moby: Docker run works behind proxy, and Docker build does not

What helped in my case was setting up HTTP_PROXY, http_proxy, HTTPS_PROXY, https_proxy in docker file (I build my image form a file not repository) and setting up

[Service]
Environment="HTTP_PROXY=...."
Environment="http_prosy=...."
Environment="HTTPS_PROXY=...."
Environment="https_proxy=...."

in

/etc/systemd/system/docker.service.d/http-proxy.conf

and then running

sudo systemctl daemon-reload
sudo service docker restart

I do not know if that is of a matter here, but I used proxy server IP addresses in docker file and domain names in docker file.

To solve the problem with curl in docker build, I added the following inside the Dockerfile:

ENV http_proxy=http://infoprx2:8080
ENV https_proxy=http://infoprx2:8080
RUN apt-get update && apt-get install -y curl vim

Note that the ENV statement is BEFORE the RUN statement.

and in order to make the docker daemon able to access the internet (I use kitematic with boot2docker), I added the following into /var/lib/boot2docker/profile :

export HTTP_PROXY=http://infoprx2:8080
export HTTPS_PROXY=http://infoprx2:8080

@julianonunes You need to set docker build --build-arg HTTP_PROXY=foo

Thanks to user by the name bpattewar.

His way of resolution worked for me(cut-paste below)

I colud solve it by setting http_proxy by using ip address of proxy server and not the url. My friend told reason for this is most of the images are by default set to use googles DNS server to resolve the url address. and thats why using url address for http_proxy fails.

Hi guys, I’m using a workaround to avoid this problem. I edited my ~/.bash_profile and added these lines to create an alias to docker build:

alias docker_build="docker build \
--build-arg http_proxy=$http_proxy \
--build-arg https_proxy=$https_proxy \
--build-arg no_proxy=$no_proxy \
--build-arg HTTP_PROXY=$http_proxy \
--build-arg HTTPS_PROXY=$https_proxy \
--build-arg NO_PROXY=$no_proxy "

Then now I use docker_build --other-options . to build my images.

I hope this helps somebody. 😄

Quotes are probably unnecessary, they are just precaution. Variable names (http_/https_proxy) should be in the lower case and are case-sensitive. docker build --build-arg "..." works against my company’s proxy (squid) for building at least debian based images. As each docker build step is done by making-committing-destroying intermediate container it cannot inherit any variables from system (if it did, it would make builds non-portable).

Hi, I don’t know the cause but just being outside the office network makes it work. Incase it is an option for anyone to run it being outside your office network.

I colud solve it by setting http_proxy by using ip address of proxy server and not the url. My friend told reason for this is most of the images are by default set to use googles DNS server to resolve the url address. and thats why using url address for http_proxy fails.

Would you please try, if you did not already, docker build --build-arg http_proxy="http://10.0.75.1:7777"?

Right, so the problem likely is that the default wget in Alpine is in fact busybox; here you can see that it’s a symlink to busybox:

docker run --rm alpine ls -la /usr/bin/wget
lrwxrwxrwx    1 root     root            12 Jan  9 19:37 /usr/bin/wget -> /bin/busybox

You can try installing an actual wget in alpine to see if that issue was fixed (the busybox version will get replaced with an actual wget binary);

docker run --rm alpine sh -c 'apk add --no-cache -q wget && ls -la /usr/bin/wget' 
-rwxr-xr-x    1 root     root        494784 Nov  9 20:19 /usr/bin/wget

If the proxy works correctly with the actual wget, then it’s likely busybox

I’m also experiencing this issue- setting the http_proxy build-arg to the ip address as suggested above does not fix the issue for me.

I have an added complication of having a proxy that requires authentication. I’ve tried qualifying the hostname and ip address of the proxy with the credentials (e.g. <username>:<password>@<proxy_address>:<proxy_port>), but to no avail.

I’m using windows 10 and the ubuntu shell. I’m able to pull docker images successfully, but cannot build for the reasons described above (specifically, fetches to the alpine download page fail) . Any advice or support would be greatly appreciated!!

For me it fail to resolve www.abc-proxy.com , so I have put ipaddress instead of URL so it is working.

On Thu, Apr 27, 2017 at 5:43 PM, Brian Goff notifications@github.com wrote:

For me DNS entries are set based on the host’s /etc/resolv.conf just like for docker run. Is it not doing that for you?

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/moby/moby/issues/24697#issuecomment-297876982, or mute the thread https://github.com/notifications/unsubscribe-auth/AHTzJZf_ourmeKv-lUidqkpEUAfnyi7tks5r0TY8gaJpZM4JNrxk .

The issue is that even we give proxy by HTTP_PROXY , docker container try to resolves it using DNS entries which are set inside docker container. Because of DNS entries in container are values of public domain server and not from the corporate DNS server entries, it fails to resolve it. Is there a way that you allow to configure DNS entry along with http_proxy value

On Thu, Apr 27, 2017 at 7:48 AM, Brian Goff notifications@github.com wrote:

The only thing docker does wrt HTTP_PROXY make sure the external communications it does goes through the proxy. In the container you’d still need to set proxy vars. The builder has special args for handling HTTP_PROXY that’s been passed through to --build-arg.

Not sure what else to do here.

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/moby/moby/issues/24697#issuecomment-297735556, or mute the thread https://github.com/notifications/unsubscribe-auth/AHTzJaAix5jOZEMrIDtXQgvUO6LxesGmks5r0Kq-gaJpZM4JNrxk .

Ok, it seems like setting up “DOCKER_OPTS” in “/etc/default/docker” solved my issue:

DOCKER_OPTS="--dns <MY_CORPORATTE_DNS> --dns 8.8.8.8 --dns 8.8.4.4"

and restart the docker service. I can build on both Debian Jessie and Ubuntu 14.04 successfully.

Here are my docker versions:

ashahba@ashahba2:~$ sudo docker version
Client:
 Version:      17.03.0-ce
 API version:  1.26
 Go version:   go1.7.5
 Git commit:   3a232c8
 Built:        Tue Feb 28 07:57:58 2017
 OS/Arch:      linux/amd64

Server:
 Version:      17.03.0-ce
 API version:  1.26 (minimum version 1.12)
 Go version:   go1.7.5
 Git commit:   3a232c8
 Built:        Tue Feb 28 07:57:58 2017
 OS/Arch:      linux/amd64
 Experimental: false

Of course since I have proxies setup here is how I build my image: sudo docker build --no-cache --build-arg HTTP_PROXY=$http_proxy --build-arg HTTPS_PROXY=$http_proxy --build-arg NO_PROXY=$no_proxy --build-arg http_proxy=$http_proxy --build-arg https_proxy=$http_proxy --build-arg no_proxy=$no_proxy --tag=<MY_TAG> .

For docker-compose up , you can set the http_proxy in docker-compose.yml ; Example:

version: ‘2’ services: parse-server: build: context: ./parse-server/ args: - http_proxy ports:

I’m on Debian Jessie and facing the same issue, while the same docker proxy setup works on CentOS 7.2.

I have the same problem and setting env variables globally or within the docker image did not help.

Reading package lists...
W: Failed to fetch http://cdn-fastly.deb.debian.org/debian/dists/jessie/InRelease

W: Failed to fetch http://cdn-fastly.deb.debian.org/debian-security/dists/jessie/updates/InRelease

W: Failed to fetch http://repos.mesosphere.io/debian/dists/wheezy/InRelease

W: Failed to fetch http://repos.mesosphere.io/debian/dists/wheezy/Release.gpg  Unable to connect to my_proxy:

W: Failed to fetch http://cdn-fastly.deb.debian.org/debian/dists/jessie/Release.gpg  Unable to connect to my_proxy:

W: Failed to fetch http://cdn-fastly.deb.debian.org/debian-security/dists/jessie/updates/Release.gpg  Unable to connect to my_proxy:

W: Some index files failed to download. They have been ignored, or old ones used instead.

@julianonunes Thanks for reporting the issue. When you configure the HTTP/HTTPS proxies in Docker for Desktop GUI, multiple things happen:

• The docker daemon is configured with these proxies so that it can pull images
• Every docker run command automagically gets HTTP_PROXY, http_proxy, HTTPS_PROXY and https_proxy added to the environnement variables.
• It should have been the same for docker build but it’s been forgotten. That’s the bug you are seeing.

By the way, because of the magic env rewriting, you don’t need to set those env variables on you windows host.

ping @dave-tucker Can you confirm what I’m saying?

I’ve tried docker build --build-arg HTTP_PROXY=http://127.0.0.1:7777 and docker build --build-arg HTTP_PROXY=http://10.0.75.1:7777.