Proxy Support for the AWS S3 Beat

A proxy allows you to securely fetch logs from the AWS S3 Beat without exposing the Open Collector virtual machine directly to the Internet. This can protect you from a number of exploitations and cyber threats. 

Prerequisites

Ensure the following prerequisites have been met before configuring Docker:

• The http_proxy environment variable has been exported and sourced.

• The https_proxy environment variable has been exported and sourced.

Configure Proxy for GitHub Access

Create an environment proxy configuration by doing the following:

1. Run the following command to open the /etc/environment file:

   vi /etc/environment

   
   

2. Add the following to the environment file:

   http_proxy=http://proxy_info:proxyPort https_proxy=http://proxy_info:proxyPort no_proxy="localhost,127.0.0.1"

   
   

3. Log off and then log back in.
   You can now use "wget" commands with GitHub.

Configure Docker

After you have run ./lrctl init to install Docker, complete the following steps to configure Docker to use the proxy:

1. Run the following command to create a systemd drop-in directory for the Docker service:

   $ sudo mkdir -p /etc/systemd/system/docker.service.d

   
   

2. Do one of the following:If using an HTTP proxy server, create a file called /etc/systemd/system/docker.service.d/http-proxy.conf that adds the HTTP_PROXY environment variable:[Service] Environment="HTTP_PROXY=http://proxy.example.com:PORT"If using an HTTPS proxy server, create a file called /etc/systemd/system/docker.service.d/https-proxy.conf that adds the HTTPS_PROXY environment variable:[Service] Environment="HTTPS_PROXY=https://proxy.example.com:PORT"

3. Run the following command to flush the changes:

   $ sudo systemctl daemon-reload

   
   

4. Run the following command to restart Docker:

   $ sudo systemctl restart docker

   
   

5. Verify that Docker is able to pull images from a repository by running the following command:

   $ docker run hello-world

   

   
   

6. Update the ~/.docker/config.json file by adding the following:

   Use the HTTP URL in httpsProxy since both of the machines are on the same private network.

   
   

   {
    "proxies":
    {
      "default":
      {
        "httpProxy": "http://proxy_info:proxyPort",
        "httpsProxy": "http://proxy_info:proxyPort",
        "noProxy": "*.test.example.com,.example2.com"
      }
    }
   }
   

   
   

   For more information on Docker, see 

   https://docs.docker.com/network/proxy/

   .