Saturday, February 7, 2015

Docker behind firewall

In the container, i wanted to use curl to download something, i'll always get a bad address error.  and even the proxy server hostname fail to resolve.

I'm using ubuntu, it set the dns to 127.0.0.1, however, docker can't use it, so docker use 8.8.8.8 (google public dns) by default.

the problem is behind firewall, i can't access 8.8.8.8, so we'll have to add the dns setting to docker

in /etc/default/docker add --dns for your dns ip.

DOCKER_OPTS="--dns <ip1> --dns <ip2> --dns 8.8.8.8 --dns 8.8.4.4"

I keep the google dns here so when i'm not behind firewall, i can resolve hostname with google dns.

and if you need Docker to use an HTTP proxy, it can also be specified here.

export http_proxy="http://proxy:8008"
so, no more ENV http_proxy in the Dockerfile, it's not portable and should not be specified in the Dockerfile.

and don't forget to restart docker service after making the change.

service docker restart
UPDATE:
if you're using systemd, the /etc/default/docker is not used.  you'll have to add the following to
/etc/systemd/system/docker.service.d$ cat docker.conf 
[Service]
EnvironmentFile=-/etc/default/docker
ExecStart=
ExecStart=/usr/bin/docker -d $DOCKER_OPTS -H fd://