7

I am running the following command from docker within an ubuntu virtualbox and getting a connection refused error.

I am behind a corporate proxy and have configured my environmental vairables to use the proxy and username and password. I also tried using a proxychain.

root@mbak1-VirtualBox:~# sudo proxychains docker pull busybox
ProxyChains-3.1 (http://proxychains.sf.net)
Using default tag: latest
Error response from daemon: Get https://registry-1.docker.io/v2/: dial tcp 54.152.209.167:443: getsockopt: connection refused

root@mbak1-VirtualBox:~# docker pull hello-world
Using default tag: latest
Error response from daemon: Get https://registry-1.docker.io/v2/: dial tcp 35.169.231.249:443: getsockopt: connection refused

My situation seems to be the exact same as the following:

https://github.com/moby/moby/issues/31510

Update

I tried adding my proxy config to the following file but it didn't work. Additionally the file did not exist: /etc/sysconfig/docker .

I also tried to access the actual URL but I am getting a JSON response saying unauthorized.

enter image description here

update2

I think the problem is my DNS config. In the virtual machine I am getting the following for the lookup:

mbak1@mbak1-VirtualBox:~$ nslookup registry-1.docker.io
Server:     127.0.0.1
Address:    127.0.0.1#53

Non-authoritative answer:
Name:   registry-1.docker.io
Address: 34.200.28.105
Name:   registry-1.docker.io
Address: 52.54.216.153
Name:   registry-1.docker.io
Address: 34.200.90.16
Name:   registry-1.docker.io
Address: 52.204.202.231
Name:   registry-1.docker.io
Address: 52.22.181.254
Name:   registry-1.docker.io
Address: 54.152.209.167
Name:   registry-1.docker.io
Address: 34.205.207.96
Name:   registry-1.docker.io
Address: 35.169.231.249
Menelaos
  • 23,508
  • 18
  • 90
  • 155

2 Answers2

25

The answer to my question came from this post here: https://community.ubnt.com/t5/UNMS-Beta/Connection-Refused-Failed-to-pull-docker-images/m-p/2220235/highlight/true#M3960

I am reposting it:

I managed to find a solution by adding a proxy for docker. Thank you for your help.

Create a systemd drop-in directory for the docker service:

$ sudo mkdir -p /etc/systemd/system/docker.service.d

Create a file called /etc/systemd/system/docker.service.d/http-proxy.conf that adds the HTTP_PROXY environment variable:

[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80/"

Or, if you are behind an HTTPS proxy server, create a file called /etc/systemd/system/docker.service.d/https-proxy.conf that adds the HTTPS_PROXY environment variable:

[Service]
Environment="HTTPS_PROXY=https://proxy.example.com:443/"

If you have internal Docker registries that you need to contact without proxying you can specify them via the NO_PROXY environment variable:

[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80/" "NO_PROXY=localhost,127.0.0.1,docker-registry.somecorporation.com"

Or, if you are behind an HTTPS proxy server:

[Service]
Environment="HTTPS_PROXY=https://proxy.example.com:443/" "NO_PROXY=localhost,127.0.0.1,docker registry.somecorporation.com"

Flush changes:

sudo systemctl daemon-reload

Restart Docker:

sudo systemctl restart docker

Verify that the configuration has been loaded:

systemctl show --property=Environment docker

Environment=HTTP_PROXY=http://proxy.example.com:80/

Or, if you are behind an HTTPS proxy server:

systemctl show --property=Environment docker

Environment=HTTPS_PROXY=https://proxy.example.com:443/

Sachith Muhandiram
  • 2,819
  • 10
  • 45
  • 94
Menelaos
  • 23,508
  • 18
  • 90
  • 155
-1

Just removing the file with proxy settings worked for me. Actually I did not remove it but rather moved it first to be on the safe side

sudo mv /etc/systemd/system/docker.service.d/http-proxy.conf ~/

Artem Pavlovskii
  • 19
  • 2
  • The question was about how to go through a corporate firewall. Your answer, is how to go direct and remove the proxy settings. Also, you don't specify that in the top of your answer. If you rewrite your answer to be more specific to your context, I will upvote. – Menelaos Apr 03 '23 at 06:30