All Blog Posts by Strahil Minchev

  • Installing PeerVPN with Ansible

    Installing PeerVPN with Ansible

    In addition to the article about the PeerVPN installation and configuration, I will now show you more advanced and quite ‘modern’ way to provision several servers and get your VPN client up really fast. You’ve probably heard of Ansible already. Well, one of its use cases is exactly what we need here: Configuration Manager. Many of us have experienced The Headache, when you need to install, configure and then administer a whole environment. Yes, to repeat the same steps on hundreds of servers, where you have different OS distributions, application versions and all kind of dependencies, and all of that certainly lead to some problems.Well, Ansible is here to help you with all that stuff. You can choose, set and customize anything that is required for specific environment and suit its needs. So, let us start with the introduction to ansible, its structure and components.In my opinion there are two approaches when you first start with Ansible. The first one is to read the official introduction to Ansible, which explains a lot about its structure and then start with simple playbook which you then extend to a role. Or the second one, where you make use of the Ansible Galaxy, which has a lot of community-provided roles open for use. Well not every role is that much scalable and flexible as you want so you can simply combine both approaches, take an already built role and expand its functionalities. If you learn that quick and all of that is boring, you can start building your own Ansible modules.

  • Setting up a simple open source peer-to-peer VPN

    Setting up a simple open source peer-to-peer VPN

    VPN, or Virtual Private Network, allows you to create a secure connection to another network over the Internet which can be very beneficial for some use cases. VPNs can be used for many things, for example - access region-restricted websites, shield your browsing activity from bad guys on public Wi-Fi, connect and use local resources which are inaccessible from the outside world or simply create a secure network between your servers and isolate them. So, what are the common steps for creating a VPN. You need to first connect to the public internet through the ISP (Internet Service Provider), then initiate a VPN using a client software. Sounds easy, right? Well it depends on the software you choose, whereby most of the VPN solutions follow the client-server principle. That means, all nodes connect to e central server which is the central point to all others. By such environment, the whole traffic passes through the central server creating a star topology, so this server needs lots of bandwidth. In case that the central server fails and it’s not able to handle the whole traffic, the VPN will go down and the other members will not be able to communicate. This is the main disadvantage by such setting. So, if you don’t want to have that single point of failure, you can use a full mesh topology, where every participant talk to the others without having a central server. If one of them fails, the other members will not be affected. A good, simple and reliable peer-to-peer/full mesh solution is the PeerVPN.