Red Hat SummitChapter 3. Customizing the Red Hat Lightspeed proxy
With Red Hat Lightspeed proxy, you can designate additional dnf or yum servers, customize the rhproxy configuration, and use customized commands and configuration options.
3.1. Designating optional dnf and yum servers
To add additional third-party servers, including non-Red Hat and non-EPEL servers, create a custom allowlist for rhproxy.
Save the hostnames of systems providing dnf repositories in the following file:
/home/rhproxy/.config/rhproxy/env/mirror.servers-
Open the
/home/rhproxy/.config/rhproxy/env/mirror.serversfile, and add the hostnames of any systems that provide dnf repositories. After adding your systems, restart the service:
[rhproxy@server ~]$ rhproxy restart
-
Open the
Verification step
Run the following command to ensure that your third-party services were added:
[root@server ~]# curl -x http://$(hostname):3128 https://<hostname>
3.2. Customizing the rhproxy configuration
You can further customize your rhproxy configuration. For a list of configurable options and their descriptions, see Appendix A.
Prerequisites
- You have at least one active Red Hat Enterprise Linux (RHEL) subscription.
- For the Red Hat Lightspeed proxy installation, you have at least one system running RHEL version 9.
- You are logged in to the system as root or have sudo permissions.
- Your architectural environment is Intel or ARM.
-
You are logged in as the
rhproxyuser.
Procedure
- Log in to the Red Hat Lightspeed proxy server.
-
Edit the
/home/rhproxy/.config/rhproxy/env/rhproxy.envfile and make changes to the default configuration. Run the following command to restart the Red Hat Lightspeed proxy and enable your configuration edits to take effect:
[rhpproxy@server ~]$ rhproxy restartThe allowed upstream servers are listed in the following files:
Red Hat servers are listed in:
/home/rhproxy/.config/rhproxy/env/redhat.servers- The DNF or YUM EPEL servers are listed in:
/home/rhproxy/.config/rhproxy/env/epel.serversThe preceding files get overwritten with rhproxy RPM updates. When the files are overwritten, you must reapply the manual configuration updates that you make.
3.3. Unconfiguring client systems when you want to disable the Red Hat Lightspeed proxy
You might decide to stop using the Red Hat Lightspeed proxy. Use the following procedure to unconfigure your client systems so that they no longer go through the Red Hat Lightspeed proxy.
Prerequisites
- You have at least one active Red Hat Enterprise Linux (RHEL) subscription.
- You have at least one system running RHEL version 9, for the Red Hat Lightspeed proxy installation.
- You are logged in to the system as root or have sudo permissions.
- Your architectural environment is either Intel or ARM.
Procedure
- Open your command-line interface, and navigate to the specific client system you want to remove from the Red Hat Lightspeed proxy.
Run the following command on your client system:
[root@client ~] ./configure-client.sh --unconfigureVerification step
If the procedure is successful, you will see the following output:
Un-configuring insights-client/rhsm/rhc/rhcd from proxying to Red Hat Lightspeed
3.4. Appendix A: Command options for the Red Hat Lightspeed proxy
You can use the following options with the rhproxy command:
| Option | Description |
|---|---|
| install | Installs the Red Hat Lightspeed proxy. |
| uninstall [-f] |
Uninstalls the Red Hat Lightspeed proxy. Specify |
| start | Starts the Red Hat Lightspeed proxy. |
| stop | Stops the Red Hat Lightspeed proxy. |
| restart | Restarts the Red Hat Lightspeed proxy. |
| status | Displays the status of the proxy’s running service and connection logs. |
| update | If you change the default 3128 port, you will need to use this option to update the configure-client.sh script. |
3.5. Appendix B: Configuration options for the Red Hat Lightspeed proxy
If you want to run your proxy with non-default parameters, see the following table for a list of available options that you can set in the /home/rhproxy/.config/rhproxy/env/rhproxy.env configuration file.
| Option | Description |
|---|---|
| RHPROXY_DISABLE | This option will disable an active proxy. This defaults to 0. |
| RHPROXY_DEBUG_CONFIG | Use this option to log environment variables and Nginx configuration upon startup. This defaults to 0. |
| RHPROXY_SERVICE_PORT | Use this option to define the listening port of the Red Hat Lightspeed proxy. This defaults to 3128. |
| RHPROXY_DNS_SERVER | Use this option to define which DNS server to use for name resolution. This defaults to 1.1.1.1. The rhproxy service will use the system DNS resolver if defined, otherwise it defaults to 1.1.1.1. |
| RHPROXY_WEB_SERVER_DISABLE | Use this option to disable the Red Hat Lightspeed proxy web server. This defaults to 0. |
| RHPROXY_WEB_SERVER_PORT | Use this option to define the listening port of the Red Hat Lightspeed proxy web server. This defaults to 8443. |
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}