Loading... ## 前言 开发时,常在大陆服务器上部署或测试项目,因网络环境原因,当访问 github、k8s.gcr.io、quay.io 等资源时,速度会非常慢,甚至无法访问。 ## 其他解决方案弊端 网上的解决访问也有很多,因 github 使用了 cdn,通过找到大陆可访问的 cdn 节点填写到 hosts 中的方式来加速,一是不太稳定,二是速度也不一定快。 且对于 k8s.gcr.io、quay.io 这种,可能连可用的 ip 都找不到。 本文提出的解决访问,无需修改 docker 镜像源,配置加速无需重启使用者任何服务,即用即配。 ## 安装步骤(在海外服务器上) ### 前提条件 本文提出的解决访问也是 hosts 映射的方式,不过使用了自建服务器代理来解决。 要求条件: - 非大陆服务器一台 - 需占用服务器 443 端口 - ubuntu/debian 服务器(centos 未测试成功) ### 安装 sniproxy ```bash apt-get install -y git autotools-dev cdbs debhelper dh-autoreconf dpkg-dev gettext libev-dev libpcre3-dev libudns-dev pkg-config fakeroot devscripts git clone https://github.com/dlundquist/sniproxy.git cd sniproxy ./autogen.sh && dpkg-buildpackage dpkg -i ../sniproxy_*_*.deb apt-get install -y sniproxy ``` ### 配置 sniproxy 修改 `/etc/sniproxy.conf` 配置文件为如下内容: ```nginx # sniproxy example configuration file # lines that start with # are comments # lines with only white space are ignored user daemon # PID file pidfile /var/run/sniproxy.pid error_log { # Log to the daemon syslog facility syslog daemon # Alternatively we could log to file #filename /var/log/sniproxy/sniproxy.log # Control the verbosity of the log priority notice } # blocks are delimited with {...} listen 80 { proto http table http_hosts # Fallback backend server to use if we can not parse the client request fallback localhost:8080 access_log { filename /var/log/sniproxy/http_access.log priority notice } } listen 443 { proto tls table https_hosts access_log { filename /var/log/sniproxy/https_access.log priority notice } } # named tables are defined with the table directive table http_hosts { example.com 192.0.2.10:8001 example.net 192.0.2.10:8002 example.org 192.0.2.10:8003 # pattern: # valid Perl-compatible Regular Expression that matches the # hostname # # target: # - a DNS name # - an IP address (with optional port) # - '*' to use the hostname that the client requested # # pattern target #.*\.itunes\.apple\.com$ *:443 #.* 127.0.0.1:4443 } # named tables are defined with the table directive table https_hosts { # When proxying to local sockets you should use different tables since the # local socket server most likely will not autodetect which protocol is # being used example.org unix:/var/run/server.sock github.com$ * (.*.|)github.com$ * (.*.|)githubusercontent.com$ * translate.googleapis.com$ * gcr.io$ * k8s.gcr.io$ * quay.io$ * } # if no table specified the default 'default' table is defined table { # if no port is specified default HTTP (80) and HTTPS (443) ports are # assumed based on the protocol of the listen block using this table example.com 192.0.2.10 example.net 192.0.2.20 } ``` 上述配置中包含了代理 github、谷歌翻译、quay.io、k8s.gcr.io、gcr.io、可自行调整。 ### 启动 sniproxy 服务 ```bash sniproxy -c /etc/sniproxy.conf ``` ### 停止 sniproxy 服务 ```bash pkill sniproxy ``` ## 测试(在大陆服务器上) ### 配置 github hosts 将下方的 x.x.x.x 修改为你服务器的公网 ip,然后就可以加速访问国内 ``` sudo sed -i '/github/d' /etc/hosts sudo echo 'x.x.x.x github.githubassets.com x.x.x.x central.github.com x.x.x.x desktop.githubusercontent.com x.x.x.x assets-cdn.github.com x.x.x.x camo.githubusercontent.com x.x.x.x github.map.fastly.net x.x.x.x github.global.ssl.fastly.net x.x.x.x gist.github.com x.x.x.x github.io x.x.x.x github.com x.x.x.x api.github.com x.x.x.x raw.githubusercontent.com x.x.x.x user-images.githubusercontent.com x.x.x.x favicons.githubusercontent.com x.x.x.x avatars5.githubusercontent.com x.x.x.x avatars4.githubusercontent.com x.x.x.x avatars3.githubusercontent.com x.x.x.x avatars2.githubusercontent.com x.x.x.x avatars1.githubusercontent.com x.x.x.x avatars0.githubusercontent.com x.x.x.x avatars.githubusercontent.com x.x.x.x codeload.github.com x.x.x.x github-cloud.s3.amazonaws.com x.x.x.x github-com.s3.amazonaws.com x.x.x.x github-production-release-asset-2e65be.s3.amazonaws.com x.x.x.x github-production-user-asset-6210df.s3.amazonaws.com x.x.x.x github-production-repository-file-5c1aeb.s3.amazonaws.com x.x.x.x githubstatus.com x.x.x.x github.community x.x.x.x media.githubusercontent.com x.x.x.x objects.githubusercontent.com x.x.x.x raw.github.com x.x.x.x copilot-proxy.githubusercontent.com ' >> /etc/hosts ``` ### 测试 github 加速情况 ``` curl -I https://github.com ``` 如返回类似以下内容,则为正常 ``` HTTP/1.1 200 OK Server: GitHub.com Date: Mon, 14 Nov 2022 01:58:28 GMT Content-Type: text/html; charset=utf-8 Vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Language, Accept-Encoding, Accept, X-Requested-With content-language: en-US ETag: W/"52722faad6b1b0ee103e6d83982f005c" Cache-Control: max-age=0, private, must-revalidate Strict-Transport-Security: max-age=31536000; includeSubdomains; preload X-Frame-Options: deny X-Content-Type-Options: nosniff X-XSS-Protection: 0 ...... ``` ### 配置 k8s hosts 同理,见下方的 x.x.x.x 修改为你服务器的公网 ip,然后就可以加速访问了 ``` sudo echo 'x.x.x.x k8s.gcr.io x.x.x.x gcr.io x.x.x.x quay.io ' >> /etc/hosts ``` ### 测试 k8s 加速情况 可尝试拉取此镜像,能拉取成功,表示没问题 ``` docker pull k8s.gcr.io/etcd:3.4.3-0 ``` ## 总结 通过此办法,可加速很多开发资源,看你自己怎么发挥了,但一定要遵纪守法,不要通过技术作恶。 最后修改:2024 年 04 月 10 日 © 允许规范转载 打赏 赞赏作者 支付宝微信 赞 如果觉得我的文章对你有用,请我喝杯咖啡吧。