通过apt-cacher从elastic.co中获取debian包
我试图使用apt-cacher为elasticsearch、kibana和logstash取包裹,但没有运气。这个缓存服务器不应该充当通用代理,因此PassThroughPattern: .*听起来不像是一个好主意。
我尝试在/etc/apt-cacher-ng/acng.conf中执行重写规则(注意从http到https的重写)
Remap-elastic: http://artifacts.elastic.co ; https://artifacts.elastic.co在客户机上,我在`/etc/apt/apt.conf.d/02代理中有以下一行
Acquire::http::Proxy "http://192.168.140.18:3142";在/etc/apt/sources.list.d/elastic-7.x.list我有
deb http://artifacts.elastic.co/packages/7.x/apt stable main当我在客户机上执行apt update时,结果是
Err:4 http://artifacts.elastic.co/packages/7.x/apt stable InRelease
Connection failed [IP: 192.168.140.18 3142]
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
W: Failed to fetch http://artifacts.elastic.co/packages/7.x/apt/dists/stable/InRelease Connection failed [IP: 192.168.140.18 3142]
W: Some index files failed to download. They have been ignored, or old ones used instead.在服务器上,Debug选项设置为7,详细设置为2,我在/var/log/apt-cacher-ng/apt-cacher.err中获得
Thu Jul 1 12:22:44 2021|Returning to last state, 6
Thu Jul 1 12:23:10 2021|fileitem::DoDelayedUnregAndCheck, nextRunTime now: 1625134998
Thu Jul 1 12:23:13 2021|Detected incoming connection from the TCP socket
Thu Jul 1 12:23:13 2021|Client name: 192.168.140.5
Thu Jul 1 12:23:13 2021|Decoded request URI: http://artifacts.elastic.co/packages/7.x/apt/dists/stable/InRelease
Thu Jul 1 12:23:13 2021|Processing new job, GET http://artifacts.elastic.co/packages/7.x/apt/dists/stable/InRelease HTTP/1.1
Thu Jul 1 12:23:15 2021|Outgoing connection for Connection timed outartifacts.elastic.co, Port: 443
Thu Jul 1 12:23:15 2021|Outgoing connection for Network is unreachableartifacts.elastic.co, Port: 443
Thu Jul 1 12:23:16 2021|tcpconnect::ExpireCache, nextRunTime now: 1625135005
Thu Jul 1 12:23:18 2021|fileitem::DoDelayedUnregAndCheck, nextRunTime now: 9223372036854775805
Thu Jul 1 12:23:25 2021|tcpconnect::ExpireCache, nextRunTime now: 9223372036854775805
Thu Jul 1 12:23:45 2021|Outgoing connection for Connection timed outartifacts.elastic.co, Port: 443
Thu Jul 1 12:23:45 2021|Outgoing connection for Network is unreachableartifacts.elastic.co, Port: 443因此,我尝试了apt-cacher-ng的作者喜欢的方法,这次在服务器上没有对elastic.co的任何具体重写,但是在文件/etc/apt/sources.list.d/elastic-7.x.list中的客户端上没有任何特定的重写。
deb http://192.168.140.18:3142/HTTPS///artifacts.elastic.co/packages/7.x/apt stable main在客户机上执行apt update将导致
Err:4 http://192.168.140.18:3142/HTTPS///artifacts.elastic.co/packages/7.x/apt stable InRelease
Connection failed [IP: 192.168.140.18 3142]
Reading package lists... Done
Building dependency tree
Reading state information... Done
All packages are up to date.
W: Failed to fetch http://192.168.140.18:3142/HTTPS///artifacts.elastic.co/packages/7.x/apt/dists/stable/InRelease Connection failed [IP: 192.168.140.18 3142]
W: Some index files failed to download. They have been ignored, or old ones used instead.在/var/log/apt-cacher-ng/apt-cacher.err中的服务器上,调试选项设置为7,详细设置为2,我得到
Thu Jul 1 11:40:39 2021|Returning to last state, 6
Thu Jul 1 11:40:39 2021|Decoded request URI: /HTTPS///artifacts.elastic.co/packages/7.x/apt/dists/stable/InRelease
Thu Jul 1 11:40:39 2021|Processing new job, GET /HTTPS///artifacts.elastic.co/packages/7.x/apt/dists/stable/InRelease HTTP/1.1
Thu Jul 1 11:41:09 2021|Detected incoming connection from the TCP socket
Thu Jul 1 11:41:09 2021|Client name: 192.168.140.5
Thu Jul 1 11:41:09 2021|Decoded request URI: /HTTPS///artifacts.elastic.co/packages/7.x/apt/dists/stable/InRelease
Thu Jul 1 11:41:09 2021|Processing new job, GET /HTTPS///artifacts.elastic.co/packages/7.x/apt/dists/stable/InRelease HTTP/1.1
Thu Jul 1 11:41:10 2021|Outgoing connection for Connection timed outartifacts.elastic.co, Port: 443
Thu Jul 1 11:41:10 2021|Outgoing connection for Network is unreachableartifacts.elastic.co, Port: 443
Thu Jul 1 11:41:40 2021|Outgoing connection for Connection timed outartifacts.elastic.co, Port: 443
Thu Jul 1 11:41:40 2021|Outgoing connection for Network is unreachableartifacts.elastic.co, Port: 443除了调试和冗长之外,acng.conf文件中的所有其他选项都是默认的,对于像debian这样的普通回复,它可以正常工作,但我无法让它对弹性或proxmox工作。
所有的想法都欢迎。
回答 1
Unix & Linux用户
发布于 2021-07-01 12:16:19
我真是太蠢了。
我尝试从命令行从InRelease服务器下载elastic.co文件(这是我应该开始使用的东西),发现它被阻止了。
在Proxmox级别和lo中查看防火墙规则,发现端口443是不允许的(默认规则是阻塞的)。允许端口443上的传出通信,然后我尝试的第一个版本可以正常工作。
如果不是DNS,它的防火墙对吗?
https://unix.stackexchange.com/questions/656546
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号