkoj uas tsis yog tus qauv" \-target-tags = unifi-server

gcloud suav firewall-cov cai tsim "unifi-inform"

-allow tcp: 8080 / --description = "Chaw nres nkoj rau kev sib txuas lus ntawm lub cuab yeej thiab tswj" \-target-tags = unifi-server

gcloud suav firewall-txoj cai tsim "unifi-stun"

--allow udp: 3478 / --description = "Chaw nres nkoj siv rau STUN" \-target-tags = unifi-server

gcloud suav firewall-txoj cai tsim "unifi-throughput"

--allow tcp: 6789 / --description = "Chaw nres nkoj siv rau UniFi mobile speed test" \-target-tags = unifi-server

Tsim VM Tus Txheej Txheem

Cov kab no yuav tsim qhov piv txwv hauv qib pub dawb. Kho kab thawj tom qab tsim los hloov lub npe ntawm qhov piv txwv. Yog tias koj tsis xav siv cov ntawv sau tsis siv neeg muab los ntawm Petri lossis xav suav nrog cov kev xaiv ntxiv, hloov kho lossis tshem tawm kab kawg pib nrog --metadata. (Nco tseg: yog tias koj tshem tawm kab tag nrho, koj yuav tsum tau nyem Enter dua tom qab muab lo ua kom tiav)

gcloud xam cov xwm txheej tsim unifi-maub los

--machine-type f1-micro / --image-family debian-9 / --image-project debian-cloud / --boot-disk-type pd-standard \-boot-disk-size 25GB / --zone us-central1-c / --description "Unifi Controller" / --coves = default, storage-rw / --tags unifi-server / --address unifi-external / --metadata = startup-script-url = gs: //petri-unifi/startup.sh, timezone = US/Central, dns-name = your.domain.com, thoob = qee qhov tshwj xeeb-npe

Yog tias koj xav siv lwm cov duab OS, koj tuaj yeem tau txais daim ntawv teev npe tag nrho los ntawm Cloud Shell siv cov lus txib hauv qab no

gcloud suav cov npe duab

Nco ntsoov Tsev Neeg thiab Txoj Haujlwm, hauv qhov no "debian-9" thiab "debian-cloud"

Kauj Ruam 3: Tsim VM Instance

1. Los ntawm cov ntawv qhia zaub mov khawm nyob rau sab saud, xaiv "Compute Engine" ces "VM Instances"
2. Tos rau Compute Engine kom tiav qhov pib ua ntej yog hais kom sai.

3. Hauv qab "VM Cov xwm txheej" ntawm sab laug pane, nyem "Tsim" hauv kab sab xis.

   1. Sau lub npe rau koj VM. Hauv qhov no "unifi-controller"
   2. Xaiv Ib Cheeb Tsam lossis tawm ntawm lub neej ntawd
   3. Hloov Tshuab Hom rau "micro" yog tias siv qhov pub dawb

   4. Nyem "Hloov" ntawm Boot disk. Xaiv cov duab Ubuntu, xws li "Ubuntu 16.04 LTS"

      Cov duab tshiab ntawm Ubuntu muaj qhov tsis sib xws ntawm MongoDB. Debian yog lwm txoj kev xaiv

   5. Ua kom lub hom disk zoo rau Cov Neeg Siv Khoom Loj Disk thiab loj li 25 GB

      Nco tseg: 30 GB yuav xav tau kom ua haujlwm tau zoo ntawm cov tswj software. Lub Huab Shell siv 5 GB thiab tuaj yeem hla qhov pub dawb tshwj tsis yog qhov piv txwv no yog 25 GB

   6. Tshem cov kev xaiv Firewall tsis raug xaiv. Cov no yuav raug teeb tsa tom qab.
   7. Yog tias teeb tsa cov thaub qab raws li tau piav qhia tom qab hauv phau ntawv qhia no, hauv qab Access Scopes, xaiv "Teeb nkag rau txhua API" thiab hloov Cia rau "Nyeem Sau"

   8. Nyem "Kev tswj hwm, disks, kev sib tham, SSH qhov tseem ceeb" txuas, tom qab ntawd nyem rau Networking tab. Hauv qab "Network cim npe" nkag mus: unifi-server

      Qhov no yuav raug siv thaum tsim cov cai firewall

   9. Nyem "Tsim" kom pib txheej txheem
4. Muab ob peb feeb rau VM kev tsim kom tiav. Lub thawv ntsuab yuav tshwm rau sab laug ntawm lub npe thaum ua tiav.

5. Nyem rau Google Cloud Platform Menu> Networking> VPC Network> Firewall cov cai

   1. Nyem "Tsim txoj cai thaiv phab ntsa" nyob rau sab saum toj ntawm nplooj ntawv. Yuav tsum muaj ob peb txoj cai. Lawv tuaj yeem tawg tawm rau hauv ib tus neeg txoj cai, lossis ib txoj cai kom suav nrog txhua qhov chaw nres nkoj xav tau. Cov npe ntawm cov chaw nres nkoj

      1. Lub npe: unifi-ports
      2. Lub hom phiaj cim npe: unifi-server
      3. Tus IP qhov txawv: 0.0.0.0/0
      4. Cov txheej txheem tshwj xeeb thiab cov chaw nres nkoj: tcp: 80; txc: 88 8 0. txc: 844 3. txc: 884 3. txc: 808 0. txc: 678 9. ib: 3478
      5. Tsim

6. Nyem rau Google Cloud Platform Ntawv Qhia> Networking> VPC Network> IP Chaw Nyob Sab Nraud

   1. Hloov txoj haujlwm tam sim no los ntawm Ephemeral rau Static txhawm rau tiv thaiv IP los ntawm kev hloov pauv sijhawm.
   2. Nco tseg: Yog tias qhov xwm txheej raug tso tseg, tus nqi $ 0.01/hr ib tus IP yuav raug them rau IPs zoo li qub

Kauj Ruam 4: Kho Kev Sib Hloov ntawm VM

Yog tias siv qhov piv txwv f1-micro, nws muaj peev xwm ua tau tias VM yuav khiav tawm ntawm 600 MB ram thiab tsis ua haujlwm. Txhawm rau pab nrog qhov no, teeb tsa cov ntaub ntawv sib pauv. Yog tias siv VM loj dua, qhov no yuav tsis tsim nyog. Kab lus no taug koj hla cov kauj ruam rau Ubuntu:

Configuring Swap

Cov lus txib hauv qab no tuaj yeem theej thiab muab tso rau hauv SSH ntu rau koj VM los tsim cov ntaub ntawv sib pauv thiab ua kom nws ruaj khov

sudo fallocate -l 1G /swapfilesudo chmod 600 /swapfilesudo mkswap /swapfilesudo swapon /swapfilesudo cp /etc /fstab /etc/fstab.bakecho ' /swapfile tsis muaj swap sw 0 0' | sudo tee -a /etc /fstab

Txhawm rau txheeb xyuas ntau npaum li cas lub cim xeeb tau siv, ob qho RAM thiab sib pauv, siv cov lus txib hauv qab no

laus -h

Kauj Ruam 5: Txhim Kho Tus Tswj Xyuas Software

1. Nyem Ntawv Qhia> Suav Cav> VM Piv Txwv. Ntawm kab nrog tus tswj hwm VM, nyem lub pob SSH. Lub qhov rai tshiab yuav tshwm nrog thiab SSH ntu rau VM.

2. Khiav cov lus txib hauv qab no ntxiv Ubiquity repository thiab ntxiv GPG qhov tseem ceeb. Cov no tuaj yeem theej thiab muab tso rau hauv SSH qhov rai: ncha "deb https://www.ubnt.com/downloads/unifi/debian ruaj khov ubiquiti" | sudo tee -a /etc/apt/sources.listsudo apt -key adv --keyserver keyserver.ubuntu.com --recv 06E85760C0A52C50

   1. Nco tseg: Tom qab hloov kho rau qhov kev tso tawm tshiab, qhov chaw yuav xiam oob qhab. Hloov kho cov ntaub ntawv sources.list kom tshem tawm # txij thaum pib ntawm kab ubnt
   2. sudo nano /etc/apt/sources.list
3. Khiav cov lus txib hauv qab no txhawm rau hloov kho lub server chaw cia khoom thiab pib Unifi nruab: sudo apt-tau hloov tshiab apt-tau nruab unifi
4. Yog tias tau txais kev tshoov siab, nias Y txhawm rau txuas ntxiv rub tawm cov pob khoom xav tau thiab teeb tsa
5. Txhawm rau ua kom lub sijhawm pib pib sai dua ntawm VM, teeb tsa haveged rau kev nkag mus sai dua. Nrog haveged, thawj qhov pib ntawm Unifi thaum lub VM khau raj yuav siv sijhawm 6-10 feeb. Yog tsis muaj nws yuav siv sijhawm 20-25 feeb.
6. Thaum ua tiav, ntaus tawm kom kaw SSH ntu
7. Hauv VM Tus Txheej Txheem Qhov rai, sau tseg ntawm IP sab nraud ntawm VM

8. Qhib lub vev xaib mus rau https:// Sab nrauv-IP: 8443/

   hloov Sab Nraud-IP nrog Tus IP Sab Nraud ntawm koj li VM

9. Yog tias lub vev xaib tshwm sim, teeb tsa tus tswj tau ua tiav.

   Nco tseg: Kauj Ruam 2 yuav tsis pom ib qho khoom siv li tus tswj hwm tsis nyob hauv tib lub subnet ib yam li cov khoom siv. Saib Ubiquity tsab xov xwm ntawm Txheej 3 Adoption

Kauj ruam 6: Configuring Backups

Raws li ib feem ntawm Google Free Tier, 5 GB ntawm kev cia hauv cheeb tsam suav nrog. Los ntawm kev tsim lub thoob ntim khoom thiab teeb tsa Unifi los theej cov thaub qab rau hauv lub thoob no, cov ntaub ntawv tsis yog tsuas yog khaws cia hauv lub cav suav, tso cai rau rov ua dua yog tias tag nrho qhov xwm txheej tsis muaj.

Tsim Google Cloud Storage Bucket

1. Hauv GCP Console, nyem rau khawm Ntawv qhia zaub mov nyob rau sab saud sab sauv, xaiv "Cia" nyob hauv qab Cov lus khaws cia, tom qab ntawd nyem Tsim Thoob

2. Sau lub npe uas tsis yog thoob ntiaj teb Tsim thaum ua tiav Xaiv ib cheeb tsam.

   1. Hauv Asmeskas, kev cia dawb muaj nyob hauv cov cheeb tsam xaus rau 1 raws li tau sau tseg ntawm no:
   2. Xaiv Cheeb Tsam rau qib dawb
   3. Nyem Txuas ntxiv thaum ua tiav
3. Hauv GCP Console, nyem lub pob Ntawv qhia zaub mov nyob rau hauv kaum sab saud, xaiv "Compute Engine", tom qab ntawd nyem VM qhov xwm txheej
4. Nres qhov piv txwv Unifi
5. Nyem rau ntawm lub npe piv txwv, thiab xaiv Kho Kom Zoo Dua Hauv "Access Scopes", xaiv "Set Access for each API"
6. Hloov "Cia" Nyeem Sau
7. Pib qhov piv txwv

Tsim ib tsab ntawv los theej cov thaub qab rau hauv lub thoob txhua hnub

1. Siv cov lus txib hauv qab no los tsim tsab ntawv thaub qab, ua kom hloov chaw [name_of_storage_bucket] nrog lub npe koj tsim saum toj no. ncha '#!/bin/sh' | sudo tee /etc/cron.daily/unifi-backup-to-bucket echo sudo gsutil rsync -r -d/var/lib/unifi/thaub qab gs: // [name_of_storage_bucket] | sudo tee -a /etc/cron.daily/unifi-backup-to-bucket
2. Teem cov ntaub ntawv ua tiav sudo chmod +x /etc/cron.daily/unifi-backup-to-bucket
3. Tam sim no cov ntaub ntawv thaub qab yuav tsum tau theej rau hauv lub thoob txhua hnub. Koj tuaj yeem saib cov ntaub ntawv los ntawm kev mus rau Chaw Cia> Browser thiab nyem lub thoob.

Nco tseg: Kuv muaj qee qhov teeb meem nrog kev luam cov ntawv los ntawm Cov Ntawv Qhia thiab muab tso rau hauv lub console tsis ua haujlwm tag nrho. Cov ntawv yuav theej, tab sis cov lus txib yuav tsis ua kom raug. Ntsuas lawv tus kheej los kho qhov teeb meem.