Remove the squid proxy contrib docs

* Squid proxy docs were added as a draft in 2017 to show a containerized setup for caching images for network boot environments * These docs never matured to a point of viability, I don't make use of squid, and they're unmaintained. Users would be better served consulting the squid project
2026-01-27 10:19:35 +00:00 · 2019-03-10 22:03:38 -07:00
parent a5d3a8a4a7
commit 7c9a94c6dc
3 changed files with 1 additions and 98 deletions
--- a/Documentation/deployment.md
+++ b/Documentation/deployment.md
@@ -248,7 +248,7 @@ $ curl http://matchbox.example.com:8080/assets/coreos/1967.3.0/
 <pre>...
 ```

-For large production environments, use a cache proxy or mirror suitable for your environment to serve Container Linux images. See [contrib/squid](../contrib/squid/README.md) for details.
+For large production environments, use a cache proxy or mirror suitable for your environment to serve Container Linux images.

 ## Network

--- a/README.md
+++ b/README.md
@@ -42,7 +42,6 @@
 ## Contrib

 * [dnsmasq](contrib/dnsmasq/README.md) - Run DHCP, TFTP, and DNS services with docker or rkt
-* [squid](contrib/squid/README.md) - Run a transparent cache proxy
 * [terraform-provider-matchbox](https://github.com/coreos/terraform-provider-matchbox) - Terraform provider plugin for Matchbox

 [docs]: https://coreos.com/matchbox/docs/latest
--- a/contrib/squid/README.md
+++ b/contrib/squid/README.md
@@ -1,96 +0,0 @@
-# Squid Proxy (DRAFT)
-
-This guide shows how to setup a [Squid](http://www.squid-cache.org/) cache proxy for providing kernel/initrd files to PXE, iPXE, or GRUB2 client machines. This setup runs Squid as a Docker container using the [sameersbn/squid](https://quay.io/repository/sameersbn/squid)
-image.
-
-The Squid container requires a squid.conf file to run. Download the example squid.conf file from the [sameersbn/docker-squid](https://github.com/sameersbn/docker-squid) repo:
-```
-curl -O https://raw.githubusercontent.com/sameersbn/docker-squid/master/squid.conf
-```
-
-Squid [interception caching](http://wiki.squid-cache.org/SquidFaq/InterceptionProxy#Concepts_of_Interception_Caching) is required for proxying PXE, iPXE, or GRUB2 client machines. Set the intercept mode in squid.conf:
-```
-sed -ie 's/http_port 3128/http_port 3128 intercept/g' squid.conf
-```
-
-By default, Squid caches objects that are 4MB or less. Increase the maximum object size to cache large files such as kernel and initrd images. The following example increases the maximum object size to 300MB:
-```
-sed -ie 's/# maximum_object_size 4 MB/maximum_object_size 300 MB/g' squid.conf
-```
-
-Squid supports a wide range of cache configurations. Review the Squid [documentation](http://www.squid-cache.org/Doc/) to learn more about configuring Squid.
-
-This example uses systemd to manage squid. Create the squid service systemd unit file:
-```
-cat /etc/systemd/system/squid.service
-#/etc/systemd/system/squid.service
-[Unit]
-Description=squid proxy service
-After=docker.service
-Requires=docker.service
-
-[Service]
-Restart=always
-TimeoutStartSec=0
-ExecStart=/usr/bin/docker run --net=host --rm \
-          -v /path/to/squid.conf:/etc/squid3/squid.conf:Z \
-          -v /srv/docker/squid/cache:/var/spool/squid3:Z \
-          quay.io/sameersbn/squid
-
-[Install]
-WantedBy=multi-user.target
-```
-
-Start Squid:
-```
-systemctl start squid
-```
-
-If your Squid host is running iptables or firewalld, modify rules to allow the interception and redirection of traffic. In the following example, 192.168.10.1 is the IP address of the interface facing PXE, iPXE, or GRUB2 client machines. The default port number used by squid is 3128.
-
-For firewalld:
-```
-firewall-cmd --permanent --zone=internal --add-forward-port=port=80:proto=tcp:toport=3128:toaddr=192.168.10.1
-firewall-cmd --permanent --zone=internal --add-port=3128/tcp
-firewall-cmd --reload
-firewall-cmd --zone=internal --list-all
-```
-
-For iptables:
-```
-iptables -t nat -A POSTROUTING -o enp15s0 -j MASQUERADE
-iptables -t nat -A PREROUTING -i enp14s0 -p tcp --dport 80 -j REDIRECT --to-port 3128
-```
-**Note**: enp14s0 faces PXE, iPXE, or GRUB2 clients and enp15s0 faces Internet access.
-
-Your DHCP server should be configured so the Squid host is the default gateway for PXE, iPXE, or GRUB2 clients. For deployments that run Squid on the same host as dnsmasq, remove any DHCP option 3 settings. For example ```--dhcp-option=3,192.168.10.1"```
-
-Update Matchbox policies to use the url of the Container Linux kernel/initrd download site:
-```
-cat policy/etcd3.json
-{
-  "id": "etcd3",
-  "name": "etcd3",
-  "boot": {
-    "kernel": "http://stable.release.core-os.net/amd64-usr/1235.9.0/coreos_production_pxe.vmlinuz",
-    "initrd": ["http://stable.release.core-os.net/amd64-usr/1235.9.0/coreos_production_pxe_image.cpio.gz"],
-    "args": [
-      "coreos.config.url=http://matchbox.foo:8080/ignition?uuid=${uuid}&mac=${mac:hexhyp}",
-      "coreos.first_boot=yes",
-      "console=tty0",
-      "console=ttyS0",
-      "coreos.autologin"
-    ]
-  },
-  "ignition_id": "etcd3.yaml"
-}
-```
-
-(Optional) Configure Matchbox to not serve static assets by providing an empty assets-path value.
-```
-# /etc/systemd/system/matchbox.service.d/override.conf
-[Service]
-Environment="MATCHBOX_ASSETS_PATHS="
-```
-
-Boot your PXE, iPXE, or GRUB2 clients.