Introduction: In this post, we are going to see how to use docker httpd image and extend it to suit our needs and run the Apache web server as a Docker container. Then the client entry point script has access to the proxy container's IP via an environment variable.īy the way, if you can get away with using mitmproxy in non-transparent mode (configure the client explicitly to use an HTTP proxy), I'd highly recommend it. Docker Reverse Proxy - Docker httpd apache example. Container linking makes that easier: you can start the proxy container, and link it when starting the client container. If this is a setup you'll be repeating regularly, consider using an entry point script on the client image that will set this up for you automatically when the container starts. In the "client" container, just use ip route commands to change the default gateway to the proxy container's IP address on the docker bridge. I use a small start script as the proxy image's entry point for this since network settings changes occur at container runtime only and cannot be specified in a Dockerfile or otherwise persisted. In the "proxy" container, configure the iptables pre-routing NAT rule according to the mitmproxy transparent mode instructions, then start mitmproxy (with the -T flag to enable transparent mode). Make sure to use that option when starting both containers, since they both require some network adjustments to enable transparent packet interception. In this case, the one you require is called CAP_NET_ADMIN (full list here: ), so you could add -cap-add NET_ADMIN to your docker run command. By running in privileged mode, you grant all capabilities to the container - but there is also an option to grant individual capabilities as needed. The default capability set granted to containers does not allow a container to modify network settings.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |