配置Docker http代理

由于部署k8s时需要连接google的服务器,但是在天朝如果不会科学上网显然是很难的。科学上网的途径有很多,比如自己搭建shadowsock,网上随便搜一下一大把,在此不做过多介绍,可参考http://celerysoft.github.io/2016-01-15.html 。以下主要说明如何在可连接shadowsock服务的前提下配置Docker的代理。

安装、配置并启动ss客户端

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
# pip install shadowsocks
# cat /etc/shadowsocks.cfg
{
"server":"54.154.52.27", #ss服务端IP
"server_port":8388, #ss服务端监听端口
"local_address": "0.0.0.0", #ss本地代理监听IP
"local_port":1080, #ss本地代理监听端口
"password":"password", #ss服务端密码
"timeout":600,
"method":"aes-256-cfb" #ss服务端加密算法
}
# sslocal -c /etc/shadowsocks.cfg
INFO: loading config from /etc/shadowsocks.cfg
2017-12-15 09:33:30 WARNING warning: local set to listen on 0.0.0.0, it's not safe
2017-12-15 09:33:30 INFO loading libcrypto from libcrypto.so.10
2017-12-15 09:33:30 INFO starting local at 0.0.0.0:1080

由于SS的客户端是使用Socket请求作为代理的,需要将socket转换为http方式。

安装、配置并启动privoxy

1
2
3
4
5
6
7
# rpm -ivh privoxy-3.0.26-1.el7.x86_64.rpm
# grep -w -E "^listen|^forward" /etc/privoxy/config
listen-address 0.0.0.0:8118 #privoxy的监听地址
forward-socks5 / 127.0.0.1:1080 . #转发socks5的地址
forward 127.*.*.*/ . #转发的网段
forward 172.16.*.*/ .
# systemctl start privoxy

客户端代理配置

apt-get

  • socks5代理

    1
    2
    3
    4
    5
    6
    7
    # apt-get  install tsocks
    # grep ^[0-Z] /etc/tsocks.conf
    local = 127.0.0.0/255.255.255.0
    server = 127.0.0.1
    server_type = 5
    server_port = 1080
    # tsocks apt-get update
  • http代理

    1
    2
    3
    4
    # cat /etc/apt/apt.conf.d/90proxy
    Acquire::http::proxy "http://127.0.0.1:8118";
    Acquire::https::proxy "https://127.0.0.1:8118";
    # apt-get update

全局配置

1
2
3
4
# vi ~/.profile
export http_proxy=http://127.0.0.1:8118/
export https_proxy=$http_proxy
export no_proxy="localhost,127.0.0.1,localaddress,.localdomain.com,172.16.100.50"

Docker代理

1
2
3
4
5
6
7
8
# mkdir /etc/systemd/system/docker.service.d/
# cd /etc/systemd/system/docker.service.d/
# vi http-proxy.conf
[Service]
Environment="HTTP_PROXY=http://127.0.0.1:8118/"
Environment="HTTPS_PROXY=https://127.0.0.1:8118/"
# systemctl daemon-reload
# systemctl restart docker
坚持原创技术分享,您的支持将鼓励我继续创作!
0%