docker - 设置HTTP/HTTPS 代理

时间 2019-11-07

原文原文链接

一、设置代理缘由docker

因公司安全限制，全部外网需配置代理后才可上网，可是由于宿主机上设置过代理，并未太过多注意此问题，以后run时报以下错误：json

# docker run hello-worldubuntu

Unable to find image 'hello-world:latest' locally安全

docker: Error response from daemon: Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers).bash

See 'docker run --help'.app

在网上搜索过一番以后，发现：若是在docker 宿主机上设置了代理（HTTP、HTTPS）以后，在docker daemon 启动的时候，也要相应的告知 daemon，使用代理来访问internet!!ide

二、解决方案this

尽管docker daemon 的配置能够两种方式来实现：idea

2.1经过daemon.json文件来修改spa

2.2经过覆盖docker.service来实现

可是对于代理的配置，目前为止（docker 17.06）咱们只能使用第二个方案。具体的步骤以下：

建立docker.service目录

mkdir -p /etc/systemd/system/docker.service.d

建立HTTP&HTTPS代理文件

# cat /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment=HTTP_PROXY=xxx.xxx.xxx.xxx:8080 NO_PROXY=localhost,127.0.0.1

[root@localhost ~]# cat /etc/systemd/system/docker.service.d/https-proxy.conf
[Service]
Environment=HTTPS_PROXY=xxx.xxx.xxx.xxx:8080 NO_PROXY=localhost,127.0.0.1

解析：

主要是两点内容：

① HTTPS_PROXY 将它的值对应到您所但愿设置的代理服务地址和端口（例如: HTTPS_PROXY=https://proxy.example.com:443），我这里为了保护隐私，就用xxx代替.

② NO_PROXY 意味着某些状况下咱们不须要使用HTTPS代理来访问，通常这就配置私有仓库的路径（例如：NO_PROXY=localhost,127.0.0.1,mydocker-registry.com:5000）

三、完成修改后保存/刷新

# systemctl daemon-reload

# systemctl restart docker

四、查看修改结果

# docker run hello-world

Unable to find image 'hello-world:latest' locally
latest: Pulling from library/hello-world
d1725b59e92d: Pull complete 
Digest: sha256:0add3ace90ecb4adbf7777e9aacf18357296e799f81cabc9fde470971e499788
Status: Downloaded newer image for hello-world:latest

Hello from Docker!
This message shows that your installation appears to be working correctly.

To generate this message, Docker took the following steps:
 1. The Docker client contacted the Docker daemon.
 2. The Docker daemon pulled the "hello-world" image from the Docker Hub.
    (amd64)
 3. The Docker daemon created a new container from that image which runs the
    executable that produces the output you are currently reading.
 4. The Docker daemon streamed that output to the Docker client, which sent it
    to your terminal.

To try something more ambitious, you can run an Ubuntu container with:
 $ docker run -it ubuntu bash

Share images, automate workflows, and more with a free Docker ID:
 https://hub.docker.com/

For more examples and ideas, visit:
 https://docs.docker.com/get-started/

五、从新登陆docker hub

docker login -u xxx -p xxx

能够看到已经成功解决问题！

参考自官方文档：https://docs.docker.com/engine/admin/systemd/