1、设置代理原因
因公司安全限制,所有外网需配置代理后才可上网,但是因为宿主机上设置过代理,并未太过多注意此问题,之后run时报如下错误:
# docker run hello-world
Unable to find image 'hello-world:latest' locally
docker: Error response from daemon: Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers).
See 'docker run --help'.
在网上搜索过一番之后,发现:如果在docker 宿主机上设置了代理(HTTP、HTTPS)之后,在docker daemon 启动的时候,也要相应的告知 daemon,使用代理来访问internet!!
2、解决方案
尽管docker daemon 的配置可以两种方式来实现:
2.1通过daemon.json文件来修改
2.2通过覆盖docker.service来实现
但是对于代理的配置,目前为止(docker 17.06)我们只能使用第二个方案。 具体的步骤如下:
创建docker.service目录
mkdir -p /etc/systemd/system/docker.service.d
创建HTTP&HTTPS代理文件
# cat /etc/systemd/system/docker.service.d/http-proxy.conf
[Service]
Environment=HTTP_PROXY=xxx.xxx.xxx.xxx:8080 NO_PROXY=localhost,127.0.0.1
[root@localhost ~]# cat /etc/systemd/system/docker.service.d/https-proxy.conf
[Service]
Environment=HTTPS_PROXY=xxx.xxx.xxx.xxx:8080 NO_PROXY=localhost,127.0.0.1
解析:
主要是两点内容:
① HTTPS_PROXY 将它的值对应到您所希望设置的代理服务地址和端口(例如: HTTPS_PROXY=https://proxy.example.com:443),我这里为了保护隐私,就用xxx代替.
② NO_PROXY 意味着某些情况下我们不需要使用HTTPS代理来访问,一般这就配置私有仓库的路径(例如:NO_PROXY=localhost,127.0.0.1,mydocker-registry.com:5000)
3、完成修改后保存/刷新
# systemctl daemon-reload
# systemctl restart docker
4、查看修改结果
# docker run hello-world
Unable to find image 'hello-world:latest' locally latest: Pulling from library/hello-world d1725b59e92d: Pull complete Digest: sha256:0add3ace90ecb4adbf7777e9aacf18357296e799f81cabc9fde470971e499788 Status: Downloaded newer image for hello-world:latest Hello from Docker! This message shows that your installation appears to be working correctly. To generate this message, Docker took the following steps: 1. The Docker client contacted the Docker daemon. 2. The Docker daemon pulled the "hello-world" image from the Docker Hub. (amd64) 3. The Docker daemon created a new container from that image which runs the executable that produces the output you are currently reading. 4. The Docker daemon streamed that output to the Docker client, which sent it to your terminal. To try something more ambitious, you can run an Ubuntu container with: $ docker run -it ubuntu bash Share images, automate workflows, and more with a free Docker ID: https://hub.docker.com/ For more examples and ideas, visit: https://docs.docker.com/get-started/
5、重新登录docker hub
docker login -u xxx -p xxx
login Suceeded
可以看到已经成功解决问题!
参考自官方文档:https://docs.docker.com/engine/admin/systemd/