CentOS 7 provides a detailed explanation of the HTTP agent using Squid
- 2020-05-30 21:59:42
- OfStack
This paper mainly records how to set up CentOS server using Squid as HTTP proxy and how to configure the proxy of the client. Let's have a detailed introduction below.
Provide HTTP agents using Squid
Install and set up Squid on the host
The gateway n147 machine, the public network IP is 2.2.2.147. Install Squid, then modify the configuration to enable the service.
yum install -y squid
# squid Configuration file in /etc/squid/squid.conf , please refer to the following Dockerfile
# After modifying the configuration, initialize squid Working directory
squid -z
# Start the service
systemctl enable squid
systemctl start squid
Run Squid as an Docker container
Dockerfile reads as follows:
FROM alpine:latest
RUN apk update --no-cache; \
apk add squid --no-cache
# Can be found in squid.conf Is restricted to allow access to this agent IP Range, otherwise only Intranet IP You can visit
RUN sed -i "/RFC 4291/a acl ics src 2.2.2.0/24" squid.conf; \
sed -i "/RFC 4291/a acl ics src 2.2.3.3/32" squid.conf
# You can change the default port number. If you change the default port, you need to change the following EXPOSE Part of the
RUN sed -i "/http_port/c http_port 8888" squid.conf
# open cache
RUN sed -i '/cache_dir/s/#//g' /etc/squid/squid.conf
# Or simply use the modified configuration file
# ADD squid.conf /etc/squid/squid.conf
# squid -z For initialization and creation cache Directory, but directly in Dockerfile In the
# RUN squid -z
# It can't be created cache Directory, resulting in squid Unable to start
# So the initialization and startup commands are written to the script
RUN echo -e '#!/bin/sh\n[ -d /var/cache/squid/00 ] || squid -z\nsquid -N' >/squid.sh; \
chmod +x /squid.sh
EXPOSE 3128
CMD ["/squid.sh"]
Construct image:
docker build ./ -t squid:latest
Startup container:
docker run -d -p 3128:3128 --name squid squid:latest
Use an HTTP agent
Other machines on the Intranet that do not have direct access to the external network can be set up to use the proxy services provided by n147.
Global environment variables
In/etc environment (not need export), / etc/profile or/etc/profile d/http_proxy sh http_proxy and https_proxy is derived
export http_proxy=http://2.2.2.147:3128
export https_proxy=http://2.2.2.147:3128
squid can be used as an https proxy, as long as it is set
https_proxy=http://2.2.2.147:3128
, that is, the environment variable begins with http://.
Docker
Docker require a separate set up agents, new file/etc systemd/system/docker service. d/http - proxy. conf, content is as follows (note to have space between the number of environment variables, but also set up a mirror to private warehouse don't use the proxy) :
[Service]
Environment="HTTP_PROXY=http://2.2.2.147:3128" "HTTPS_PROXY=http://2.2.2.147:3128" "NO_PROXY=localhost,10.0.0.147"
restart
docker daemon: systemctl restart docker
, the implementation of
docker info
See if it takes effect.
yum
yum will use the global agent setting, or you can set the agent separately, add in /etc/ yum.conf:
proxy=http://2.2.2.147:3128
apt
In the file/etc apt/apt conf added:
Acquire::http::proxy "http://2.2.2.147:3128";
Acquire::https::proxy http://2.2.2.147:3128;
conclusion