Docker Container
This installation guide provides step-by-step instructions for deploying Qpoint Proxy using Docker, enabling you to quickly set up a powerful and customizable egress proxy for controlling outbound traffic.
Prerequisites
Docker: Ensure Docker is installed on your host machine. For installation instructions, refer to the Docker official documentation.
Configuration Files: Prepare your
proxy-config.yamland any optional WebAssembly (WASM) middelware modules.
Docker Installation
Prepare Configuration Files
Place your proxy-config.yaml and any desired WASM files in a known directory. This directory will be mounted into the Docker container below.
Download the Docker Image:
Run the Docker Container
Running Without Local WASM Middleware
If you don't require custom middleware, or the WASM middleware is hosted somewhere that's reachable by the docker container, you can omit the volume mount for the WASM file:
In this configuration, the proxy will run with the settings defined in proxy-config.yaml.
Running With Local WASM Middleware
For scenarios where middleware is needed, include the WASM file mount and ensure your configuration file references the correct WASM module path:
Flags
To see the available options and flags, run:
Below is a comprehensive list of flags and options available for the Qpoint Proxy:
--[no-]access-log:Enable access logs ($ACCESS_LOG)--[no-]help: Show context-sensitive help (also try--help-longand--help-man).--data-dir="/tmp/qpoint": Directory to store state. (Environment Variable:$DATA_DIR)--tags=TAGS: Tags to auto-attach to metrics. (Environment Variable:$TAGS)--middleware-egress-listen=":11001": IPfor middleware egress traffic. (Environment Variable:$MIDDLEWARE_EGRESS_LISTEN)--qpoint-config=QPOINT-CONFIG: Configuration file path. (Environment Variable:$QPOINT_CONFIG)--envoy-config-root=".": Root directory to generate dynamic envoy configurations. (Environment Variable:$ENVOY_CONFIG_ROOT)--dns-lookup-family=V4_ONLY: DNS lookup family. (Environment Variable:$DNS_LOOKUP_FAMILY)--transparent-tcp-forward-ports="18080:80,18443:443":<IP:>LISTEN_PORT:DESTINATION_PORT,<IP:>LISTEN_PORT:DESTINATION_PORT(comma separated) for transparent TCP listening and destination forwarding. (Environment Variable:$TRANSPARENT_TCP_FORWARD_PORTS)--middleware-tcp-forward-ports="10080:80,10443:443":<IP:>LISTEN_PORT:DESTINATION_PORT,<IP:>LISTEN_PORT:DESTINATION_PORT(comma separated) for middleware TCP listening and destination forwarding. (Environment Variable:$MIDDLEWARE_TCP_FORWARD_PORTS)--unknown-endpoint-cache-size=1000: Cache size for unknown endpoints. (Environment Variable:$UNKNOWN_ENDPOINT_CACHE_SIZE)--registration-endpoint="https://api.qpoint.io": Registration endpoint. (Environment Variable:$REGISTRATION_ENDPOINT)--registration-token=REGISTRATION-TOKEN: Registration token. (Environment Variable:$REGISTRATION_TOKEN)--log-level=error: Log level. (Environment Variable:$LOG_LEVEL)--log-encoding=json: Log encoding. (Environment Variable:$LOG_ENCODING)--[no-]log-caller: Log caller. (Environment Variable:$LOG_CALLER)--envoy-log-level=error: Envoy log level. (Environment Variable:$ENVOY_LOG_LEVEL)--status-listen="0.0.0.0:10001": IPof status server to listen on. (Environment Variable:$STATUS_LISTEN)--default-tcp-listen-address="0.0.0.0": Default TCP IP address to listen on. (Environment Variable:$DEFAULT_TCP_LISTEN_ADDRESS)
Last updated