Docker

在 Centos 7 VPS 上完全配置後獲取 OpenVPN 伺服器狀態失敗

  • October 7, 2022

我將VPN ServerCentos 7VPS 上設置一個,作為 Docker 容器執行。但是,在安裝OpenVPN和配置之後,我看到伺服器狀態失敗: 在此處輸入圖像描述

這是我的server.conf文件:

port 1194
proto udp
dev tun

ca ca.crt
cert server.crt
key server.key
dh dh2048.pem

server 10.8.0.0 255.255.255.0
ifconfig-pool-persist ipp.txt

push "redirect-gateway def1 bypass-dhcp"

push "dhcp-option DNS 8.8.8.8"
push "dhcp-option DNS 8.8.4.4"

keepalive 10 120
cipher AES-256-CBC
user nobody
group nobody
persist-key
persist-tun
status openvpn-status.log
verb 3
explicit-exit-notify 1

這是在messages下面執行命令後寫入 var/log/ 文件中的內容:

systemctl start openvpn@server.service

Oct  7 08:35:39 systemd: Cannot add dependency job for unit systemd-vconsole-setup.service, ignoring: Unit is masked.
Oct  7 08:35:39 systemd: Starting OpenVPN Robust And Highly Flexible Tunneling Application On server...
Oct  7 08:35:39 openvpn: Fri Oct  7 08:35:39 2022 OpenVPN 2.4.12 x86_64-redhat-linux-gnu [Fedora EPEL patched] [SSL (OpenSSL)] [LZO] [LZ4] [EPOLL] [PKCS11] [MH/PKTINFO] [AEAD] built on Mar 17 2022
Oct  7 08:35:39 openvpn: Fri Oct  7 08:35:39 2022 library versions: OpenSSL 1.0.2k-fips  26 Jan 2017, LZO 2.06
Oct  7 08:35:39 openvpn: Fri Oct  7 08:35:39 2022 Diffie-Hellman initialized with 2048 bit key
Oct  7 08:35:39 openvpn: Fri Oct  7 08:35:39 2022 ROUTE_GATEWAY ON_LINK IFACE=venet0 HWADDR=00:00:00:00:00:00
Oct  7 08:35:39 openvpn: Fri Oct  7 08:35:39 2022 ERROR: Cannot open TUN/TAP dev /dev/net/tun: No such file or directory (errno=2)
Oct  7 08:35:39 openvpn: Fri Oct  7 08:35:39 2022 Exiting due to fatal error
Oct  7 08:35:39 systemd: Started OpenVPN Robust And Highly Flexible Tunneling Application On server.
Oct  7 08:35:39 systemd: openvpn@server.service: main process exited, code=exited, status=1/FAILURE
Oct  7 08:35:39 systemd: Unit openvpn@server.service entered failed state.
Oct  7 08:35:39 systemd: openvpn@server.service failed.

tun只有在託管服務提供商為您的容器提供這種可能性的情況下,才能在容器中創建和使用設備。他們需要:

  • tuntap在主機上載入驅動程序
  • 允許您的容器使用它

如果滿足此要求,您可以創建缺少的設備節點並將其與 OpenVPN 或其他應用程序一起使用:

mkdir -p /dev/net
mknod /dev/net/tun c 10 200
chmod 0666 /dev/net/tun

可能每次容器啟動時您都需要創建它,在這種情況下,創建一個為您執行這些命令並將其設置為網路所需的 systemd unitt 會很方便:

[Unit]
Description=/dev/net/tun device node
Requires=sysinit.target
After=sysinit.target
Documentation=https://www.kernel.org/doc/Documentation/networking/tuntap.txt

[Service]
Type=oneshot
RemainAfterExit=yes
ExecStart=mkdir -p /dev/net
ExecStart=mknod /dev/net/tun c 10 200
ExecStart=chmod 0666 /dev/net/tun

[Install]
WantedBy=network-pre.target

將其保存/etc/systemd/system/tuntap-dev.service並執行systemctl enable tuntap-dev.service以在啟動時啟動它。

引用自:https://serverfault.com/questions/1112462

相關問答

Docker

docker-ce 在 CentOS 7 VPS 上工作,但不再工作

  • November 16, 2018
檢視問答
Iptables

openvpn:無法使用 iptables 控制客戶端到客戶端的連接

  • September 14, 2017
檢視問答
Iptables

確保 Swarm 中節點的 Docker 流量僅通過 VPN 連接

  • February 10, 2022
檢視問答
Docker

反向代理和域轉發

  • November 24, 2021
檢視問答
Docker

無法在 Centos 7 中執行 docker

  • September 12, 2021
檢視問答
Centos

我應該在我的 VPS 伺服器上為 Plesk 使用 Centos 7 還是 Centos 8?

  • September 4, 2021
檢視問答