nginx反向代理进行yum配置的步骤详解
part.0使用背景
公司内网服务器不能直接通过Internet上网,但为了与外网通信和同步时间等,会指定那么几台服务器可以访问Internet。这里就是通过能上网的机器作为代理,制作内网使用的yum仓库。
part.1环境
内网dns(推荐,非必须,因为可使用IP代替)
一台能上Internet的服务器A
不能上Internet的服务器能与A服务器通信
part.2nginx安装
在可连接外网的A中安装nginx
yuminstallnginx
part.3nginx配置
在主机A中添加nginx配置
$cd/etc/nginx/conf.d $vimproxy.conf
server{ listen80; #listen[::]:80; server_namemirrors.yourdomain.com; indexindex.htmlindex.htmindex.phpdefault.htmldefault.htmdefault.php; root/home/wwwroot/html; location/ubuntu/{ proxy_passhttp://mirrors.aliyun.com/ubuntu/; } location/centos/{ proxy_passhttp://mirrors.aliyun.com/centos/; } location/epel/{ proxy_passhttp://mirrors.aliyun.com/epel/; } }
part.4配置yumrepo源
修改无法连接外网的主机B的repo文件。
$cat/etc/yum.repos.d/CentOS-7.repo
[base] name=CentOS-$releasever-Base-mirrors.yourdomain.com failovermethod=priority baseurl=http://mirrors.yourdomain.com/centos/$releasever/os/$basearch/ http://mirrors.yourdomain.com/centos/$releasever/os/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=os gpgcheck=1 gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7 #releasedupdates [updates] name=CentOS-$releasever-Updates-mirrors.yourdomain.com failovermethod=priority baseurl=http://mirrors.yourdomain.com/centos/$releasever/updates/$basearch/ http://mirrors.yourdomain.com/centos/$releasever/updates/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=updates gpgcheck=1 gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7 #additionalpackagesthatmaybeuseful [extras] name=CentOS-$releasever-Extras-mirrors.yourdomain.com failovermethod=priority baseurl=http://mirrors.yourdomain.com/centos/$releasever/extras/$basearch/ http://mirrors.yourdomain.com/centos/$releasever/extras/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=extras gpgcheck=1 gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7 #additionalpackagesthatextendfunctionalityofexistingpackages [centosplus] name=CentOS-$releasever-Plus-mirrors.yourdomain.com failovermethod=priority baseurl=http://mirrors.yourdomain.com/centos/$releasever/centosplus/$basearch/ http://mirrors.yourdomain.com/centos/$releasever/centosplus/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=centosplus gpgcheck=1 enabled=0 gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7 #contrib-packagesbyCentosUsers [contrib] name=CentOS-$releasever-Contrib-mirrors.yourdomain.com failovermethod=priority baseurl=http://mirrors.yourdomain.com/centos/$releasever/contrib/$basearch/ http://mirrors.yourdomain.com/centos/$releasever/contrib/$basearch/ #mirrorlist=http://mirrorlist.centos.org/?release=$releasever&arch=$basearch&repo=contrib gpgcheck=1 enabled=0 gpgkey=http://mirrors.yourdomain.com/centos/RPM-GPG-KEY-CentOS-7
part.5配置hosts
$cat/etc/hosts 127.0.0.1localhostlocalhost.localdomainlocalhost4localhost4.localdomain4 ::1localhostlocalhost.localdomainlocalhost6localhost6.localdomain6 192.168.1.193mirrors.yourdomain.com #确保A主机IP和后面的反向代理地址
part.6配置iptables
pingmirrors.yourdomain.com #报错没有到主机的路由
此时查看B主机中的iptables信息,发现无法访问80,可以在最前添加一条规则。
$iptables-nvL 815528MACCEPTall--**0.0.0.0/00.0.0.0/0ctstateRELATED,ESTABLISHED 00ACCEPTall--lo*0.0.0.0/00.0.0.0/0 11761985KINPUT_directall--**0.0.0.0/00.0.0.0/0 11761985KINPUT_ZONES_SOURCEall--**0.0.0.0/00.0.0.0/0 11761985KINPUT_ZONESall--**0.0.0.0/00.0.0.0/0 00DROPall--**0.0.0.0/00.0.0.0/0ctstateINVALID 11756985KREJECTall--**0.0.0.0/00.0.0.0/0reject-withicmp-host-prohibited
$iptables-IINPUT-ptcp--dport80-jACCEPT
part.7测试是否成功
在B主机中进行,yummakecache操作。来判断是否能进行yum操作。
$yumcleanall $yummakecache
总结
以上就是这篇文章的全部内容了,希望本文的内容对大家的学习或者工作具有一定的参考学习价值,如果有疑问大家可以留言交流,谢谢大家对毛票票的支持。