Docker网络Http代理设置
背景
在一些实验室环境,服务器没有直接连接外网的权限,需要通过网络代理。我们通常会将网络代理直接配置在/etc/environment、/etc/profile之类的配置文件中,这对于大部分操作都是可行的。然而,docker命令却使用不了这些代理。比如docker pull时需要从外网下载镜像,就会出现如下错误:
$ docker pull hello-world
Unable to find image 'hello-world:latest' locally
Pulling repository docker.io/library/hello-world
docker: Network timed out while trying to connect to https://index.docker.io/v1/repositories/library/hello-world/images. You may want to check your internet connection or if you are behind a proxy..
See 'docker run --help'.ps: 本文在**Ubuntu16.04**下测试通过。
解决方案一:
停止docker服务,手动以使用2375端口监听所有网络接口的方式启动docker daemon。
$ systemctl stop docker.service
$ nohup docker daemon -H tcp://0.0.0.0:2375 -H unix:///var/run/docker.sock &详情参见:https://docs.docker.com/v1.11/engine/reference/commandline/daemon/#daemon-socket-option
解决方案二:
编辑配置文件,Ubuntu下是/etc/default/docker,CentOS下是/etc/sysconfig/docker。不过通过修改这两个文件来配置daemon已经是discouraged的了。不鼓励使用这种方法。
HTTP_PROXY="http://[proxy-addr]:[proxy-port]/"
HTTPS_PROXY="https://[proxy-addr]:[proxy-port]/"
export HTTP_PROXY HTTPS_PROXY解决方案三:
该方法是持久化的,修改后会一直生效。该方法覆盖了默认的docker.service文件。
1. 为docker服务创建一个内嵌的systemd目录
$ mkdir -p /etc/systemd/system/docker.service.d2. 创建/etc/systemd/system/docker.service.d/http-proxy.conf文件,并添加HTTP_PROXY环境变量。其中[proxy-addr]和[proxy-port]分别改成实际情况的代理地址和端口:
[Service]
Environment="HTTP_PROXY=http://[proxy-addr]:[proxy-port]/" "HTTPS_PROXY=https://[proxy-addr]:[proxy-port]/"3. 如果还有内部的不需要使用代理来访问的Docker registries,那么嗨需要制定NO_PROXY环境变量:
[Service]
Environment="HTTP_PROXY=http://[proxy-addr]:[proxy-port]/" "HTTPS_PROXY=https://[proxy-addr]:[proxy-port]/" "NO_PROXY=localhost,127.0.0.1,docker-registry.somecorporation.com"4. 更新配置:
$ systemctl daemon-reload5. 重启Docker服务:
$ systemctl restart docker详情参见:https://docs.docker.com/engine/admin/systemd/#http-proxy
使用socks5代理:
vim /usr/lib/systemd/system/docker.service
[Service]下增加
Environment=HTTP_PROXY=http://127.0.0.1:8118/
Environment=HTTPS_PROXY=http://127.0.0.1:8118/
Environment=NO_PROXY=localhost,127.0.0.1,m1empwb1.mirror.aliyuncs.com,docker.io,registry.cn-hangzhou.aliyuncs.com
[root@cloud4ourself-kcluster1 system]# systemctl daemon-reload
[root@cloud4ourself-kcluster1 system]# systemctl show docker |grep 127.0.0.1
Environment=GOTRACEBACK=crash HTTP_PROXY=http://127.0.0.1:8118/ HTTPS_PROXY=http://127.0.0.1:8118/ NO_PROXY=localhost,127.0.0.1,m1empwb1.mirror.aliyuncs.com,docker.io,registry.cn-hangzhou.aliyuncs.com
[root@cloud4ourself-kcluster1 system]# systemctl restart docker测试
[root@cloud4ourself-kcluster1 ~]# docker pull gcr.io/kubernetes-helm/tiller:v2.2.2
[root@cloud4ourself-kcluster1 ~]# ss -antp |grep EST |egrep '1080|8118'
ESTAB 0 0 127.0.0.1:8118 127.0.0.1:49807 users:(("privoxy",pid=30250,fd=11))
ESTAB 0 0 127.0.0.1:1080 127.0.0.1:34849 users:(("sslocal",pid=19727,fd=10))
ESTAB 0 0 127.0.0.1:49824 127.0.0.1:8118 users:(("docker-current",pid=15419,fd=72))
ESTAB 0 0 127.0.0.1:49807 127.0.0.1:8118 users:(("docker-current",pid=15419,fd=140))
ESTAB 0 0 127.0.0.1:34849 127.0.0.1:1080 users:(("privoxy",pid=30250,fd=7))
ESTAB 0 0 127.0.0.1:34866 127.0.0.1:1080 users:(("privoxy",pid=30250,fd=6))
ESTAB 0 0 127.0.0.1:1080 127.0.0.1:34866 users:(("sslocal",pid=19727,fd=9))
ESTAB 0 0 127.0.0.1:8118 127.0.0.1:49824 users:(("privoxy",pid=30250,fd=5))
出处:https://blog.csdn.net/m0_67402026/article/details/124526403
=======================================================================================
Docker使用socks5代理
创建docker服务插件目录
sudo mkdir -p /etc/systemd/system/docker.service.d创建一个名为http-proxy.conf的文件
sudo touch /etc/systemd/system/docker.service.d/http-proxy.conf编辑http-proxy.conf的文件
sudo vim /etc/systemd/system/docker.service.d/http-proxy.conf
写入内容(将代理ip和代理端口修改成你自己的)
- [Service]
- Environment="HTTP_PROXY=socks5://代理ip:代理端口/"
重新加载服务程序的配置文件
sudo systemctl daemon-reload重启docker
sudo systemctl restart docker验证是否配置成功
systemctl show --property=Environment docker输出如下表示成功:
出处:https://blog.csdn.net/zhikun518/article/details/113878919
=======================================================================================
Docker使用Socks5代理
话不多说,直接上配置,打开Docker服务配置文件
vim /etc/systemd/system/multi-user.target.wants/docker.service
Environment="HTTP_PROXY=socks5://账户:密码@IP:端口/
Environment=HTTPS_PROXY=socks5://账户:密码@IP:端口/
Environment=NO_PROXY=localhost,127.0.0.1,docker.io重载配置文件和重启服务
systemctl daemon-reload && systemctl restart docker
出处:https://myit.icu/index.php/archives/1534/
=======================================================================================
标签:127.0,http,0.1,代理,socks5,proxy,docker,Docker,PROXY From: https://www.cnblogs.com/mq0036/p/17184494.html