How to configure squid to act as a virtual host for docker images

squidvarnishvirtualhost

I have a server which is running a bunch of docker images (which basically just host a bunch of websites)

they all have different domain names all pointing to the server's IP

(lets say the server IP is 111.222.333.444)

(and my domains are www.one.com, www.two.com, www.three.com)

At the moment, the docker images all export port 80 to the server on a different port:

  • www.one.com is port 5080
  • www.two.com is port 5180
  • www.three.com is port 5280

So if I visit the URL:port then the website shows up.

But I want to use a virtual host so I can visit port 80 on every URL and it just redirect to the relevant port.

I know how to do this with apache, and probably could figure it out with nginx.

But I hear this is what squid is really for (plus apache as a virtual host seems like very heavy weight)

I've installed squid3 on my ubuntu12.04 server

and this is my squid.conf so far

http_port 80 accel defaultsite=www.one.com no-vhost
cache_peer 127.0.0.1 parent 5080 0 no-query originserver name=YourAccelNameHere
acl your_site_acl dstdomain www.one.com
http_access allow your_site_acl
cache_peer_access YourAccelNameHere allow your_site_acl
cache_peer_access YourAccelNameHere deny all

From reading a tutorial that "should" forward www.one.com to port 5080 on localhost (but it isn't)

I really have no idea about squid and from all my googling I cant seem to find a simple tutorial to do what I want.

Can anyone point me to a good tutorial or even better provide me a squid.conf that would do what I'm after?

Thanks

Best Answer

Answered it myself

My solution is:

I solved it with varnish

apt-get install varnish

Then I set my 

/etc/default/varnish

to

START=yes
NFILES=131072
MEMLOCK=82000
DAEMON_OPTS="-a :80 \
             -T localhost:6082 \
             -f /etc/varnish/default.vcl \
             -S /etc/varnish/secret \
             -s malloc,256m"

Then set my

/etc/varnish/default.vcl

to

backend default {
    .host = "127.0.0.1";
    .port = "80";
}

backend one_website {
    .host = "127.0.0.1";
    .port = "5080";
}

backend two_website {
    .host = "127.0.0.1";
    .port = "5180";
}

## Multiple virtual host
sub vcl_recv {
 if (req.http.host ~ "^www.default.com(:[0-9]+)?$") {
    set req.backend = default;
 } else if (req.http.host ~ "^www.one.com(:[0-9]+)?$") {
    set req.backend = one_website;
 } else if (req.http.host ~ "^www.two.com(:[0-9]+)?$") {
    set req.backend = two_website;
 }
}

## Fetch
sub vcl_fetch {
        ## Remove the X-Forwarded-For header if it exists.
        remove req.http.X-Forwarded-For;

        ## insert the client IP address as X-Forwarded-For. This is the normal IP address of the user.
        set    req.http.X-Forwarded-For = req.http.rlnclientipaddr;
        ## Added security, the "w00tw00t" attacks are pretty annoying so lets block it before it reaches our webserver
        if (req.url ~ "^/w00tw00t") {
                error 403 "Not permitted";
        }
                ## Deliver the content
        return(deliver);
}

## Deliver
sub vcl_deliver {
        ## We'll be hiding some headers added by Varnish. We want to make sure people are not seeing we're using Varnish.
        ## Since we're not caching (yet), why bother telling people we use it?
        remove resp.http.X-Varnish;
        remove resp.http.Via;
        remove resp.http.Age;

        ## We'd like to hide the X-Powered-By headers. Nobody has to know we can run PHP and have version xyz of it.
        remove resp.http.X-Powered-By;
}

I hope that can help someone else facing this problem!

Related Topic