Installation guide
-rw-r--r--. 1 root squid 5450 Aug 23 21:23 lb.crt
-rw-r--r--. 1 root squid 1675 Aug 23 21:23 lb.key
-rw-r--r--. 1 root squid 5363 Aug 22 14:19 squid-ca.crt
The cache_peer directives set up the two proxies that will be used in round-robin format. Note that
you need to specify the CA certificate so that the load balancer can communicate with the proxies.
Further, we are only allowing port 443 traffic to hit these proxies using the squid acl i s_ssl and
cache_peer directives.
All traffic on port 80 is redirected to one proxy and defaults to the dhcp16.example.com proxy using
the d efaul tsi te directive. Acls are set up similar to the ssl port.
The ssl passwo rd _pro g ram directive allows you to send the SSL key passphrase (if used;
displayed for completeness) to squid on startup without human intervention. The contents of
password.out is a bash script that echos the SSL passphrase. The fo rward ed _fo r directive
configures the load balancer to send the fo rward ed _fo r headers to the proxies.
Important
Edit the /etc/sq ui d /sq ui d . co nf and comment out the default port, 3128, that squid
normally listens on:
# Squid normally listens to port 3128
# http_port 3128
Restart squid after config modifications:
# service squid restart
6.2. Set t ing up t he Client
You need to modify the /etc/sysco nfi g /rhn/up2d ate file on the client to correctly address the
load balancer:
serverURL[comment]=Remote server URL (use FQDN)
serverURL=https://lb.example.com/XMLRPC
The load balancer uses the Satellite CA certificate for its signed SSL certificate; you do not need to
modify the client CA certificate values.
6.3. T est ing t he Configurat ion
This section discusses basic testing of your load balancer and proxy configuration.
Initial T est ing
Start the load balancer and the proxy machines. Note that the Satellite Proxy logs will not be created
until the first requests are delivered (/var/l o g /rhn/). Try to install and remove an RPM file, such
as zsh.
Chapt er 6 . Load Balancing Sat ellit e Proxy Servers
27