CentOS 7 provides a detailed explanation of the HTTP agent using Squid

  • 2020-05-30 21:59:42
  • OfStack

This paper mainly records how to set up CentOS server using Squid as HTTP proxy and how to configure the proxy of the client. Let's have a detailed introduction below.

Provide HTTP agents using Squid

Install and set up Squid on the host

The gateway n147 machine, the public network IP is 2.2.2.147. Install Squid, then modify the configuration to enable the service.


yum install -y squid
# squid Configuration file in  /etc/squid/squid.conf , please refer to the following Dockerfile
#  After modifying the configuration, initialize squid Working directory 
squid -z
#  Start the service 
systemctl enable squid
systemctl start squid

Run Squid as an Docker container

Dockerfile reads as follows:


FROM alpine:latest
RUN apk update --no-cache; \
 apk add squid --no-cache
#  Can be found in squid.conf Is restricted to allow access to this agent IP Range, otherwise only Intranet IP You can visit 
RUN sed -i "/RFC 4291/a acl ics src 2.2.2.0/24" squid.conf; \
 sed -i "/RFC 4291/a acl ics src 2.2.3.3/32" squid.conf
#  You can change the default port number. If you change the default port, you need to change the following  EXPOSE  Part of the 
RUN sed -i "/http_port/c http_port 8888" squid.conf
#  open cache
RUN sed -i '/cache_dir/s/#//g' /etc/squid/squid.conf
#  Or simply use the modified configuration file 
# ADD squid.conf /etc/squid/squid.conf
# squid -z For initialization and creation cache Directory, but directly in Dockerfile In the 
# RUN squid -z
#  It can't be created cache Directory, resulting in squid Unable to start 
#  So the initialization and startup commands are written to the script 
RUN echo -e '#!/bin/sh\n[ -d /var/cache/squid/00 ] || squid -z\nsquid -N' >/squid.sh; \
 chmod +x /squid.sh
EXPOSE 3128
CMD ["/squid.sh"]

Construct image: docker build ./ -t squid:latest

Startup container: docker run -d -p 3128:3128 --name squid squid:latest

Use an HTTP agent

Other machines on the Intranet that do not have direct access to the external network can be set up to use the proxy services provided by n147.

Global environment variables

In/etc environment (not need export), / etc/profile or/etc/profile d/http_proxy sh http_proxy and https_proxy is derived


export http_proxy=http://2.2.2.147:3128
export https_proxy=http://2.2.2.147:3128

squid can be used as an https proxy, as long as it is set https_proxy=http://2.2.2.147:3128 , that is, the environment variable begins with http://.

Docker

Docker require a separate set up agents, new file/etc systemd/system/docker service. d/http - proxy. conf, content is as follows (note to have space between the number of environment variables, but also set up a mirror to private warehouse don't use the proxy) :


[Service]
Environment="HTTP_PROXY=http://2.2.2.147:3128" "HTTPS_PROXY=http://2.2.2.147:3128" "NO_PROXY=localhost,10.0.0.147"

restart docker daemon: systemctl restart docker , the implementation of docker info See if it takes effect.

yum

yum will use the global agent setting, or you can set the agent separately, add in /etc/ yum.conf:


proxy=http://2.2.2.147:3128

apt

In the file/etc apt/apt conf added:


Acquire::http::proxy "http://2.2.2.147:3128";
Acquire::https::proxy http://2.2.2.147:3128;

conclusion


Related articles: