Add registry-1.docker.io to reverse proxy cache
To use the mirror, you'd create a /etc/docker/daemon.json file: { "registry-mirrors": [ "http://mirror.dfw.rax.openstack.org:8081/registry-1.docker/" ] } Obviously using your regional mirror. We also use port 8081 because we need to ignore Expires headers, and don't want to affect the rdo proxy. Change-Id: Iba9a7580a11cdecb6a43a4fef703be2ca62d0539 Signed-off-by: Paul Belanger <pabelanger@redhat.com>
This commit is contained in:
parent
724e83b5ef
commit
836cddb2f2
@ -650,7 +650,7 @@ node /^mirror\..*\.openstack\.org$/ {
|
|||||||
$group = "mirror"
|
$group = "mirror"
|
||||||
|
|
||||||
class { 'openstack_project::server':
|
class { 'openstack_project::server':
|
||||||
iptables_public_tcp_ports => [22, 80, 8080],
|
iptables_public_tcp_ports => [22, 80, 8080, 8081],
|
||||||
sysadmins => hiera('sysadmins', []),
|
sysadmins => hiera('sysadmins', []),
|
||||||
afs => true,
|
afs => true,
|
||||||
afs_cache_size => 50000000, # 50GB
|
afs_cache_size => 50000000, # 50GB
|
||||||
|
@ -8,6 +8,9 @@ NameVirtualHost <%= @vhost_name %>:<%= @port %>
|
|||||||
Listen 8080
|
Listen 8080
|
||||||
NameVirtualHost <%= @vhost_name %>:8080
|
NameVirtualHost <%= @vhost_name %>:8080
|
||||||
|
|
||||||
|
Listen 8081
|
||||||
|
NameVirtualHost <%= @vhost_name %>:8081
|
||||||
|
|
||||||
<VirtualHost <%= @vhost_name %>:<%= @port %>>
|
<VirtualHost <%= @vhost_name %>:<%= @port %>>
|
||||||
ServerName <%= @srvname %>
|
ServerName <%= @srvname %>
|
||||||
<% if @serveraliases.is_a? Array -%>
|
<% if @serveraliases.is_a? Array -%>
|
||||||
@ -99,9 +102,9 @@ NameVirtualHost <%= @vhost_name %>:8080
|
|||||||
AllowOverride None
|
AllowOverride None
|
||||||
</Directory>
|
</Directory>
|
||||||
|
|
||||||
ErrorLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/<%= @name %>_proxy_error.log
|
ErrorLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/<%= @name %>_8080_error.log
|
||||||
LogLevel warn
|
LogLevel warn
|
||||||
CustomLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/<%= @name %>_proxy_access.log combined
|
CustomLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/<%= @name %>_8080_access.log combined
|
||||||
ServerSignature Off
|
ServerSignature Off
|
||||||
|
|
||||||
# Caching reverse proxy for things that don't make sense in AFS
|
# Caching reverse proxy for things that don't make sense in AFS
|
||||||
@ -125,3 +128,49 @@ NameVirtualHost <%= @vhost_name %>:8080
|
|||||||
ProxyPass "/rdo/" "https://trunk.rdoproject.org/"
|
ProxyPass "/rdo/" "https://trunk.rdoproject.org/"
|
||||||
ProxyPassReverse "/rdo/" "https://trunk.rdoproject.org/"
|
ProxyPassReverse "/rdo/" "https://trunk.rdoproject.org/"
|
||||||
</VirtualHost>
|
</VirtualHost>
|
||||||
|
|
||||||
|
<VirtualHost <%= @vhost_name %>:8081>
|
||||||
|
ServerName <%= @srvname %>:8081
|
||||||
|
|
||||||
|
# Disable directory listing by default.
|
||||||
|
<Directory />
|
||||||
|
Order Deny,Allow
|
||||||
|
Deny from all
|
||||||
|
Options None
|
||||||
|
AllowOverride None
|
||||||
|
</Directory>
|
||||||
|
|
||||||
|
ErrorLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/<%= @name %>_8081_error.log
|
||||||
|
LogLevel warn
|
||||||
|
CustomLog /var/log/<%= scope.lookupvar("httpd::params::apache_name") %>/<%= @name %>_8081_access.log combined
|
||||||
|
ServerSignature Off
|
||||||
|
|
||||||
|
# Caching reverse proxy for things that don't make sense in AFS
|
||||||
|
#
|
||||||
|
# General cache rules
|
||||||
|
CacheRoot "/opt/apache_cache"
|
||||||
|
CacheDirLevels 5
|
||||||
|
CacheDirLength 3
|
||||||
|
# SSL support
|
||||||
|
SSLProxyEngine on
|
||||||
|
# Prevent thundering herds.
|
||||||
|
CacheLock on
|
||||||
|
CacheLockPath "/tmp/mod_cache-lock"
|
||||||
|
CacheLockMaxAge 5
|
||||||
|
# 100MB
|
||||||
|
CacheMaxFileSize 104857600
|
||||||
|
# Ignore expire headers as the urls use sha256 hashes.
|
||||||
|
CacheIgnoreQueryString On
|
||||||
|
CacheStoreExpired On
|
||||||
|
|
||||||
|
# registry-1.docker.io
|
||||||
|
CacheEnable disk "/registry-1.docker"
|
||||||
|
ProxyPass "/registry-1.docker/" "https://registry-1.docker.io/"
|
||||||
|
ProxyPassReverse "/registry-1.docker/" "https://registry-1.docker.io/"
|
||||||
|
|
||||||
|
# dseasb33srnrn.cloudfront.net
|
||||||
|
CacheEnable disk "/cloudfront"
|
||||||
|
ProxyPass "/cloudfront/" "https://dseasb33srnrn.cloudfront.net/"
|
||||||
|
ProxyPassReverse "/cloudfront/" "https://dseasb33srnrn.cloudfront.net/"
|
||||||
|
|
||||||
|
</VirtualHost>
|
||||||
|
Loading…
x
Reference in New Issue
Block a user