Squid and Puppet

This describes how to install Puppet and Squid on a "server" running SL6.


You first have to have the epel.repo repositories enabled in the yum.repos.d folder. Go into epel.repo and epel-testing.repo and set enabled=1. Then do

  • yum install puppet squid git

Puppet is installed in the /etc/puppet/ file where there is now a puppet.conf and manifests/ folder among others. A manifest is a script in puppet language used to tell puppet what do do on the designated machines. The set-up I have is standalone meaning I would like hep405 (the name of the server) to be able to pull manifests from a git repository and then run them. To test a basic manifest, in the manifests folder create site.pp and in there put

class test_class { 
               files { "/home/user/Desktop/tmpfile.txt":
               ensure => present,
               mode => 644, 
               owner => root,
               group => root,

node hep405 {
             include test_class

Then to run it, in the /etc/puppet folder do

  • sudo puppet apply ./manifests/site.pp

This should create tmpfile.txt on your desktop.

There are some other modules that can be installed from puppet-labs. To search for packages such as ntp d0

  • puppet module search ntp
And the to install
  • puppet module install ntpxxxx

Search for "squid" in the puppet forge found here here. I chose "thias/squid3". Do
  • puppet module search squid
  • puppet module install thias-squid3

In your puppet modules folder it will install squid3. In /squid3/manifests/ there will be the init.pp and params.pp files. These files specify everything for squid. It is possible to run it without changing anything and it should work. Do

  • puppet apply -e 'include squid3'

To test: If you were using a proxy beforehand do

export http_proxy=http://localhost:3128
. Then do
wget http://www.uct.ac.za
. Check the /var/log/squid/access.log to see if the request went through the proxy.

To test it from another computer: On another computer make sure you are connected to the same lan network and that it finds its address using DHCP, if there are advanced settings set the proxy to the ip address and port number of the server. i.e = xxx.xxx.xx.xxx:3128=. Another way to set the proxy server is in terminal to do

 export http_proxy=http://xxx.xxx.xx.xxx:3128 
Then on the server do
  • iptables -L
to see the firewall, then
  • /etc/init.d/iptables stop
to stop the firewall from blocking some connections. On the server in /puppet/modules/squid3/manifests/init.pp change it accordingly. For example:
$acl                  = ['myip src youripaddress'],
$http_access       = ['allow myip'],

Then run puppet again,

  • puppet apply -e 'include squid3'

From the other computer do

wget http://www.uct.ac.za
. It should show that it's connecting through the servers IP address. Check the access.log file on the server so see if this is the case.

This also creates a squid.conf file in /etc/squid/. A nice way of viewing the massive file is to use

  • cat /etc/squid/squid.conf | sed '/ *#/d; /^ *$/d'

which prints everything nicely to screen.

Edit | Attach | Watch | Print version | History: r3 < r2 < r1 | Backlinks | Raw View | WYSIWYG | More topic actions
Topic revision: r3 - 2014-06-05 - JoshuaWyattSmith
    • Cern Search Icon Cern Search
    • TWiki Search Icon TWiki Search
    • Google Search Icon Google Search

    Main All webs login

This site is powered by the TWiki collaboration platform Powered by PerlCopyright & 2008-2019 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.
Ideas, requests, problems regarding TWiki? Send feedback