Error while making an external connection to install git on docker image on Windows

Question

Expected behavior Connection to external Urls should be successfully made while installing packages like git/make on docker image on Windows

Actual behavior

fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/community/x86_64/APKINDEX.tar.gz

ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.9/main: temporary error (try again later)

WARNING: Ignoring APKINDEX.b89edf6e.tar.gz: No such file or directory ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.9/community: temporary error (try again later)

Information I have a local setup of Docker Desktop Community Version 2.0.0.3,Channel=Stable OS: Windows 10 Enterprise Edition 64 bit.

I have also Enabled Kubernetes v1.10.11 using Docker Desktop.

I am installing git while creating images using the docker-compose build command (mentioned below)

Errors: Error 1:

Step 6/7 : RUN apk update && apk add --no-cache git

---> Running in 327463a09bef fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/main/x86_64/APKINDEX.tar.gz

ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.9/main: DNS lookup error WARNING: Ignoring APKINDEX.b89edf6e.tar.gz: No such file or directory fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/community/x86_64/APKINDEX.tar.gz

ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.9/community: DNS lookup error WARNING: Ignoring APKINDEX.737f7e01.tar.gz: No such file or directory 2 errors; 53 distinct packages available

ACTION TAKEN: Found the DNS server details in my company using ipconfig /all and updated the Docker Daemon Advanced settings with it:

{
"registry-mirrors": [],
"insecure-registries": [],
"debug": true,
"experimental": false,
"dns": [
"xx.x.xxx.x"
]
}

Post this the DNS Error disappeared but i got the error below:

Error 2:

Step 6/7 : RUN apk update && apk add --no-cache git ---> Running in 5a75ec688b68

fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/main/x86_64/APKINDEX.tar.gz fetch http://dl-cdn.alpinelinux.org/alpine/v3.9/community/x86_64/APKINDEX.tar.gz

ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.9/main: temporary error (try again later)

WARNING: Ignoring APKINDEX.b89edf6e.tar.gz: No such file or directory ERROR: http://dl-cdn.alpinelinux.org/alpine/v3.9/community: temporary error (try again later)

WARNING: Ignoring APKINDEX.737f7e01.tar.gz: No such file or directory 2 errors; 53 distinct packages available ERROR: Service 'service-test' failed to build: The command '/bin/sh -c apk update && apk add --no-cache git' returned a non-zero code: 2

Other things that I have tried: 1.Created a new Outbound firewall rule to allow all the connections emerging from the docker.exe to outside urls 2. Updated the resolve.conf file on my windows host with nameserver xx.x.xxx.x and restarted docker

Below is the log I see in the C:\ProgramData\DockerDesktop\service.txt file

/v1.30/build?t=registration-of-interest&q=False&nocache=False&rm=True&forcerm=False&pull=False\n" [19:29:48.857][Moby ][Info ] [11683.758106] docker0: port 1(vetheb98adc) entered blocking state

[19:29:48.887][Moby ][Info ] [11683.818430] docker0: port 1(vetheb98adc) entered disabled state

[19:29:48.916][Moby ][Info ] [11683.849358] device vetheb98adc entered promiscuous mode

[19:29:48.951][Moby ][Info ] [11683.878312] IPv6: ADDRCONF(NETDEV_UP): vetheb98adc: link is not ready

[19:29:49.032][Moby ][Info ] [11683.970198] IPVS: Creating netns size=2104 id=22

[19:29:49.061][Moby ][Info ] [11683.994398] IPVS: ftp: loaded support on port[0] = 21

[19:29:49.191][Moby ][Info ] [11684.130505] eth0: renamed from veth117829a

[19:29:49.262][Moby ][Info ] [11684.190674] IPv6: ADDRCONF(NETDEV_CHANGE): vetheb98adc: link becomes ready [19:29:49.292][Moby ][Info ] [11684.223896] docker0: port 1(vetheb98adc) entered blocking state

[19:29:49.324][Moby ][Info ] [11684.253478] docker0: port 1(vetheb98adc) entered forwarding state [19:29:59.697][Moby ][Info ] [11694.616873] docker0: port 1(vetheb98adc) entered disabled state

[19:29:59.719][Moby ][Info ] [11694.660049] veth117829a: renamed from eth0 [19:29:59.828][Moby ][Info ] [11694.760730] docker0: port 1(vetheb98adc) entered disabled state

[19:29:59.854][Moby ][Info ] [11694.789712] device vetheb98adc left promiscuous mode [19:29:59.888][Moby ][Info ] [11694.815720] docker0: port 1(vetheb98adc) entered disabled state

[19:30:00.150][ApiProxy ][Info ] time="2019-07-13T19:30:00+10:00" msg="proxy << POST /v1.30/build?t=registration-of-interest&q=False&nocache=False&rm=True&forcerm=False&pull=False (12.2535104s)\n"

I am pretty sure its something to do with my corporate firewall rules that is blocking the outgoing traffic.Both the alpine urls are reachable from my browser. If I need to open up any ports for outgoing traffic what exactly has to be done is where I am blocked since weeks.

The same setting works from my personal windows 10 laptop on my home network where all the docker and kubernetes versions are exactly the same.

Windows Version:Windows 10 Enterprise Edition 64 bit Docker Desktop Version: Docker Desktop Community Version 2.0.0.3,Channel=Stable Steps to reproduce the behavior Dockerfile:

FROM openjdk:8u191-jre-alpine
VOLUME /tmp
COPY target/*.jar app.jar
ENTRYPOINT [ "java","-Djava.security.egd=file:/dev/./unrandom","-Dspring.profiles.active=local","-Daws.accessKeyId=XXXXX","-Daws.secretKey=XXXXX","-jar","/app.jar"]
RUN apk update 
&& apk add --no-cache git

docker-compose.yml

version: '3.3'
services:
service-test:
  image: service-image
  ports:
    8181:8443
    5005:5005
  build: '../service-test-project'


Docker command used:

docker-compose build --build-arg http_proxy='http://xx:xxx@corp-proxy.corp.dmz:8080' --build-arg https_proxy='http://xx:xxx
@corp-proxy.corp.dmz:8080' --build-arg HTTPS_PROXY='http://xx:xxx@corp-proxy.corp.dmz:8080' --build-arg HTTP_PROXY='http://xx:xxx@corp-proxy.corp.dmz:8080'

Answer 1

I was facing this issue at the company I work at and I was eventually able to solve it by doing the following.

• Download the proxy.pac file (can just google this part, not too difficult)
• Open the with choice of editor (sublime, vs, jetbrains, notepad)
• Open config.json file in C:\Users\<user>\.docker\config.json
• add the following to the file but replace http and https proxy with one of the proxys in the proxy.pac file. noProxy I left as is, it did not affect the outcome.

{
"proxies": {
   "default": {
     "httpProxy": "http://my_proxy:8080",
     "httpsProxy": "http://my_proxy:8080",
     "noProxy": "*.test.example.com,.example2.com"
   }
 }
}

• restart docker
• and try again. This is the only thing that worked for me. Changing ctnml.ini file and changing proxy via Docker GUI or changing my DNS server did not work.