2

Please disregard my incorrect spaces in the links and URLs. I don't have the reputation needed to post > 2 urls or 2 links.

I have a new installation of CentOS 6.7 as shown with the uname -a command below:

Linux 2.6.32-573.7.1.el6.x86_64 #1 SMP Tue Sep 22 22:00:00 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

This machine is behind a corporate firewall.

I have installed docker-io. The version information is (docker version):

Client version: 1.7.1 Client API version: 1.19 Go version (client): go1.4.2 Git commit (client): 786b29d/1.7.1 OS/Arch (client): linux/amd64 Server version: 1.7.1 Server API version: 1.19 Go version (server): go1.4.2 Git commit (server): 786b29d/1.7.1 OS/Arch (server): linux/amd64

The docker service is running:

docker (pid 2593) is running...

When I run sudo docker pull hello-world I get the error: Get https : //index.docker.io/v1/repositories/library/hello-world/images: dial tcp 54.165.23.153:443: connection timed out

When I run sudo docker run hello-world I get a similar error: Get https : //index.docker.io/v1/repositories/library/hello-world/images: dial tcp 52.7.162.45:443: connection timed out

I can browse to the URL https : //index.docker.io/v1/repositories/library/hello-world/images in Firefox (after I put in my userid/password for the proxy). I get:

[{"checksum": "", "id": "3f12c794407e68e515ba7f473a744e748ac8a827a2ea8b33855dec564238b2e5"}, {"checksum": "", "id": "975b84d108f1024953937167506c2935a081c8c55ae9e9f7b7deee118605367f"}, {"checksum": "", "id": "535020c3e8add9d6bb06e5ac15a261e73d9b213d62fb2c14d752b8e189b2b912"}, {"checksum": "", "id": "af340544ed62de0680f441c71fa1a80cb084678fed42bae393e543faea3a572c"}, {"checksum": "", "id": "a8219747be10611d65b7c693f48e7222c0bf54b5df8467d3f99003611afa1fd8"}, {"checksum": "", "id": "91c95931e552b11604fea91c2f537284149ec32fff0f700a4769cfd31d7696ae"}, {"checksum": "", "id": "e45a5af57b00862e5ef5782a9925979a02ba2b12dff832fd0991335f4a11e5c5"}, {"checksum": "", "id": "31cbccb51277105ba3ae35ce33c22b69c9e3f1002e76e4c736a2e8ebff9d7b5d"}, {"checksum": "", "id": "ef872312fe1bbc5e05aae626791a47ee9b032efa8f3bda39cc0be7b56bfe59b9"}, {"checksum": "", "id": "7fa0dcdc88de9c8a856f648c1f8e0cf8141a505bbddb7ecc0c61f1ed5e086852"}, {"checksum": "", "id": "bf16b6e27882c0790071c95326e0186eccd2b8ac2bd5ef34fecdbb332a90926e"}, {"checksum": "", "id": "8f5550346e6173730dca712d1fc87e671ae04d5899d6c4290f7897c054b2318e"}, {"checksum": "", "id": "f86750113cd23609d504342d39015d5c7f218935b8420dd43b79cd99f4f93960"}, {"checksum": "", "id": "0a1b1cfaa9a2153fdabe163d562fe1321a5c1d1db3a59e0fac7c65f966bc38a9"}, {"checksum": "", "id": "511136ea3c5a64f264b78b5433614aec563103b4d4702f3ba7d4d2698e22c158"}, {"checksum": "", "id": "2505d942a91db2045278f9d5c58067414d367c02506bbba96f0769a6ac6ad47b"}, {"checksum": "", "id": "565a9d68a73f6706862bfe8409a7f659776d4d60a8d096eb4a3cbce6999cc2a1"}]

curl www.google.com and curl http://www.google.com work correctly.

When I run: curl -v https://index.docker.io:443

I get the following: * About to connect() to index.docker.io port 443 (#0) * Trying 54.165.23.153... Connection timed out * Trying 54.84.122.145... Connection timed out * Trying 52.7.162.45... Connection timed out * couldn't connect to host * Closing connection #0 curl: (7) couldn't connect to host

I have tried the docker run and docker pull with and without the http_proxy and https_proxy information in a /etc/default/docker file based on another post on Stack Overflow. Originally, there was not a /etc/default/docker file available after the docker-io install. This did not help. Contents of the /etc/default/docker file shown below: http_proxy=http : //proxyName:port https_proxy=http : //proxyName:port

I also tried (in the /etc/default/docker file): export http_proxy=http : //proxyName:port export https_proxy=http : //proxyName:port

I have been googling all day today in an effort to resolve this issue and haven't made any progress.

JanetM
  • 53
  • 6

1 Answers1

1

Your problem is your corporate firewall. This may not be solvable as your company requires you to login with a username and password - you can download the image using firefox which I imagine is negotiating the proxy for you using LDAP or whatever.

You can try setting http_proxy and https_proxy variables in your shell which may work depending on the proxy 

$ export http_proxy=http://server-ip:port/
$ export http_proxy=http://127.0.0.1:3128/
$ export http_proxy=http://proxy-server.mycorp.com:3128/

http://www.cyberciti.biz/faq/linux-unix-set-proxy-environment-variable/

The chances are your company is minimising having any badly behaved code arriving inside their network so you probably shouldn't circumvent that and talk to your IT department

KeepCalmAndCarryOn
  • 8,817
  • 2
  • 32
  • 47
  • My IT poc watched for the docker request to come to the proxy. She never saw the call hit the proxy. She concluded that the request was going straight to the firewall instead of through the proxy and that is why it was being dropped. – JanetM Nov 04 '15 at 19:52
  • I have tried setting the proxy on the command line per the docker instructions and it hasn't made any difference. I have tried: sudo HTTP_PROXY=http://:/ docker run hello-world. Other variations I have tried are HTTP_PROXY=https://..., HTTPS_PROXY=https://, None of these seem to help. I also tried embedding my userid/password in the proxy. No good. – JanetM Nov 04 '15 at 19:59
  • did you do `export HTTP_PROXY=...`? and also it is usually in lowercase. Alternatively, depending on your budget you can proxy the whole of docker hub with artifactory https://www.jfrog.com/confluence/display/RTF/Docker+Repositories#DockerRepositories-ProxyingaRemoteDockerRegistry – KeepCalmAndCarryOn Nov 04 '15 at 20:38
  • I have also tried export http_proxy=.... with no luck.I can successfully curl the url that the docker run command is failing on. – JanetM Nov 05 '15 at 15:51
  • The same question is asked in http://stackoverflow.com/questions/30220728/connection-issue-with-docker?rq=1. The solution offered there did not help me in my situation. – JanetM Nov 05 '15 at 16:08
  • I was setting the HTTP_PROXY information for the docker cli, not the docker daemon.... Adding the information to the /etc/sysconfig/docker file for the daemon solved by problem. Thanks for your input. – JanetM Feb 24 '16 at 19:27