Re: [squid-users] Setting up squid for web application testing
On Wed, 2008-06-11 at 13:15 +1200, Amos Jeffries wrote: You need a cache_peer for each unique source (the app server and the upstream proxy.) Chris has already pointed you at cache_peer_access. That with a few dstdomain ACL can route the app requests to the app peer and the rest at the parent proxy. Using a cache_peer for the app server drops any need for special DNS or hosts file config. Everything happens at one place inside the squid.conf. Amos Thanks Amos + Chris! I didn't like putting in fake DNS entries anyway, so this way is much cleaner. For the archives, I have a 'edge' squid proxy, which can access the internet, and an internal Apache reverse proxy serving versions of our public websites for testing. I added an internal squid proxy, which sends requests for the 'testing' versions of the websites to the internal Apache reverse proxy, and requests for other sites onto the edge squid proxy. For the archive, the configuration is surprisingly simple: acl tested_sites dstdomain www.foo.com acl tested_sites dstdomain svc.foo.com (etc) cache_peer edge-proxy.internal parent 3128 0 proxy-only default cache_peer apache-reverse-proxy.internal parent 80 0 cache_peer_access edge-proxy.internal deny tested_sites cache_peer_access apache-reverse-proxy.internal deny !tested_sites Thanks again Tom signature.asc Description: This is a digitally signed message part
Re: [squid-users] Setting up squid for web application testing
On ons, 2008-06-11 at 14:52 +0100, Tom Evans wrote: For the archive, the configuration is surprisingly simple: acl tested_sites dstdomain www.foo.com acl tested_sites dstdomain svc.foo.com (etc) cache_peer edge-proxy.internal parent 3128 0 proxy-only default cache_peer apache-reverse-proxy.internal parent 80 0 cache_peer_access edge-proxy.internal deny tested_sites cache_peer_access apache-reverse-proxy.internal deny !tested_sites You also need never_direct allow all but I guess you already have that... REgards Henrik signature.asc Description: This is a digitally signed message part
[squid-users] Setting up squid for web application testing
Hi all squid-2.6.18HTTP Caching Proxy FreeBSD squid01-test.jail.xx 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Fri Mar 7 01:52:33 UTC 2008 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/PE1950 amd64 I'm trying to set up a testing/development infrastructure to mimic the production infrastructure. I have set up a squid proxy, which has local definitions in /etc/hosts for the sites I wish to test - assigning them all to a (singular) internal IP address. On this box, I have set up an Apache 2.2 reverse proxy, which handles static files and binding in application servers using http reverse proxy, FastCGI etc. To use the test infrastructure, I can just change my browser's http proxy to this new proxy, and it all works perfectly as expected. This new proxy is unlike the regular http proxy, in that it isn't on the edge of the network, it is internal. Therefore, it has no actual way of contacting any site that is not part of the internal test infrastructure. I was hoping I could chain this new proxy server with our regular web proxy server, so that 'regular' websites are accessible as well via the new proxy. I added cache_peer 10.xx.xx.xx parent 3128 3130 proxy-only default but this didn't work either (the rest of the config is stock, but with 'http_access allow all'). I also couldn't see how I could say which sites/domains are 'local' to this proxy server, and which should be fetched by asking the parent proxy. I'll continue to read on in the manual, and in the mailing list archive (3000+ results for cache_peer!) but if anyone has any pointers/tips, I'd be most appreciative. Cheers Tom signature.asc Description: This is a digitally signed message part
Re: [squid-users] Setting up squid for web application testing
Tom Evans wrote: Hi all squid-2.6.18HTTP Caching Proxy FreeBSD squid01-test.jail.xx 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Fri Mar 7 01:52:33 UTC 2008 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/PE1950 amd64 I'm trying to set up a testing/development infrastructure to mimic the production infrastructure. I have set up a squid proxy, which has local definitions in /etc/hosts for the sites I wish to test - assigning them all to a (singular) internal IP address. On this box, I have set up an Apache 2.2 reverse proxy, which handles static files and binding in application servers using http reverse proxy, FastCGI etc. To use the test infrastructure, I can just change my browser's http proxy to this new proxy, and it all works perfectly as expected. This new proxy is unlike the regular http proxy, in that it isn't on the edge of the network, it is internal. Therefore, it has no actual way of contacting any site that is not part of the internal test infrastructure. I was hoping I could chain this new proxy server with our regular web proxy server, so that 'regular' websites are accessible as well via the new proxy. I added cache_peer 10.xx.xx.xx parent 3128 3130 proxy-only default but this didn't work either (the rest of the config is stock, but with 'http_access allow all'). I also couldn't see how I could say which sites/domains are 'local' to this proxy server, and which should be fetched by asking the parent proxy. http://www.squid-cache.org/Versions/v2/2.6/cfgman/cache_peer_domain.html ...and the more granular... http://www.squid-cache.org/Versions/v2/2.6/cfgman/cache_peer_access.html I'll continue to read on in the manual, and in the mailing list archive (3000+ results for cache_peer!) but if anyone has any pointers/tips, I'd be most appreciative. Cheers Tom Chris
Re: [squid-users] Setting up squid for web application testing
Tom Evans wrote: Hi all squid-2.6.18HTTP Caching Proxy FreeBSD squid01-test.jail.xx 7.0-RELEASE FreeBSD 7.0-RELEASE #0: Fri Mar 7 01:52:33 UTC 2008 [EMAIL PROTECTED]:/usr/obj/usr/src/sys/PE1950 amd64 I'm trying to set up a testing/development infrastructure to mimic the production infrastructure. I have set up a squid proxy, which has local definitions in /etc/hosts for the sites I wish to test - assigning them all to a (singular) internal IP address. On this box, I have set up an Apache 2.2 reverse proxy, which handles static files and binding in application servers using http reverse proxy, FastCGI etc. To use the test infrastructure, I can just change my browser's http proxy to this new proxy, and it all works perfectly as expected. This new proxy is unlike the regular http proxy, in that it isn't on the edge of the network, it is internal. Therefore, it has no actual way of contacting any site that is not part of the internal test infrastructure. I was hoping I could chain this new proxy server with our regular web proxy server, so that 'regular' websites are accessible as well via the new proxy. I added cache_peer 10.xx.xx.xx parent 3128 3130 proxy-only default but this didn't work either (the rest of the config is stock, but with 'http_access allow all'). I also couldn't see how I could say which sites/domains are 'local' to this proxy server, and which should be fetched by asking the parent proxy. I'll continue to read on in the manual, and in the mailing list archive (3000+ results for cache_peer!) but if anyone has any pointers/tips, I'd be most appreciative. Cheers Tom You need a cache_peer for each unique source (the app server and the upstream proxy.) Chris has already pointed you at cache_peer_access. That with a few dstdomain ACL can route the app requests to the app peer and the rest at the parent proxy. Using a cache_peer for the app server drops any need for special DNS or hosts file config. Everything happens at one place inside the squid.conf. Amos -- Please use Squid 2.7.STABLE1 or 3.0.STABLE6