Proxy doesn't work for Docker with systemd #172
Comments
|
I have same issue. By now I am setting manually: sudo mkdir -p /etc/systemd/system/docker.service.dcat <<EOF | sudo tee -a /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment="HTTP_PROXY=$http_proxy"
Environment="HTTPS_PROXY=$https_proxy"
Environment="NO_PROXY=localhost,127.0.0.1"
EOFsudo systemctl daemon-reload
sudo systemctl show --property Environment docker
sudo systemctl restart dockerThis is used by docker pull. |
|
Another issue is with the proxy inside the container used by yum, apt, zypper, etc... mkdir -p ~/.dockerecho '{}' \
| jq ".proxies.default.httpProxy |= \"$http_proxy\"" \
| jq ".proxies.default.httpsProxy |= \"$https_proxy\"" \
| jq ".proxies.default.noProxy |= \"$no_proxy\"" \
> ~/.docker/config.json |
|
Hi Guys - I don't believe this plugin currently supports systemd configured docker due to the many different ways that docker could be installed inside a vagrant vm. I think I saw that you are trying to use docker-ce? If so, can you try to use the 2.0.0 version of the plugin and see if that addresses the issue or if this issue still remains? I'm very curious. I didn't write any new code for systemd, but I did make sure that If I understand the docker documentation correctly ensuring that the associated ENV variables for HTTP_PROXY and HTTPS_PROXY should also work as long as the docker-ce service has been restarted after those vars are set in the environment for that particular user. Anyway, looking forward to hearing from you and hope that the new version of this plugin addressed this request. |
|
Hello - Have you guys had a chance to try out the I should also be releasing |
|
vagrant-proxyconf did MAKE /etc/sysconfig/docker based on your configuration. But docker-ce under systemd does NOT read this file. Hope this can be added in latest version. Workaround: (Add following in your provisioning script in Vagrantfile) #HACK for docker-ce proxyconf |
|
2.0.1 has been released. Please re-open if this is still an issue. |
|
Hi @codylane , I cannot reopen this but this is still an issue. My env:
There are two issues:
|
|
Hi @antoinetran - Thank you for reporting this issue and getting back to me. Also thank you for your very detailed description of the problem and how I may reproduce this issue and or how I may attempt a fix for this issue. I realize now that this has been going on for some time and I hope that we are able to resolve it soon. With that said, I don't have a lot of free time right now but I do know how to fix this now. I'll likely end up writing the feature i'll create some tests for it but I'd like to ask if you guys could help me validate it works for you since I don't have a windows box that I can use easily. Would that be ok with you? Thanks again for reporting and I look forward to working with you to resolve this issue. I should have some free time in the next couple of weeks to address. |
|
@codylane no problem! Also, for other people, until the final fix, here is a clean workaround: |
|
Friendly update as promised. I've not had any free cycles to look into this and I apologize. I hope to get to this soon like in the next week or so. Thanks again for your patience and for reporting. |
|
Hi @codylane , no need to hurry, the workaround works well until the final fix. |
|
Currently staging the |
|
PR has been merged, if you are able would you mind testing this before I cut a new release? I'm hoping the instructions README.md here are good enough for your testing. here's the gist of it Development version from git repository: |
|
@codylane This is exactly what I was debugging thinking it was in the latest release :) Given it's in master, is it reasonable to cut an early release as a gem? |
|
hey @remingtonc - I appreciate your response and I'm sorry to hear that you spent some time debugging the issue. I probably should have just released it. With that said, I'll do that right now. If you don't mind after it's released I would love some feedback if it's working or if there are different problems. I won't lie our tests don't cover every possible use case and sometimes it causes some regressions which is why I was waiting to release. |
|
Release 2.0.2 to RubyGems and Github.
I'll leave this issue open for folks to comment. I'll close it out on 8-1-2019 if there are no further responses. Happy Friday! |
|
Installation not yet present if I explicitly install 2.0.2. I had to download gem files: Now if I vagrant up an image without docker, and install docker in it, the proxyconf does nothing (normal) until I do vagrant reload. Then the docker conf is created and docker works normally. So it seems to work fine for me! I will still keep my workaround, because I install docker after the proxyconf checks for its presence. Thank you. |
|
Just a question: is the proxy conf file for docker cleaned somehow, or does it stay indefinitely? I mean, if I do vagrant up in a corporate environment, and transfer my VM in an env without proxy, does the file stay? Thank you. |
Hi @antoinetran - I think you might be looking for I'm sorry to hear that you are still having some issues with this plugin. I'm wondering if you can help with the following?
I was using this environment for testing the 2.0.2 integration. I should also say that there are many, many different code paths for configuring docker depending on which box you are using and I'm not sure I've covered all of them as I was only testing centos/7 with the docker provisioner behind a proxy. The downside of how this is all implemented is due to a very complex middleware that Vagrant uses and I'm still not sure I completely understand how it all works. I've tried to address those as I have spare time but i'm not so sure I've covered every possible edge condition and because this plugin attempts to be backwards compatible I try to keep changes small. It could entirely be possible that we have a chicken and egg problem here and a |
No problem and it's a good question. I believe I've addressed this as well and the any proxy is configured it will attempt to unconfigure it if you choose to disable it. That said, the README explains this in more detail. If it's confusing let me know. |
|
Hi @antoinetran - I just cut 2.0.3 which I hope addresses the issue when docker doesn't exist in the box upon first run, the provisioner should run after docker installed so you don't have to run |
See below.
Windows 10
Installed Version: 2.2.3
See below: centos/7:1803.01 I am not sure what you did, but I find it normal that I had to reload, because the proxyconf works either before or after box specific command lines, in this case install-docker.sh. If it is before, the proxyconf will do nothing as docker is not installed yet. If after, the proxyconf will do its job but, the install-docker.sh launches a test by pulling hello-world docker image. Without proxyconf, it will not work too. Unless there is a way to force proxyconf even if docker is not installed, or a way to install docker, then do proxyconf, then do post install stuff (like hello-world), I do not see another way here. The workaround I posted (explicitely do the proxyconf job in ~/.vagrant.d/Vagrantfile) works enough for me, though. Vagrantfile used: |
|
Thanks for the info, just curious which version of 'vagrant-proxyconf' do you have installed? I've made a few updates in the past few days that may resolve this issue in the lastest release. I'll be cutting 2.0.5 in the next day or so. |
|
|
Thanks, please try upgrading the the latest version which should be 2.0.4. I just checked and 2.0.2 doesn't contain the fix you are looking for. I apologize for the confusion. |
|
No further issues have been reported for this issue. If there are still problems please make sure you have upgraded to the 2.0.4 release which includes a few additional fixes for systemd + docker. Closing out this issue since 2.0.2 has been released and no further issues have been reported. |
|
I have updated plugin: I restarted the test, with a base box centos 7, without docker, and a script that installs docker inside at startup. As I said, I expected the error below: the proxyconf did nothing because it did not find docker inside / or because it waited the custom script's end, and unfortunately, the it doesn't end well if docker cannot pull from registry. Anyways, it does not matter to me, it is difficult to handle this scenario, unless do as I said: either an option to force docker proxyconf, or a way to separated install docker , proxyconf, and docker run. |
|
It is fine for me that the issue is closed. |
|
hi @antoinetran - I'm sorry to to hear it's still not working for you. I agree this is something that is hard to test for and or come up with a one size solution that fits everyone's use case(s). It's interesting that I see vagrant-proxyconf has configured the yum and environment proxies before your provisioner runs. This is a good sign, but as you describe the issue is that you are trying to install docker with your own custom provisioner + attempting to orchestrate the setup before docker is completely managed by vagrant-proxconf. I think I see what the problem is now and to from all examples that you have provided it's an issue with how your provisioner is written. Assuming that you are still using this file It's as you as you describe, the issue is caused because of a chicken and egg problem. You are trying to use docker before vagrant-proxyconf know's that it is installed. To work around this you would need to remove everything past step 3 so that you are only installing docker upon the first run, otherwise, you would have to remember to configure all the proxy configuration for docker prior to trying to download images or use docker. Example: This should take care of installing + configuring of docker to work behind a proxy upon first run. Then when you log into the box for the first time your hello world example should work. I've not had a chance to test this but I have a feeling this scenario might work a little better and shouldn't require a |
I expect that proxy is set for docker, but is not.
Versions
Vagrantfile
Here's the test with output:
default: Environment=equal to "" so far so good, but when doingis still
and i expect
see: https://docs.docker.com/config/daemon/systemd/#httphttps-proxy
The text was updated successfully, but these errors were encountered: