0

Hi im using Docker on windows 10 with a proxy. Docker itself works fine with the proxy IP set correctly in the docker settings. I can download images through docker.

The problem is that any container I want to run or build also needs these HTTP_PROXY and HHTPS_PROXY variables. I can do this by adding it to build arguments, run arguments or the docker file. However none of these solutions are perfect because they add machine specific variable values to either the docker files and/or the docker-compose files.

I have checked the MobyLinuxVM's values for these HTTP_PROXY and HHTPS_PROXY variables by hacking into it with this trick: How to connect to docker VM (MobyLinux) from windows shell?

Eventhough these variables were displayed correctly any image that I run or dockerfile I build still needs to get these variables.

Is there a way that any container automatically gets these proxy environment variables from the docker deamon who already has them set? I know Linux has this feature by nature, but it seems to be missing for Windows.

Geerten Verweij
  • 33
  • 1
  • 6

2 Answers2

1

This does not provide a way to set those values or to get them in a container's context, but has stopped me from having to change my proxy settings every time I change IP addresses and keeps me from having to pass them to containers at runtime (builds are still a different story).

This works for me behind an NTLM-authenticating web proxy, even from home on VPN:

1) Get the IP address of the DummyDesperatePoitras virtual switch Docker for Windows creates (starts with 169.254., which is usually a non-routable IP)

2) Install CNTLM (not perfect, as it's not been updated in 5 years) and set it to listen on that "dummy" IP address

3) Use that "dummy" IP address as the proxy in Docker for Windows settings

4) Add your internal corporate DNS server's IP and the domain name to the daemon.json in Docker for Windows settings

Again, this works for running containers - I only have to deal with the proxy server when I run docker build, passing it along in the build-args. I've not found a way around that yet.

Detailed walkthrough: https://mandie.net/2017/12/10/docker-for-windows-behind-a-corporate-web-proxy-tips-and-tricks/

Amanda Debler
  • 178
  • 7
  • CNTLM makes everything work indeed, thanks. I'v decided I'll need to learn to live with the build-args. – Geerten Verweij Jan 24 '18 at 09:34
  • Hello @Amanda Debler I found your solution at dockerforum and at your blog but I don't have DummyDesperatePoitras virtual switch Docker. What am I missing? I tried cntlm with 0.0.0.0:3128 but it says connectino refused. I'd like to test your approach but It already fails at DummyDesperatePoitras virtual switch Docker. Thanks. – Matthis Kohli Jan 30 '18 at 12:21
  • @MatthisKohli Looks like they've fixed the "bug" I was relying on! I've also had success using a virtual interface VirtualBox made as both the CNTLM listen IP and the proxy IP in Docker. – Amanda Debler Feb 02 '18 at 10:03
0

My advice is to use a tool to transparently route all your traffic to the proxy, without having to set any proxy configuration locally.

For windows there is proxifier. It will transparently route all the traffic from your host to the proxy.

yamenk
  • 46,736
  • 10
  • 93
  • 87
  • I have Proxifier, but for internal, not publicly accessible domains, domain name resolution fails before the connection can be even handled by it. Any idea on how to make remote name resolution work? – vctls Oct 31 '20 at 18:10