yum update / apk update / apt-get update not working behind proxy

Question

I'm behind a proxy and I'm not able to build a Docker image.

I tried with FROM ubuntu, FROM centos and FROM alpine, but apt-get update / yum update / apk update failed.

My host OS is Windows 10, so I configured my Docker settings to use our proxy.

And I also added

ENV http_proxy http://<PROXY>
ENV https_proxy http://<PROXY>

to my Dockerfile but no success.

I also tried to set my proxy to http://<USER>:<PASS>@<PROXY>, but again no success.

I am able to pull Docker images. When I set my proxy settings to no proxy, I'm not able to pull images, so I guess my proxy URL is correct.

Any ideas what else I can try?

Edit:

I also tried to add our DNS server (which is listed under ipconfig /all) into the Docker settings, but again no success.

Edit2: I just realized I forget the "http://" within my Ubuntu Dockerfile. After adding this, docker build now works fine for ubuntu - but only for ubuntu. It still doesn't work for centos and alpine.

Here are all my 3 Dockerfiles:

Ubuntu:

FROM ubuntu

ENV http_proxy "http://<MY-PROXY>"
ENV https_proxy "http://<MY-PROXY>"

RUN apt-get update

CentOS:

FROM centos

ENV http_proxy "http://<MY-PROXY>"
ENV https_proxy "http://<MY-PROXY>"

RUN yum update 

Alpine:

FROM alpine

ENV http_proxy "http://<MY-PROXY>"
ENV https_proxy "http://<MY-PROXY>"

RUN apk update 

Error messages:

CentOS:

Step 4/4 : RUN yum update
 ---> Running in 3deecb71823d
Loaded plugins: fastestmirror, ovl

 One of the configured repositories failed (Unknown),
 and yum doesn't have enough cached data to continue. At this point the only
 safe thing yum can do is fail. There are a few ways to work "fix" this:

[...]

Cannot find a valid baseurl for repo: base/7/x86_64

Alpine:

Step 4/4 : RUN apk update
 ---> Running in 76c8579734cf
fetch http://dl-cdn.alpinelinux.org/alpine/v3.6/main/x86_64/APKINDEX.tar.gz
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.6/main: could not connect to server (check repositories file)
WARNING: Ignoring APKINDEX.84815163.tar.gz: No such file or directory
fetch http://dl-cdn.alpinelinux.org/alpine/v3.6/community/x86_64/APKINDEX.tar.gz
2 errors; 11 distinct packages available
ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.6/community: could not connect to server (check repositories file)
WARNING: Ignoring APKINDEX.24d64ab1.tar.gz: No such file or directory
The command '/bin/sh -c apk update' returned a non-zero code: 2

Answer 1

It's quite bad idea to set http(s)_proxy as system wide variable. U only need to make that package manager work's over proxy. If u still want to set http(s)_proxy don't forget about no_proxy or all your traffic will try to go via proxy host. For ubuntu i prefer to use something like this

FROM ubuntu
ARG PROXY=false
ARG PROXY_URL="http://proxy:8080"

RUN if [ "$PROXY" = true ] ; then echo 'Acquire::http::Proxy "'$PROXY_URL'";' >> /etc/apt/apt.conf ; fi && \
  apt-get update && \
  apt-get install -y vim

And execute it like this on server without internet connection, but local execute will work without proxy

docker build -t ubuntu-with-proxy --build-arg PROXY=true .

Centos also can handle proxy configuration inside yum.conf

FROM centos
ARG PROXY=false
ARG PROXY_URL="http://proxy:8080"

RUN if [ "$PROXY" = true ] ; then echo 'proxy="$PROXY_URL";' >> /etc/yum.conf ; fi && \
  yum install -y vim

And execute it like this on server without internet connection, but local execute will work without proxy

docker build -t centos-with-proxy --build-arg PROXY=true .

But i can't find such solution for alpine
I think that something like for Centos/Ubuntu could be achieved in Alpine with this, but i haven't test this yet.

FROM alpine
ARG PROXY=false
ARG PROXY_URL="http://proxy:8080"

RUN if [ "$PROXY" = true ] ; then echo "http_proxy = $PROXY_URL" > /etc/wgetrc && echo "use_proxy = on" >> /etc/wgetrc ; fi && \
  apk add -U vim

And again execution

docker build -t alpine-with-proxy --build-arg PROXY=true .

Answer 2

For CentOS, I explicitly had to enter my proxy port 80 and remove the http://-part. So for CentOS, a working solution looks like this (if proxy is running on port 80):

FROM centos

ENV http_proxy=<My-PROXY>:80
ENV https_proxy=<My-PROXY>:80

RUN yum update

Alpine is still missing, it looks like it requires additional line:

ENV HTTP_PROXY_AUTH=basic:*:<USER>:<PASS>

but is not working for me. It may be because of special chars inside my password, see: https://github.com/gliderlabs/docker-alpine/issues/305

I will update this answer if I find a solution.

Edit: For alpine, I use this:

FROM alpine

ENV http_proxy=http://<My-PROXY>:80/
ENV https_proxy=http://<My-PROXY>:80/

RUN apk update

Answer 3

Did you set the ENV http_proxy instructions after the RUN apt-get update instruction?

They should be set before they're used, as docker builds the image from the dockerfile from top to bottom.

Answer 4

We have faced the same issue with alpine and apk update. After all solution appears trivial. It looks like apk needs uppercase proxy variables and http:// segment in proxy server address

FROM alpine:3.8

ENV HTTP_PROXY http://proxyserver:proxyport
ENV HTTPS_PROXY http://proxyserver:proxyport

RUN apk update \
    && apk add bash

This solved the problem for us.

Answer 5

For me APK failed to use the proxy from within Docker because my CNTLM proxy wasn't binding to 0.0.0.0 (all interfaces), so the Docker network interface was unable to see it.

I changed my cntlm.conf file from:

Listen 58888

...to:

Listen 0.0.0.0:58888

(your port may vary)