Building Docker images works in a desktop without a problem. Installing Node.js NPM dependencies work as usual. However, when using a continuous integration server such as Jenkins that is hosted behind a corporate proxy, the build Docker Images fail.
Node.js NPM Dependencies
While building Node.js pacakges, the command npm install fails when it cannot connect to GIT while cloning GIT dependencies.
e1ce5e8407d1: Already exists
Status: Image is up to date for node:0.10.33
---> e1ce5e8407d1
Step 1 : RUN mkdir -p /usr/src/app
---> Using cache
---> 965cad0c68b0
Step 2 : WORKDIR /usr/src/app
---> Using cache
---> 4c498f0c07e9
Step 3 : COPY package.json /usr/src/app/
---> b0662a8275fb
Removing intermediate container 5aca20551452
Step 4 : RUN npm install
---> Running in 7ccf9e5362af
npm WARN package.json newww@2.0.0 No README data
npm WARN package.json Dependency 'async-cache' exists in both dependencies and devDependencies, using 'async-cache@^0.1.5' from dependencies
npm ERR! git clone https://github.com/npm/npm2es.git Cloning into bare repository '/root/.npm/_git-remotes/https-github-com-npm-npm2es-git-60a75edb'...
npm ERR! git clone https://github.com/npm/npm2es.git fatal: unable to access 'https://github.com/npm/npm2es.git/': Failed to connect to github.com port 443: Connection timed out
Java Maven, Ruby, Go Docker Images with Dependencies
The same occurs when building Java, Ruby or Go containers, where dependencies are located in repository servers across your corporate Proxy server.
Knowing that you can configure Docker with HTTP_PROXY environment variable, how to properly configure Docker to properly build images in CI environments?
Note: Docker 1.9 might help solve this:
- "Issue 14634": Builder - Build-time argument passing (e.g.,
HTTP_PROXY)
- "PR 15182": Support for passing build-time variables in build context
Usage (proposed):
docker build --build-arg http_proxy=http://my.proxy.url --build-arg foo=bar <<MARK
FROM busybox
RUN <command that need http_proxy>
ARG --description="foo's description" foo
USER $foo
MARK
Docker Daemon HTTP Proxy
A lot of documentation is available about setting up the HTTP_PROXY environment variable for Docker's daemon. The environment variable is only available when running containers, so it won't help us here.
Solution in Dockerfile
Although setting up the environment variable HTTP_ENV or http_env in the Dockerfile might help, it does not help our cause either.
ENV http_proxy http://proxy.mycompany.com:80
The reason why is that each specific service only honors HTTP Proxy setting in a different way. The way I could solve is below.
- NPM: NPM requires setting up the HTTP_PROXY variable using a CLI command.
- GIT: GIT requires setting up the HTTP_PROXY variable using a CLI command as well.
- MAVEN: MVN command requires setting up the HTTP_PROXY as an XML file under the user's directory at ~/.m2/settings.xml. For Docker, you can add it to the root's "/root/.m2/settings.xml" directory (unsafe, development-only), or to the Dockerfile's user's home directory.
For instance, running an application using Dockerfile, I can build an image using the following Dockerfile:
FROM node:0.10.33
# Prepare
RUN mkdir -p /usr/src/app
WORKDIR /usr/src/app
# Use the cache for dependencies
COPY package.json /usr/src/app/
# If building behind an http_proxy, set them for git and npm
RUN git config --global http.proxy http://qypprdproxy02.ie.company.net:80 && \
npm config set proxy http://qypprdproxy02.ie.company.net:80 && \
npm config set https-proxy http://qypprdproxy02.ie.company.net:80
# Install dependencies
RUN npm install
# Copy all the source
COPY . /usr/src/app
# Execute the dev steps
COPY ./numbat-config.example.js /usr/src/app/numbat-config.js
COPY ./.env.example /usr/src/app/.evn
RUN touch /usr/src/app/config.admin.js
Note that I have configured both GIT and NPM using their CLI command to explicitly take the proxy settings before running the NPM install command. That way, both NPM and GIT dependencies will be automatically retrieved and cloned, respectively.
The result of building an image with this Dockerfile works as expected:
[root@pppdc9prd6dq newww]# fig build
...
...
Building npmregistryserver...
---> Using cache
---> 965cad0c68b0
Step 2 : WORKDIR /usr/src/app
---> Using cache
---> 4c498f0c07e9
Step 3 : COPY package.json /usr/src/app/
---> ae8ff7861246
Removing intermediate container ba1d7b8c9963
Step 4 : RUN npm config set proxy http://qypprdproxy02.ie.company.net:80 && npm config set https-proxy http://qypprdproxy02.ie.company.net:80 && npm install
---> Running in aa6e05d9c7a4
npm WARN package.json newww@2.0.0 No README data
npm WARN package.json Dependency 'async-cache' exists in both dependencies and devDependencies, using 'async-cache@^0.1.5' from dependencies
npm WARN deprecated extend@1.1.3: Please update to the latest version.
> v8flags@1.0.8 install /usr/src/app/node_modules/gulp/node_modules/v8flags
> node fetch.js
> hiredis@0.1.17 install /usr/src/app/node_modules/hiredis
> node-gyp rebuild
make: Entering directory '/usr/src/app/node_modules/hiredis/build'
CC(target) Release/obj.target/hiredis/deps/hiredis/hiredis.o
CC(target) Release/obj.target/hiredis/deps/hiredis/net.o
CC(target) Release/obj.target/hiredis/deps/hiredis/sds.o
CC(target) Release/obj.target/hiredis/deps/hiredis/async.o
AR(target) Release/obj.target/deps/hiredis.a
COPY Release/hiredis.a
CXX(target) Release/obj.target/hiredis/src/hiredis.o
CXX(target) Release/obj.target/hiredis/src/reader.o
SOLINK_MODULE(target) Release/obj.target/hiredis.node
SOLINK_MODULE(target) Release/obj.target/hiredis.node: Finished
COPY Release/hiredis.node
make: Leaving directory '/usr/src/app/node_modules/hiredis/build'
npm WARN engine hawk@0.10.2: wanted: {"node":"0.8.x"} (current: {"node":"0.10.33","npm":"2.1.11"})
> pngcrush-bin@1.0.0 postinstall /usr/src/app/node_modules/imagemin-pngcrush/node_modules/pngcrush-bin
> node lib/install.js
fetch : https://raw.githubusercontent.com/imagemin/pngcrush-bin/v1.0.0/vendor/linux/pngcrush
✔ pre-build test passed successfully!
> dtrace-provider@0.3.1 install /usr/src/app/node_modules/npm-typeahead/node_modules/restify/node_modules/dtrace-provider
> scripts/install.js
npm WARN engine cryptiles@0.1.3: wanted: {"node":"0.8.x"} (current: {"node":"0.10.33","npm":"2.1.11"})
npm WARN engine sntp@0.1.4: wanted: {"node":"0.8.x"} (current: {"node":"0.10.33","npm":"2.1.11"})
npm WARN engine boom@0.3.8: wanted: {"node":"0.8.x"} (current: {"node":"0.10.33","npm":"2.1.11"})
npm WARN engine hoek@0.7.6: wanted: {"node":"0.8.x"} (current: {"node":"0.10.33","npm":"2.1.11"})
npm WARN cannot run in wd newww@2.0.0 gulp build (wd=/usr/src/app)
newww-metrics@1.0.0 node_modules/newww-metrics
murmurhash@0.0.2 node_modules/murmurhash
npm-humans@2.0.1 node_modules/npm-humans
leven@1.0.1 node_modules/leven
chunk@0.0.2 node_modules/chunk
npm-expansions@1.14.0 node_modules/npm-expansions
similarity@1.0.1 node_modules/similarity
truncate@1.0.4 node_modules/truncate
This properly worked as expected and you can have a CI/CD environment behind an http proxy to rebuild images based on this Dockerfile.
I realize this has been solved for the OP, but wanted to share what finally worked for me because this page came up high in search results when I was searching for an answer to my problem. For reference, I was not able to get Docker to use proxies to install via pip.
I had to do
docker build --no-cache --build-arg HTTP_PROXY=$http_proxy \
--build-arg HTTPS_PROXY=$http_proxy --build-arg NO_PROXY=$no_proxy \
--build-arg http_proxy=$http_proxy --build-arg https_proxy=$http_proxy \
--build-arg no_proxy=$no_proxy -t myContainer /path/to/Dockerfile/directory
where http_proxy and no_proxy were set in my bashrc. Note that I also have
ENV http_proxy http://proxy.mycompany.com:80
set in my Dockerfile, but that was not sufficient by itself to get pip to install anything. Hopefully this helps someone else.
Note that if you're trying to use Docker for Mac, you should check out this instead
We are doing ...
ENV http_proxy http://9.9.9.9:9999
ENV https_proxy http://9.9.9.9:9999
and at end of dockerfile ...
ENV http_proxy ""
ENV https_proxy ""
This, for now (until docker introduces build env vars), allows the proxy vars to be used for build without publicly exposing them
Starting with Docker 17.07 you can alternatively use the Docker Client configuration file for providing the proxy configuration centrally:
https://docs.docker.com/network/proxy/#configure-the-docker-client
I had a problem when corporate network was not allowing to download and setup docker image so n/w gave http proxy information. while running docker image build I passed the variable and it worked without any issues.
docker build --build-arg http_proxy="http://userid:pwd@iaisystem.com:8080" - < Dockerfile
You can use a transparent proxy, as described in:
https://jpetazzo.github.io/2014/06/17/transparent-squid-proxy-docker/
docker run --net host jpetazzo/squid-in-a-can
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to 3129
{var%20f='http://v.t.sina.com.cn/share/share.php?appkey=1515056452',u=z||d.location,p=['&url=',e(u),'&title=',e(t||d.title),'&source=',e(r),'&sourceUrl=',e(l),'&content=',c||'gb2312','&pic=',e(p||'')].join('');function%20a(){if(!window.open([f,p].join(''),'mb',['toolbar=0,status=0,resizable=1,width=440,height=430,left=',(s.width-440)/2,',top=',(s.height-430)/2].join('')))u.href=[f,p].join('');};if(/Firefox/.test(navigator.userAgent))setTimeout(a,0);else%20a();})(screen,document,encodeURIComponent,'','','https://img.manongdao.com/sparkler-677774__340.jpg', '推荐 别忘想泡老子 的文章《How to build Docker Images with Dockerfile behind 》','https://www.manongdao.com/article-309960.html','页面编码gb2312|utf-8默认gb2312'));){kind=link}