平时大家在部署环境或项目时,肯定有碰到类似的网络环境:私有网络中,有一台机器(一般是跳板机或代理机)可访问外网,其它机器无外网访问权限。这时除这台以外的其他机器,yum无法正常安装软件。解决方案是:在有外网权限的机器上配置squid代理到公网,然后为内网其他机器配置yum代理,使用公网的yum源(例如mirrors.aliyun.com)安装软件包。

此次实验环境:CentOS7.3_x64

配置squid

在有外网权限的机器上(假设这台主机名为manage01)squid代理使用默认配置,只需要修改下面配置重启即可:

/etc/sqiud/squid.conf

1
2
#http_access deny all
http_access allow all

重启squid

1
systemctl restart squid

squid默认监听3128端口

配置yum代理

在/etc/yum.conf添加一行即可

1
proxy=http://manage01:3128

配置aliyun仓库

/etc/yum.repos.d/aliyun.repo

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
[base]
name=CentOS-$releasever - Base
baseurl=http://mirrors.aliyun.com/centos/7/os/$basearch/
enabled=1
gpgcheck=0
gpgkey=http://mirrors.aliyun.com/centos/7/os/x86_64/RPM-GPG-KEY-CentOS-7

#released updates
[updates]
name=CentOS-$releasever - Updates
baseurl=http://mirrors.aliyun.com/centos/7/updates/$basearch/
enabled=1
gpgcheck=0
gpgkey=http://mirrors.aliyun.com/centos/7/os/x86_64/RPM-GPG-KEY-CentOS-7

[extras]
name=CentOS-$releasever - Extras
baseurl=http://mirrors.aliyun.com/centos/7/extras//$basearch/
enabled=1
gpgcheck=0
gpgkey=http://mirrors.aliyun.com/centos/7/os/x86_64/RPM-GPG-KEY-CentOS-7

[centosplus]
name=CentOS-$releasever - Plus
baseurl=http://mirrors.aliyun.com/centos/7/centosplus//$basearch/
enabled=1
gpgcheck=0

验证

1
2
yum cleann all
yum repolist