Shadowsocks on GCP with Debian 9
Prepare your GCP account
Get your own Gmail account registered.
Get a Credit Card VISA/Master/AE
login to console.cloud.google.com
Agree to the T&C
On Getting Started, click TRY FREE banner.
Choose Country and Agree ToS
Choose Account Type to Individual
Fill in Address
Fill in Credit Card info for verification
By now your GCP account been activated.
Create Firewall Rules
on left menu, find VPC network under NETWORKING
Click on Firewall rules, it will take a while to get ready the Compute Engine
Create a Firewall rule
assign a Name
change Targets to All instances in the network
Source IP ranges to 0.0.0.0/0
Protocols and ports: tcp: 7788 udp:7788 (or any number between 1024-65535) except 8388
Create VM instances
Click on Navigation menu, choose Compute Engine -> VM instances, Click Create
Assign a Name for your VM
Region: asia-east1 or asia-east2
Machine type: g1-small
Boot disk: Debian GNU/Linux 9 (stretch)
under Firewall session, click on blue expand down double arrow, click on Networking tag. Click the pencil under Network interfaces, with expended Network interface, click Ephemeral under External IP, Select Create IP address. Assign a Name for the static IP, then click reserve. Click Done with Network interface. Click Create
After few seconds, your VM instance been created.
Your public IP address can be found under External IP.
Install Shadowsocks
Click SSH on the right to your new VM instance.
enable interactive root access
sudo -iEnable backports
nano /etc/apt/sources.listadd the following line at the bottom of the file.
deb http://ftp.debian.org/debian stretch-backports mainpress Ctrl+X then Y, Enter to save the updates
apt updateupdate the system
apt-get updateapt-get upgradePress Y, Enter
Install rng-tools
apt-get install rng-toolsModify RND devices
nano /etc/default/rng-toolsadd to last line
HRNGDEVICE=/dev/urandomPress Ctrl+x, Y Enter to save
Reboot system
rebootWait for few mins, press enter
enable interactive root access
sudo -iInstall Shadowsocks-libev
apt -t stretch-backports install shadowsocks-libevPress Y, Enter
Modify the configuration file
nano /etc/shadowsocks-libev/config.jsonReplace with your own server port (the one you assigned in Firewall Rules) and your own password
{ "server":"0.0.0.0", "mode":"tcp_and_udp", "server_port":7788, "local_port":1080, "password":"Y0ur0p@$$w0rd", "timeout":60, "method":"aes-256-cfb"}Save and exit by Ctrl+x, Y and Enter
Restart the shadwosocks then check the status
systemctl restart shadowsocks-libevsystemctl status shadowsocks-libevenable auto-start at boot time
systemctl enable shadowsocks-libevNow your Shadowsocks on GCP shall work.
Something more - Enable BBR
Remain in the sudo mode
echo "net.core.default_qdisc=fq">>/etc/sysctl.confecho "net.ipv4.tcp_congestion_control=bbr">>/etc/sysctl.conftake the change active
sysctl -pTo Check the result
sysctl net.ipv4.tcp_available_congestion_controlThe result should looks like
net.ipv4.tcp_available_congestion_control = bbr cubic reno