Closed dvapelnik closed 9 years ago
I have correctly used squid proxy from linked container
sudo docker \
run -d \
--name squid \
-e DISK_CACHE_SIZE:5120 \
-e MAX_CACHE_OBJECT:1024 \
-v /path/to/my/cache:/var/cache/squid3 \
jpetazzo/squid-in-a-can
sudo docker run --rm -it --link="squid:squid" ubuntu-debootstrap:trusty /bin/bash
in container:
export http_proxy="http://squid:3128"
PROFIT but this in not good solution
It was my mistake. Any requests to 172.17.42.1:3129 was blocked by my firewall
I'm trying to run your dockerized solution for caching with transparent squid but I can't do this and I'm trying to understand how it works and I have some questions
I understood that squid container works in host network namespace and 3129-th port of container will able in host machine for using for transparent proxying HTTP traffic for all containers. All HTTP container's traffic will preroute through caching proxy with iptable rule.
I'm using more clearly way without addition container for change host's iptable rules (i.e. run "squid-in-i-can" container and directly update iptables preroute rule).
But I see discrepancy in ports: nmap of 127.0.0.1 show my squid 3128 port and preroute assign the 3129 port. I read your comment about patch debian config and I seen the adding 3129 port in squid config in Dockerfile, but nmap can't mistake too.
And my new simple container can't use HTTP traffic when squid container is running and preroute configured. I'm trying to replace port 3129 to 3128 in preroute rule, but no result.
My steps:
Run squid container:
My nmap localhost result
I see this situation on ipdatables
I run simple container and try to update my apt's cache:
Internet link in container is enable
but nothing with HTTP :unamused:
What am I doing wrong?