Docker Ubuntu Behind Proxy - docker

Looking at docs there is no instruction on how to run it behind a proxy.
https://docs.docker.com/installation/ubuntulinux/
Reading on forums, the instruction is to update /etc/default/docker to export the proxy setup.
export http_proxy="http://127.0.0.1:3128/"
export https_proxy="http://127.0.0.1:3128/"
export HTTP_PROXY="http://127.0.0.1:3128/"
export HTTPS_PROXY="http://127.0.0.1:3128/"
Then we restart/start docker
sudo service docker start
Inside a container, if I run 'apt-get', npm install, bower install I cant get through the proxy.
Not sure what I m missing.

Ubuntu 14.04 LTS
For Ubuntu 14.04 LTS who uses SysVinit, you should modify /etc/default/docker file:
# cat /etc/default/docker
# Docker Upstart and SysVinit configuration file
#
# THIS FILE DOES NOT APPLY TO SYSTEMD
#
# Please see the documentation for "systemd drop-ins":
# https://docs.docker.com/engine/articles/systemd/
#
.......
# If you need Docker to use an HTTP proxy, it can also be specified here.
export http_proxy="http://web-proxy.corp.xxxxxx.com:8080/"
export https_proxy="https://web-proxy.corp.xxxxxx.com:8080/"
......
Then restart docker:
service docker restart
Ubuntu 16.04 LTS / Ubuntu 18.04 LTS
For Ubuntu 16.04 LTS who uses Systemd, you can follow this post:
(1) Create a systemd drop-in directory:
mkdir /etc/systemd/system/docker.service.d
(2) Add proxy in /etc/systemd/system/docker.service.d/http-proxy.conf file:
# cat /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=https://web-proxy.corp.xxxxxx.com:8080/"
Environment="HTTPS_PROXY=https://web-proxy.corp.xxxxxx.com:8080/"
Environment="NO_PROXY=localhost,127.0.0.1,localaddress,.localdomain.com"
(3) Flush changes:
systemctl daemon-reload
(4) Restart Docker:
systemctl restart docker
Official Reference

For Ubuntu 14.04.2 LTS
Linux vagrant-ubuntu-trusty-64 3.13.0-54-generic #91-Ubuntu SMP Tue May 26 19:15:08 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux
Edit you /etc/default/docker file
sudo vim /etc/default/docker
Add this line at the bottom:
export http_proxy="http://PROXY_IP:PROXY_PORT"
Restart the docker service
sudo service docker restart

You can try to add lines in /etc/environment:
https_proxy="http://127.0.0.1:3128"
http_proxy="http://127.0.0.1:3128"
ftp_proxy="http://127.0.0.1:3128"
no_proxy="127.0.0.1/8, localhost, 192.168.0.0/16"
it will be useful for all services on your Linux system
Then edit /lib/systemd/system/docker.service.
In the end of the [Service] section, add line:
EnvironmentFile=/etc/environment
And then:
sudo systemctl daemon-reload
sudo systemctl restart docker.service

systemctl will have to installed, which can be problematic.
In case /etc/systemd/system/docker.service.d/http-proxy.conf or /etc/default/docker solution does not work for you, simply use the below command:
docker build [OPTIONS] PATH --build-arg http_proxy=http://your.proxy:port --build-arg https_proxy=http://your.proxy:port --build-arg no_proxy=.internal.domain,localhost,127.0.0.1

In Ubuntu 14.04 LTS:
An interesting issue about the HTTP_PROXY, HTTPS_PROXY is that: if your password has a special char like "$", "%", then it will not be processed correctly by the docker daemon when you execute command like: dock run xxx, you will encounter error. Then you can try to set the special char to others, good luck.

According to the Docs
Add to ~/.docker/config.json proxy configuration
{
"proxies":
{
"default":
{
"httpProxy": "http://127.0.0.1:3001",
"noProxy": "*.test.example.com,.example2.com"
}
}
}

You should replace 127.0.0.1 to your host IP or some public accessible IP

This is an old thread but none of the solutions here worked for me because I am not running docker desktop. What worked is the one in the documentation. You need to make a file /etc/systemd/system/docker.service.d/http-proxy.conf and specify proxies there
[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80"

Related

Set proxy on docker

Im using centos 7.7 and docker 19.03.
I cannot pull images and getting :
Error response from daemon: Get https://registry-1.docker.io.v2./: dial tcp lookup : server misbehaving
I did what all guides on google suggested:
cat /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Enviroment="HTTP_PROXY=http://myproxy"
systemctl deamon reload
systemctl restart docker
and nothing happends.
if i do echo $http_proxy i see my settings.
more settings:
/etc/enviroment
http_proxy=http://myproxy
https_proxy=https://myproxy
The proxy setting used to work and is working on another server.
On this server i had deleted docker old versions :
docker-1.13.1
docker-common-1.13.1
docker-client-1.13.1
With the older docker it seems to work but with docker-ce it doesnt.
I even rebooted and reinstalled again.
Solved it!
I guess because i am using Centos then doing
systemctl restart docker didnt really work.
Created the directory :
mkdir -p /etc/systemd/system/docker.service.d
Create the file :
nano /etc/systemd/system/docker.service.d/http-proxy.conf
Add the following line:
[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80/"
Restart daemon:
systemctl daemon-reload
And this restart method worked:
service docker restart
and then it accepted all the env vars
Set both variables, and they can both be set to your http server. The variable is for the type of traffic being proxied, not the protocol to the proxy server:
[Service]
Enviroment="HTTP_PROXY=http://myproxy"
Enviroment="HTTPS_PROXY=http://myproxy"
The latest documentation detailing the configuration of Docker to use Proxy server worked for me to build my latest docker image.
For latest docker clients (>= v17.07) create or edit the file ~/.docker/config.json
For older docker clients (<= v17.06) use the --env flag to set the proxy accordingly

Docker does not work behind proxy

unfortunately, I can't use my docker behind the proxy , I do what googling search suggest and this is the error I get when I run sudo docker run hello-world:
Unable to find image 'hello-world:latest' locally
docker: Error response from daemon: Get https://registry-
1.docker.io/v2/: Proxy Authentication Required.
See 'docker run --help'.
this is my '/etc/systemd/system/docker.service.d/http-proxy.conf' file :
[Service]
Environment="HTTP_PROXY=http://user:pass#127.0.0.1:8800/"
Environment="HTTPS_PROXY=https://user:pass#127.0.0.1:8800/"
my "etc/default/docker" file :
export http_proxy="http://127.0.0.1:3128/"
export https_proxy="http://127.0.0.1:3128/"
export HTTP_PROXY="http://127.0.0.1:3128/"
export HTTPS_PROXY="http://127.0.0.1:3128/"
what is the problem?
thank you :)
try this,
$ sudo vim /etc/resolv.conf
#add these lines on top and above one for home router…
nameserver 8.8.8.8
nameserver 8.8.4.4
After saving the /etc/resolv.conf file.
run $ sudo systemctl daemon-reload for reloading daemon process.
Then restart your docker :
run $ sudo systemctl restart docker
Docker is not available is some countries because of some unfair sanctions by US which are targeting people directly also startups ...
Any way you can use registry docker instead of docker_hub.
But for creating images and container from micro-services and projects and run them (local) you check this Link
All the best :)

How to enable "--squash" feature of Docker in Arch Linux?

To use --squash feature of Docker, you need to enable the experimental features of the Docker daemon. How this can be done on Arch Linux?
Thanks.
This is how I got it to work in ArchLinux with systemd
/etc/docker/daemon.json
added the json blob below
{
"experimental": true
}
then restart the service
systemctl restart docker.service
For confirmation, run docker version and you'll see the following line in the output
Client: Docker Engine - Community
....
Experimental: true
....
On Arch Linux, you can add --experimental=true to the end of the ExecStart=/usr/bin/dockerd -H fd:// line in the /usr/lib/systemd/system/docker.service file in order to enable the experimental feature.
Then, you need to reload and restart the Docker daemon:
systemctl daemon-reload
systemctl restart docker.service
With recent docker versions neither of the methods works any more. See https://github.com/docker/cli/issues/947
As a summary, there is docker and docker cli. Both are not the same. Experimental mode must be enabled for docker cli. Thus one has to edit the file $HOME/.docker/config.json.

Docker daemon config file on boot2docker / docker-machine / Docker Toolbox

Where can I find docker daemon config file on boot2docker machine?
According to this topic: Dockerfile: Docker build can't download packages: centos->yum, debian/ubuntu->apt-get behind intranet
I want to set '--dns' in DOCKER_OPTS, but I can't find this config file either at /etc/default or anywhere else.
Inside boot2docker (boot2docker ssh) / docker-machine (docker-machine ssh default) , open or create the file /var/lib/boot2docker/profile and add the following line:
EXTRA_ARGS="--dns 192.168.1.145"
Also works for:
EXTRA_ARGS="--insecure-registry myinternaldocker"
After the change you need to restart the docker daemon:
sudo /etc/init.d/docker restart
Or leave boot2docker / docker-machine and restart the entire virtual machine:
boot2docker restart
# for docker machine
docker-machine restart default
Information taken from: https://groups.google.com/d/msg/docker-user/04pAX57WQ7g/_LI-z8iknxYJ
If you are using a mac you have to go to a fresh terminal and run:
boot2docker ssh
This will open a new terminal, from there you have to edit or create a file
sudo vi /var/lib/boot2docker/profile
and add the DNS that you would like to add, for example:
DOCKER_OPTS="-dns 8.8.8.8 -dns 8.8.4.4"
After that you need to restart boot2docker. Here I had some issues at the beginning so I close everything and run in a terminal:
boot2docker down
boot2docker up
you can also use:
boot2docker restart
I had to do it twice. After that I started again using the normal boot2docker icon and everything worked.
If you want to script things, you can do these steps on one ugly line:
boot2docker ssh 'sudo sh -c "echo \"EXTRA_ARGS=\\\"--dns 1.2.3.4\\\"\" > /var/lib/boot2docker/profile && sudo /etc/init.d/docker restart"'

How to change the docker image installation directory?

From what I can tell, docker images are installed to /var/lib/docker as they are pulled. Is there a way to change this location, such as to a mounted volume like /mnt?
With recent versions of Docker, you would set the value of the data-root parameter to your custom path, in /etc/docker/daemon.json
(according to https://docs.docker.com/engine/reference/commandline/dockerd/#daemon-configuration-file).
With older versions, you can change Docker's storage base directory (where container and images go) using the -goption when starting the Docker daemon. (check docker --help).
You can have this setting applied automatically when Docker starts by adding it to /etc/default/docker
Following advice from comments I utilize Docker systemd documentation to improve this answer.
Below procedure doesn't require reboot and is much cleaner.
First create directory and file for custom configuration:
sudo mkdir -p /etc/systemd/system/docker.service.d
sudo $EDITOR /etc/systemd/system/docker.service.d/docker-storage.conf
For docker version before 17.06-ce paste:
[Service]
ExecStart=
ExecStart=/usr/bin/docker daemon -H fd:// --graph="/mnt"
For docker after 17.06-ce paste:
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd -H fd:// --data-root="/mnt"
Alternative method through daemon.json
I recently tried above procedure with 17.09-ce on Fedora 25 and it seem to not work. Instead of that simple modification in /etc/docker/daemon.json do the trick:
{
"graph": "/mnt",
"storage-driver": "overlay"
}
Despite the method you have to reload configuration and restart Docker:
sudo systemctl daemon-reload
sudo systemctl restart docker
To confirm that Docker was reconfigured:
docker info|grep "loop file"
In recent version (17.03) different command is required:
docker info|grep "Docker Root Dir"
Output should look like this:
Data loop file: /mnt/devicemapper/devicemapper/data
Metadata loop file: /mnt/devicemapper/devicemapper/metadata
Or:
Docker Root Dir: /mnt
Then you can safely remove old Docker storage:
rm -rf /var/lib/docker
For new docker versions we need to use data-root as graph is deprecated in v17.05.0: official deprecated docs
Edit /etc/docker/daemon.json (if it doesn’t exist, create it) and include:
{
"data-root": "/new/path/to/docker-data"
}
Then restart Docker with:
sudo systemctl daemon-reload
sudo systemctl restart docker
A more detailed step-by-step explanation (including moving data) using Docker Storage with data-root can be found in: Blog post
In case of Windows a similar post Windows specific
Much easier way to do so:
Stop docker service
sudo systemctl stop docker
Move existing docker directory to new location
sudo mv /var/lib/docker/ /path/to/new/docker/
Create symbolic link
sudo ln -s /path/to/new/docker/ /var/lib/docker
Start docker service
sudo systemctl start docker
Since I haven't found the correct instructions for doing this in Fedora (EDIT: people pointed in comments that this should also work on CentOS and Suse) (/etc/default/docker isn't used there), I'm adding my answer here:
You have to edit /etc/sysconfig/docker, and add the -g option in the OPTIONS variable. If there's more than one option, make sure you enclose them in "". In my case, that file contained:
OPTIONS=--selinux-enabled
so it would become
OPTIONS="--selinux-enabled -g /mnt"
After a restart (systemctl restart docker) , Docker should use the new directory
Don't use a symbolic Link to move the docker folder to /mnt (for example).
This may cause in trouble with the docker rm command.
Better use the -g Option for docker.
On Ubuntu you can set it permanently in /etc/default/docker.io. Enhance or replace the DOCKER_OPTS Line.
Here an example:
`DOCKER_OPTS="-g /mnt/somewhere/else/docker/"
This solution works on Red Hat 7.2 & Docker 1.12.0
Edit the file
/lib/systemd/system/docker.service in your text editor.
add -g /path/to/docker/ at the end of ExecStart directive. The complete line should look like this.
ExecStart=/usr/bin/dockerd -g /path/to/docker/
Execute the below command
systemctl daemon-reload
systemctl restart docker
Execute the command to check docker directory
docker info | grep "loop file\|Dir"
If you have /etc/sysconfig/docker file in Red Hat or docker 1.7.1 check this answer.
In CentOS 6.5
service docker stop
mkdir /data/docker (new directory)
vi /etc/sysconfig/docker
add following line
other_args=" -g /data/docker -p /var/run/docker.pid"
then save the file and start docker again
service docker start
and will make repository file in /data/docker
Copy-and-paste version of the winner answer :)
Create this file with only this content:
$ sudo vi /etc/docker/daemon.json
{
"graph": "/my-docker-images"
}
Tested on Ubuntu 16.04.2 LTS in docker 1.12.6
The official way of doing this based on this Post-installation steps for Linux guide and what I found while web-crawling is as follows:
Override the docker service conf:
sudo systemctl edit docker.service
Add or modify the following lines, substituting your own values.
[Service]
ExecStart=
ExecStart=/usr/bin/dockerd --graph="/mnt/docker"
Save the file. (It creates: /etc/systemd/system/docker.service.d/override.conf)
Reload the systemctl configuration.
sudo systemctl daemon-reload
Restart Docker.
sudo systemctl restart docker.service
After this if you can nuke /var/lib/docker folder if you do not have any images there you care to backup.
For Debian/Ubuntu or Fedora, you can probably use the other answers. But if you don't have files under /etc/default/docker or /etc/sysconfig/docker, and your system is running systemd, you may want to follow this answer by h3nrik. I am using Arch, and this works for me.
Basically, you need to configure systemd to read the new docker image location as an environment variable, and pass that environment variable into the Docker daemon execution script.
For completeness, here is h3nrick's answer:
Do you have a /lib/systemd/system/docker.service file?
If so, edit it so that the Docker service uses the usual /etc/default/docker as an environment file: EnvironmentFile=-/etc/default/docker.
In the /etc/default/docker file then add DOCKER_OPTS="-g /home/rseixas/Programs/Docker/images".
At the end just do a systemctl daemon-reload && systemctl restart docker.
For further information please also have a look at the documentation.
As recommneded by #mbarthelemy this can be done via the -g option when starting the docker daemon directly.
However, if docker is being started as a system service, it is not recommended to modify the /etc/default/docker file. There is a guideline to this located here.
The correct approach is to create an /etc/docker/daemon.json file on Linux (or Mac) systems or %programdata%\docker\config\daemon.json on Windows. If this file is not being used for anything else, the following fields should suffice:
{
"graph": "/docker/daemon_files"
}
This is assuming the new location where you want to have docker persist its data is /docker/daemon_files
A much simpler solution is to create a soft link point to whatever you want, such as
link -s /var/lib/docker /mnt/whatever
It works for me on my CentOS 6.5 server.
I was having docker version 19.03.14. Below link helped me.
Check this Link
in /etc/docker/daemon.json file I added below section:-
{
"data-root": "/hdd2/docker",
"storage-driver": "overlay2"
}
On openSUSE Leap 42.1
$cat /etc/sysconfig/docker
## Path : System/Management
## Description : Extra cli switches for docker daemon
## Type : string
## Default : ""
## ServiceRestart : docker
#
DOCKER_OPTS="-g /media/data/installed/docker"
Note that DOCKER_OPTS was initially empty and all I did was add in the argument to make docker use my new directory
On Fedora 26 and probably many other versions, you may encounter an error after moving your base folder location as described above. This is particularly true if you are moving it to somewhere under /home. This is because SeLinux kicks in and prevents the docker container from running many of its programs from under this location.
The short solution is to remove the --enable-selinux option when you add the -g parameter.
On an AWS Ubuntu 16.04 Server I put the Docker images on a separate EBS, mounted on /home/ubuntu/kaggle/, under the docker dir
This snippet of my initialization script worked correctly
# where are the images initially stored?
sudo docker info | grep "Root Dir"
# ... not where I want them
# modify the configuration files to change to image location
# NOTE this generates an error
# WARNING: Usage of loopback devices is strongly discouraged for production use.
# Use `--storage-opt dm.thinpooldev` to specify a custom block storage device.
# see https://stackoverflow.com/questions/31620825/
# warning-of-usage-of-loopback-devices-is-strongly-discouraged-for-production-use
sudo sed -i ' s##DOCKER_OPTS=.*#DOCKER_OPTS="-g /home/ubuntu/kaggle/docker"# ' /etc/default/docker
sudo chmod -R ugo+rw /lib/systemd/system/docker.service
sudo cp /lib/systemd/system/docker.service /etc/systemd/system/
sudo chmod -R ugo+rw /etc/systemd/system/
sudo sed -i ' s#ExecStart.*#ExecStart=/usr/bin/dockerd $DOCKER_OPTS -H fd://# ' /etc/systemd/system/docker.service
sudo sed -i '/ExecStart/a EnvironmentFile=-/etc/default/docker' /etc/systemd/system/docker.service
sudo systemctl daemon-reload
sudo systemctl restart docker
sudo docker info | grep "Root Dir"
# now they're where I want them
For Mac users in the 17.06.0-ce-mac19 version you can simply move the Disk Image location from the user interface in the preferences option Just change the location of the disk image and it will work (by clicking Move disk Image) and restarting the docker. Using this approach I was able to use my external hardisk for storing docker images.
For Those looking in 2020. The following is for Windows 10 Machine:
In the global Actions pane of Hyper-V Manager click Hyper-V
Settings…
Under Virtual Hard Disks change the location from the
default to your desired location.
Under Virtual Machines change the
location from the default to your desired location, and click apply.
Click OK to close the Hyper-V Settings page.
This blog post helps me
Here are the steps to change the directory even after you’ve created Docker containers etc.
Note, you don’t need to edit docker.service or init.d files, as it will read the change from the .json file mentioned below.
Edit /etc/docker/daemon.json (if it doesn't exist, create it)
Add the following
{
"data-root": "/new/path/to/docker-data"
}
Stop docker
sudo systemctl stop docker
Check docker has been stopped
ps aux | grep -i docker | grep -v grep
Copy the files to the new location
sudo rsync -axPS /var/lib/docker/ /new/path/to/docker-data
Start Docker back up
sudo systemctl start docker
Check Docker has started up using the new location
docker info | grep 'Docker Root Dir'
Check everything has started up that should be running
docker ps
Leave both copies on the server for a few days to make sure no issues arise, then feel free to delete it.
sudo rm -r /var/lib/docker

Resources