我想构建一个系统,其中有 3 个鱿鱼代理服务器在负载均衡器后面运行。 当前鱿鱼代理正在 http 端口上运行,(也感谢 https_port 的帮助)
dns_v4_first on
acl loadbalancer src 174.138.123.136/32
# allow only https ports
acl SSL_ports port 443
acl Safe_ports port 80 # http
acl Safe_ports port 443 # https
http_access deny !Safe_ports
http_access deny CONNECT !SSL_ports
http_access allow localhost manager
http_access deny manager
include /etc/squid/conf.d/*.conf
auth_param basic program /usr/lib/squid/basic_ncsa_auth /etc/squid/passwords
auth_param basic realm proxy
acl authenticated proxy_auth REQUIRED
http_access allow localhost
http_access allow authenticated
http_access deny all
http_port 8080
coredump_dir /var/spool/squid
当我在 https 中提供目标 url 时,它正在工作,否则它会从负载均衡器 ip 给出错误。
curl -x http://user:pass@lb_ip:8080 https://ifconfig.me # works
curl -x http://user:pass@lb_ip:8080 http://ifconfig.me # does not work
第二种情况的错误是
<h1>ERROR</h1>
<h2>The requested URL could not be retrieved</h2>
</div>
<hr>
<div id="content">
<p>The following error was encountered while trying to retrieve the URL: <a href="/">/</a></p>
当我尝试在示例中附加
/testhttp://curl -sx http://user:pass@lb_ip:8080 http://ifconfig.me/test | grep /test
<p>The following error was encountered while trying to retrieve the URL: <a href="/test">/test</a></p>
但是直接使用在这两种情况下都有效
curl -x http://user:pass@direct_ip:8080 https://ifconfig.me # works
curl -x http://user:pass@direct_ip:8080 http://ifconfig.me # works
我通过使用 TCP 而不是 HTTP 连接负载均衡器解决了这个问题。在地形中,它看起来像(从这里复制)
forwarding_rule {
entry_port = 80
entry_protocol = "tcp" // this is the main change
target_port = 3128
target_protocol = "tcp" // target must be tcp, if entry point is tcp
}
此解决方案可作为开源项目使用,我称之为 ProxyForge。