Cómo configurar squid para que actúe como host virtual para imágenes de Docker

Question

Lo respondí yo mismo

Mi solución es:

lo resolví con barniz

apt-get install varnish

Luego puse mi

/etc/default/varnish

a

START=yes
NFILES=131072
MEMLOCK=82000
DAEMON_OPTS="-a :80 \
             -T localhost:6082 \
             -f /etc/varnish/default.vcl \
             -S /etc/varnish/secret \
             -s malloc,256m"

Luego configure mi

/etc/varnish/default.vcl

a

backend default {
    .host = "127.0.0.1";
    .port = "80";
}

backend one_website {
    .host = "127.0.0.1";
    .port = "5080";
}

backend two_website {
    .host = "127.0.0.1";
    .port = "5180";
}

## Multiple virtual host
sub vcl_recv {
 if (req.http.host ~ "^www.default.com(:[0-9]+)?$") {
    set req.backend = default;
 } else if (req.http.host ~ "^www.one.com(:[0-9]+)?$") {
    set req.backend = one_website;
 } else if (req.http.host ~ "^www.two.com(:[0-9]+)?$") {
    set req.backend = two_website;
 }
}

## Fetch
sub vcl_fetch {
        ## Remove the X-Forwarded-For header if it exists.
        remove req.http.X-Forwarded-For;

        ## insert the client IP address as X-Forwarded-For. This is the normal IP address of the user.
        set    req.http.X-Forwarded-For = req.http.rlnclientipaddr;
        ## Added security, the "w00tw00t" attacks are pretty annoying so lets block it before it reaches our webserver
        if (req.url ~ "^/w00tw00t") {
                error 403 "Not permitted";
        }
                ## Deliver the content
        return(deliver);
}

## Deliver
sub vcl_deliver {
        ## We'll be hiding some headers added by Varnish. We want to make sure people are not seeing we're using Varnish.
        ## Since we're not caching (yet), why bother telling people we use it?
        remove resp.http.X-Varnish;
        remove resp.http.Via;
        remove resp.http.Age;

        ## We'd like to hide the X-Powered-By headers. Nobody has to know we can run PHP and have version xyz of it.
        remove resp.http.X-Powered-By;
}

¡Espero que pueda ayudar a alguien más a enfrentar este problema!

Answer 1

Lo respondí yo mismo

Mi solución es:

lo resolví con barniz

apt-get install varnish

Luego puse mi

/etc/default/varnish

a

START=yes
NFILES=131072
MEMLOCK=82000
DAEMON_OPTS="-a :80 \
             -T localhost:6082 \
             -f /etc/varnish/default.vcl \
             -S /etc/varnish/secret \
             -s malloc,256m"

Luego configure mi

/etc/varnish/default.vcl

a

backend default {
    .host = "127.0.0.1";
    .port = "80";
}

backend one_website {
    .host = "127.0.0.1";
    .port = "5080";
}

backend two_website {
    .host = "127.0.0.1";
    .port = "5180";
}

## Multiple virtual host
sub vcl_recv {
 if (req.http.host ~ "^www.default.com(:[0-9]+)?$") {
    set req.backend = default;
 } else if (req.http.host ~ "^www.one.com(:[0-9]+)?$") {
    set req.backend = one_website;
 } else if (req.http.host ~ "^www.two.com(:[0-9]+)?$") {
    set req.backend = two_website;
 }
}

## Fetch
sub vcl_fetch {
        ## Remove the X-Forwarded-For header if it exists.
        remove req.http.X-Forwarded-For;

        ## insert the client IP address as X-Forwarded-For. This is the normal IP address of the user.
        set    req.http.X-Forwarded-For = req.http.rlnclientipaddr;
        ## Added security, the "w00tw00t" attacks are pretty annoying so lets block it before it reaches our webserver
        if (req.url ~ "^/w00tw00t") {
                error 403 "Not permitted";
        }
                ## Deliver the content
        return(deliver);
}

## Deliver
sub vcl_deliver {
        ## We'll be hiding some headers added by Varnish. We want to make sure people are not seeing we're using Varnish.
        ## Since we're not caching (yet), why bother telling people we use it?
        remove resp.http.X-Varnish;
        remove resp.http.Via;
        remove resp.http.Age;

        ## We'd like to hide the X-Powered-By headers. Nobody has to know we can run PHP and have version xyz of it.
        remove resp.http.X-Powered-By;
}

¡Espero que pueda ayudar a alguien más a enfrentar este problema!

Cómo configurar squid para que actúe como host virtual para imágenes de Docker

Respuesta1

información relacionada