Headless Installation
This installation guide provides step-by-step instructions for deploying Qpoint Proxy using Docker, enabling you to quickly set up a powerful and customizable egress proxy for controlling outbound traffic. Before beginning the installation, ensure Docker is installed and running on your system.
Prerequisites
Docker: Ensure Docker is installed on your host machine. For installation instructions, refer to the Docker official documentation.
Configuration Files: Prepare your
proxy-config.yaml
and any optional WebAssembly (WASM) modules.
Docker Installation
Prepare Configuration Files:
Place your
proxy-config.yaml
andhttp_duration.wasm
in a known directory. This directory will be mounted into the Docker container below.
Download the Docker Image:
Pull the latest version of the Qpoint Proxy Docker image
Run the Docker Container
Example 1: Running Without WASM Middleware
If you don't require custom middleware, you can omit the volume mount for the WASM file:
In this configuration, the proxy will run with the settings defined in proxy-config.yaml
but without any additional processing provided by WASM modules.
Example 2: Running With WASM Middleware
For scenarios where middleware is needed, include the WASM file mount and ensure your configuration file references the correct WASM module path:
Flags
--[no-]help
: Shows help information. Variants include--help-long
and--help-man
.--data-dir="/tmp/qtap"
: Specifies the directory to store state, defaulting to/tmp/qtap
.--tags=TAGS
: Tags to auto-attach to metrics.--middleware-egress-listen=":11001"
: Specifies the IP:PORT for middleware egress traffic, defaulting to:11001
.--registration-endpoint="https://api.qpoint.io"
: Registration endpoint for the proxy.--registration-token=REGISTRATION-TOKEN
: Token used for registration.--qpoint-config=QPOINT-CONFIG
: Path to the configuration file.--status-listen="0.0.0.0:10001"
: IP:PORT where the status server listens, defaulting to0.0.0.0:10001
.--envoy-config-root="."
: Root directory for generating dynamic Envoy configurations.--envoy-log-level=error
: Log level for Envoy, defaulting toerror
.--dns-lookup-family=V4_ONLY
: DNS lookup family, options includeV4_ONLY
.--default-tcp-listen-address="0.0.0.0"
: Default TCP IP address for listening, defaulting to0.0.0.0
.--transparent-tcp-forward-ports="18080:80,18443:443"
: Comma-separated list of<IP:>LISTEN_PORT:DESTINATION_PORT
for transparent TCP listening and forwarding.--middleware-tcp-forward-ports="10080:80,10443:443"
: Comma-separated list of<IP:>LISTEN_PORT:DESTINATION_PORT
for middleware TCP listening and forwarding.--unknown-endpoint-file-path="./unknown"
: File path for unknown endpoints.--unknown-endpoint-cache-size=1000
: Cache size for unknown endpoints, defaulting to 1000.--log-level=error
: Log level, defaulting toerror
.--log-encoding=json
: Log encoding format, defaulting tojson
.--[no-]log-caller
: Flag to include the log caller in the logs.
Troubleshooting
If you encounter issues during the installation:
Check Docker Logs: Use
docker logs [container_id]
to view the logs for the proxy container. This can provide insight into any errors or configuration issues.Configuration Validation: Ensure that your
proxy-config.yaml
is correctly formatted and all paths to files are correctly mapped in the Docker command.
By following these steps, you should have a functioning instance of Qpoint Proxy deployed using Docker, ready to be configured for your specific network requirements.
Last updated