×
 
 
  •  
$helper.renderConfluenceMacro('{bmc-global-announcement:$space.key}')

Important

   

This documentation space contains information about PATROL Agents when deployed in a BMC Helix Operations Management environment. If you are a TrueSight Operations Management user, see PATROL Agent 20.08. Open link

BMC PATROL Agent for BMC Helix Operations Management 20.08 ... Installing Configuring after installation Configuring the PATROL Agent

Installing a Squid proxy server

As an administrator, you can set up a forward proxy server in your infrastructure environment so that PATROL Agent 20.08 and later can communicate with BMC Helix Operations Management via the proxy server. 

For internal testing, BMC has deployed the Squid proxy server in a container on Ubuntu by using the instructions in the following section. Squid also supports other types of installations. For more information, see Squid documentation. Open link

Note

The following commands are applicable to Ubuntu and might vary depending on the Linux distribution. Refer to the relevant operating system documentation for the commands.

To install a Squid proxy server as a Docker container without authentication support

  1. Log in to the computer on which you plan to install the Squid proxy server.

  2. Update the apt package index by running the following command: 
    apt-get update

  3. Install the package to enable apt to use a repository over HTTPS by running the following command:
    apt-get install apt-transport-https ca-certificates curl software-properties-common

  4. Add Docker's official GPG key by running the following command: 
    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

  5. Update the registry by running the following command: 

    add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

  6. Install the Docker engine by running the following command: 

    apt-get update
    apt-get install docker-ce

  7. Verify that Docker CE is installed correctly by running the hello-world image: 

    docker run hello-world

  8. Extract the Docker image of the Squid proxy server from the Docker repository:
    #Syntax
    docker pull <Squid docker image name>
    #Example
    docker pull sameersbn/squid:3.5.27-2

    Important

    sameersbn/squid:3.5.27-2 is a community Docker image and is used only as an example here. Use the Docker image approved by your organization.

  9. Download the squid.conf file and copy it to the /opt/tmp/ directory.

  10. Using a text editor, open the /opt/tmp/squid.conf file, and update the http_access parameter. By default http_access is set to deny all. Change it to allow all.
    http_access allow all

  11. Start the Docker container by running the following command: 
    docker run --name squid -d --restart=always --publish 3129:3128 --volume /opt/tmp/squid.conf:/etc/squid/squid.conf --volume /srv/docker/squid/cache:/var/spool/squid sameersbn/squid:3.5.27-2

    Parameter description

    • 3129: External proxy server container port that the PATROL Agent will use to talk to BMC Helix Operations Management. You can use any other port number in the preceding command.
    • 3128: Internal container port on which the proxy server is running. This is a default Squid proxy server port.
    • /opt/tmp/squid.conf: The configuration file that you updated in the Step 5.
    • /etc/squid/squid.conf: The configuration file created inside the container and linked to the /opt/tmp/squid.conf which is outside the container.
    • /srv/docker/squid/cache: The cache directory created outside the container by the Docker pull command.
    • /var/spool/squid: The directory inside the container and linked to /srv/docker/squid/cache that is outside the container.

    • sameersbn/squid:3.5.27-2: The Docker image name.

  12. Verify that the Docker container is running by using the following command:

    docker ps

  13. Update the PATROL Agent configuration to add the proxy server details as shown in the following example . For details, see Configuring PATROL Agents to support a forward proxy server.

    #Example
    PATROL_CONFIG "/AgentSetup/integration/forwardProxyServer" = {REPLACE = "testmachine.bmc.com:3129"}

    Parameter description

    testmachine.bmc.com: FQDN of the computer on which the Squid proxy server is installed.

    3129: External proxy server container port number. If you have configured a different port in Step 6, then use the relevant port number.

To install a Squid proxy server as a Docker container with authentication support

  1. Log in to the computer on which you plan to install the Squid proxy server.

  2. Update the apt package index by running the following command: 
    apt-get update

  3. Install the package to enable apt to use a repository over HTTPS by running the following command:

    apt-get install apt-transport-https ca-certificates curl software-properties-common

  4. Add Docker's official GPG key by running the following command: 

    curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add -

  5. Update the registry by running the following command: 

    add-apt-repository "deb [arch=amd64] https://download.docker.com/linux/ubuntu $(lsb_release -cs) stable"

  6. Install the Docker engine by running the following command: 

    apt-get update
    apt-get install docker-ce

  7. Verify that Docker CE is installed correctly by running the hello-world image: 

    docker run hello-world

  8. Extract the Docker image of the Squid proxy server from the Docker repository:

    #Syntax
    docker pull <Squid docker image name>
    #Example
    docker pull sameersbn/squid:3.5.27-2

    Important

    sameersbn/squid:3.5.27-2 is a community Docker image and is used only as an example here. Use the Docker image that is approved by your organization.

  9. Install the apache2-utils utility to manage credentials:

    sudo apt-get install apache2-utils

  10. Create a directory named squid in the /etc directory.

  11. Create a password file named passwd under /etc/squid, and change the ownership: 

    sudo touch /etc/squid/passwd
    sudo chown proxy: /etc/squid/passwd

  12. Add a new user to the Squid server. 
    sudo htpasswd /etc/squid/passwd testuser

    The command prompts you to enter a password for the new user. 

    In the preceding example, testuser is the new user added.

  13. Download the squid_auth.conf file and copy it to the /opt/tmp directory.

  14. Rename the squid_auth.conf file to squid.conf.

  15. Start the Docker container by running the following command: 

    docker run --name squid -d --restart=always --publish 3129:3128 --volume /opt/squid.conf:/etc/squid/squid.conf --volume /srv/docker/squid/cache:/var/spool/squid sameersbn/squid:3.5.27-2

    Parameter description

    • 3129: External proxy server container port that the PATROL Agent will use to talk to BMC Helix Operations Management. You can use any other port number in the preceding command.
    • 3128: Internal container port on which the proxy server is running. This is a default Squid proxy server port.
    • /opt/tmp/squid.conf: The configuration file that you downloaded in the Step 8.
    • /etc/squid/squid.conf: The configuration file that is created inside the container and linked to the /opt/tmp/squid.conf file which is outside the container.
    • /srv/docker/squid/cache: The cache directory created outside the container by the Docker pull command.
    • /var/spool/squid: The directory inside the container and linked to /srv/docker/squid/cache that is outside the container.
    • sameersbn/squid:3.5.27-2: The Docker image name.

  16. Verify that the the Docker container is running by using the following command: 

    docker ps

  17. Update the PATROL Agent configuration to add the proxy server, user and password details as shown in the following example. For details, see Configuring PATROL Agents to support a forward proxy server

    #Example
    PATROL_CONFIG "/AgentSetup/integration/forwardProxyServer" = {REPLACE = "testmachine.bmc.com:3129"}
    PATROL_CONFIG "/AgentSetup/integration/forwardProxyUser" = {REPLACE = "testuser"}
    PATROL_CONFIG "/SecureStore/mca/tenant/forwardProxyPasswd" = {REPLACE = "MCA/<password>"}


Was this page helpful? Yes No Submitting... Thank you
Last modified by Swati Malhotra on Dec 10, 2021
forward_proxy_server

Comments

  1. Peng Li

    The squid_auth.conf file can not be downloaded.

    Jul 11, 2021 11:54
    1. Shreya Gurukiran

      Hi Peng Li,

      Thanks for the feedback. This has been now been fixed. Hence, closing the comment.

      Regards,

      Shreya

      Jul 13, 2021 06:45
  2. Jon Brent Fournet

    We need detailed instructions on how to set up proxy authentication with LDAP

    Jul 29, 2021 01:28
    1. Shreya Gurukiran

      Hi Jon Brent Fournet,

      Thanks for your suggestions. As discussed with our SMEs, the Squid proxy authentication changes do not apply to the PA 20.08 doc space and will be available only in the PA BHOM 21.3 docs. Kindly review the squid proxy changes in my email 'FW: Support review for PA 21.3'.

      Sandeep Gaike

      Regards,

      Shreya

      Sep 02, 2021 02:35

Log in or register to comment.

Configuring PATROL Agents to support a forward proxy server
Migrating PATROL Agents
© Copyright 2014 - 2020 BMC Software, Inc.
Legal notices

Powered by Atlassian Confluence and Scroll Viewport

© Copyright 2005-2024 BMC Software, Inc. Use of this site signifies your acceptance of BMC’s Terms of Use . BMC, the BMC logo, and other BMC marks are assets of BMC Software, Inc. These trademarks are registered and may be registered in the U.S. and in other countries.