Using squid proxy to bypass 3rd party API IP whitelisting

Posted on November 8, 2016  •  1 minutes  • 145 words

At work, I have to work with many 3rd party supplier API which requires IP whitelisting. This is becoming an issue when we need to autoscale using multiple Kubernetes nodes.

There are several ways to deal with this

• Use NAT gateway to forward all outgoing traffic to the gateway
• Use a proxy like Squid

I went with Squid since it’s much easier. Tinkering with network setting is nightmare for me.

You can follow the tutorial here on Google Cloud Documentation and then export these environment variables below in your Kubernetes nodes / Docker container.

export http_proxy="http://<proxy-ip>:3128"
export https_proxy="http://<proxy-ip>:3128"
export ftp_proxy="http://<proxy-ip>:3128"
export no_proxy="169.254.169.254,metadata,metadata.google.internal"

You can verify if it’s working properly by checking the public IP address of the node afterward by curl ifconfig.me.

Also, package like request does respect <code>HTTP_PROXY</code> and <code>HTTPS_PROXY</code> so you probably don’t have to make any changes to the existing code base.