By Yijun Chen, Solutions Architect
In this article, we will use Squid to set up a squid proxy to forward the traffic Express Connect between China and Australia. Similar steps would apply to deployments in other regions supported by Alibaba Cloud Elastic Compute Service (ECS). You can check out the full list of supported regions through this link.
The reason is that although some customer’s backend web service is deployed in Australia region, the customer facing portal is deployed in China. However, because of the uncertainty and insecurity of the public network, from time to time, this may lead to the large network latency and data package loss between the front-end and backend service
Alibaba Cloud Express Connect is a cloud service to help customers to establish a dedicated link between their VPCs in different regions, and therefore, it provides a reliable network across regions. Customer can use Express Connect as their data channel for the traffic between frontend and backend services which spans across regions.
Squid is a well-known proxy application to forward packages from one node to another, in this case, we will use it as a transit server to forward data from frontend tier to the backend web service tier.
Note: This setup is convenient for a direct connection between two nodes. If you are looking for a hybrid and distributed global network, ideal for enterprise users with high demand on network coverage, take a look at Alibaba Cloud’s newly launched Cloud Enterprise Network.
I have set up my ECS resource as shown in the figure above. If you need help setting up your ECS instances, read this tutorial. Detailed information of the setup is as follows:
Beijing VPC – Subnet 192.168.0.0/16
Beijing ECS (centos) – Private IP 192.168.1.207
Public IP 220.127.116.11Sydney VPC – Subnet 10.0.0.0/8
Sydney ECS (centos) –Private IP 10.0.1.204
Domain name example.chenyijun.me, DNS A record set to Beijing ECS’s public IP 18.104.22.168
Express Connect is configured between Beijing VPC and Sydney VPC, the configuration of Express connection is as following link
Step 1: Install Web Service in Sydney ECS
- Connect to the Sydney ECS instance via SSH.
- Update the server.
[Sydney ECS] $ yum update -y
- Install HTTPD.
[Sydney ECS] $ yum install httpd –y
- Configure the http service.
[Sydney ECS] $ cd /var/www/html [Sydney ECS] $ vi index.html #wring html here [Sydney ECS] $ service httpd start [Sydney ECS] $ chkconfig httpd on
Step 2: Install Squid in Beijing ECS
- Connect to the Beijing ECS instance via SSH.
- Update the server.
[Beijing ECS] $ yum update -y
- Install the squid.
[Beijing ECS] $ apt-get install squid3
- Start the squid service.
[Beijing ECS] $ service squid3 start
Step 3: Configure Squid in Beijing ECS
- In the Beijing ECS, open the Squid configuration file.
[Beijing ECS] $ vi /etc/squid3/squid.conf
- Delete following two existing configurations by default:
http_access deny all -> #http_access deny all http_port 3128 -> # http_port 3128
- Add following configurations:
http_port 80 accel vhost defaultsite=example.chenyijun.me cache_peer 10.0.1.204 parent 80 0 proxy-only name=ghost acl localip src 22.214.171.124/16 acl ghost_acl dstdomain example.chenyijun.me http_access allow ghost_acl cache_peer_access ghost allow ghost_acl
- Save the file, and reload Squid.
[Beijing ECS] $ service squid3 reload
Step 4: Testing
Open the browser, and type the domain name, such as example.chenyijun.me in this example, then the browser should be able to load the index.html webpage which is deployed in the Sydney server.
To learn more about Alibaba Cloud Express Connect, visit www.alibabacloud.com/product/express-connect