问题描述
我有一个运行在GKE上的Kubernetes集群中的python FastAPI应用程序。我正在尝试从容器(荚)中获取出站流量,以通过privoxy进行路由。为了测试这一点,我在本地计算机上构建/运行容器,但是当我运行docker run -p 8080:8080 privoxy
命令时,得到的输出/日志挂在最后一行:
2020-09-08 13:32:15.342 7fb59e36de80 Info: privoxy version 3.0.26
2020-09-08 13:32:15.342 7fb59e36de80 Info: Program name: privoxy
2020-09-08 13:32:15.344 7fb59e36de80 Info: Loading filter file: /etc/privoxy/default.filter
2020-09-08 13:32:15.345 7fb59e36de80 Info: Loading filter file: /etc/privoxy/user.filter
2020-09-08 13:32:15.345 7fb59e36de80 Info: Loading actions file: /etc/privoxy/match-all.action
2020-09-08 13:32:15.345 7fb59e36de80 Info: Loading actions file: /etc/privoxy/default.action
2020-09-08 13:32:15.348 7fb59e36de80 Info: Loading actions file: /etc/privoxy/user.action
2020-09-08 13:32:15.348 7fb59e36de80 Info: Listening on port 8118 on IP address 0.0.0.0
我的问题是,“如何在运行时启动Docker容器内的privoxy,然后在不使privoxy挂起或引发错误的情况下运行我的应用程序(使用privoxy)?”
我的Dockerfile看起来像这样:
FROM continuumio/miniconda3:4.6.14
# ...
# Install privoxy
RUN set -xe \
&& apt-get update \
&& apt-get install -y privoxy \
&& curl -sSL https://github.com/tianon/gosu/releases/download/1.9/gosu-amd64 > /usr/sbin/gosu \
&& chmod +x /usr/sbin/gosu
RUN sed -i -e '/^listen-address \[/s/listen-address/#listen-address/' \
-e '/^enforce-blocks/s/0/1/' \
-e '/^#debug/s/#//' /etc/privoxy/config
VOLUME /etc/privoxy
EXPOSE 8118
# Install Firefox
RUN apt-get update && \
apt-get -y install firefox-esr
# Install Geckodriver
RUN wget https://github.com/mozilla/geckodriver/releases/download/v0.24.0/geckodriver-v0.24.0-linux64.tar.gz && \
tar xzf geckodriver-v0.24.0-linux64.tar.gz && \
mv geckodriver /usr/bin/geckodriver
# ...
CMD start.sh
start.sh
看起来像这样:
#!/usr/bin/env bash
gosu privoxy privoxy --no-daemon /etc/privoxy/config
cd /code
python app.py
当我启动webdriver / Selenium时,我使用以下功能:
from selenium import webdriver
from selenium.webdriver.firefox.options import Options as FFOptions
from selenium.webdriver.firefox.webdriver import WebDriver as FirefoxWebDriver
def get_container_firefox_driver(windows_mask: bool=True):
# create a new FireFox session
os.environ['MOZ_FORCE_disABLE_E10S'] = '1'
ff_options = FFOptions()
ff_options.add_argument('-new-instance')
ff_options.add_argument('-headless')
ff_profile = webdriver.FirefoxProfile()
# set some privacy settings
ff_profile.set_preference("places.history.enabled",False)
ff_profile.set_preference("privacy.clearOnShutdown.offlineApps",True)
ff_profile.set_preference("privacy.clearOnShutdown.passwords",True)
ff_profile.set_preference("privacy.clearOnShutdown.siteSettings",True)
ff_profile.set_preference("privacy.sanitize.sanitizeOnShutdown",True)
ff_profile.set_preference("signon.rememberSignons",False)
ff_profile.set_preference("network.cookie.lifetimePolicy",2)
ff_profile.set_preference("network.dns.disablePrefetch",True)
ff_profile.set_preference("network.http.sendRefererHeader",0)
# set socks proxy
ff_profile.set_preference("network.proxy.type",1)
ff_profile.set_preference("network.proxy.socks_version",5)
ff_profile.set_preference("network.proxy.socks",'127.0.0.1')
ff_profile.set_preference("network.proxy.socks_port",8118)
ff_profile.set_preference("network.proxy.socks_remote_dns",True)
# get a speed increase by not downloading images
ff_profile.set_preference("permissions.default.image",2)
driver = webdriver.Firefox(
firefox_profile=ff_profile,options=ff_options,executable_path="/usr/bin/geckodriver",)
return driver
其他尝试
我还尝试通过在Dockerfile中使用以下listen-address [::1]:8118
命令来注释掉privoxy配置文件的sed
行:
RUN sed -i -e '/^enforce-blocks/s/0/1/' \
-e '/^#debug/s/#//' /etc/privoxy/config
...但是当我这样做时,当在容器中启动privoxy时,出现以下“致命错误”:
2020-09-08 14:21:16.844 7fa4d8646e80 Info: privoxy version 3.0.26
2020-09-08 14:21:16.844 7fa4d8646e80 Info: Program name: privoxy
2020-09-08 14:21:16.845 7fa4d8646e80 Info: Loading filter file: /etc/privoxy/default.filter
2020-09-08 14:21:16.847 7fa4d8646e80 Info: Loading filter file: /etc/privoxy/user.filter
2020-09-08 14:21:16.847 7fa4d8646e80 Info: Loading actions file: /etc/privoxy/match-all.action
2020-09-08 14:21:16.847 7fa4d8646e80 Info: Loading actions file: /etc/privoxy/default.action
2020-09-08 14:21:16.849 7fa4d8646e80 Info: Loading actions file: /etc/privoxy/user.action
2020-09-08 14:21:16.850 7fa4d8646e80 Info: Listening on port 8118 on IP address 127.0.0.1
2020-09-08 14:21:16.850 7fa4d8646e80 Fatal error: can't bind to ::1:8118: Cannot assign requested address
解决方法
基于所使用的操作系统,privoxy的启动命令不正确。对于Debian Linux操作系统,每个privoxy startup manual的启动命令应为/etc/init.d/privoxy start --no-daemon
。另外,此命令之前的gosu
命令不是必需的,它会使privoxy启动崩溃。 start.sh应该如下所示:
#!/usr/bin/env bash
/etc/init.d/privoxy start --no-daemon
cd /code
python app.py
用listen-address [::1]:8118
注释RUN sed -i -e '/^listen-address \[/s/listen-address/#listen-address/ ...
行可以防止在privoxy启动期间出现致命错误,因此应使用它。