I'm attempting to set up a development environment behind a corporate proxy server with Docker. Try as I might, I cannot get the docker container to talk to the proxy server.

The proxy server and apt-get work fine on the host, which is Ubuntu 12.04

The first thing done in the Dockerfile is attempting to set up the proxy variables:

FROM ubuntu
RUN echo 'Acquire::http { Proxy "http://my.proxy.net:8000"; };' >> /etc/apt/apt.conf.d/01proxy
ENV HTTP_PROXY http://my.proxy.net:8000
ENV http_proxy http://my.proxy.net:8000
ENV HTTPS_PROXY https://my.proxy.net:8000
ENV https_proxy https://my.proxy.net:8000
RUN apt-get update && apt-get install -y build-essential

It pulls the image fine, set the variables, but when it gets to apt-get update, it tries for a little while and then fails with:

W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty/InRelease  
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty-updates/InRelease  
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty-security/InRelease  
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty/Release.gpg  Could not resolve 'my.proxy.net'
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty-updates/Release.gpg  Could not resolve 'my.proxy.net'
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty-security/Release.gpg  Could not resolve 'my.proxy.net'
W: Some index files failed to download. They have been ignored, or old ones used instead.

These variables I have set up are consistent with the host linux install (Ubuntu 12.04 on VirtualBox, if that matters)

I also have /etc/default/docker set up with:

export http_proxy="http://my.proxy.net:8000"
export http_proxy="https://my.proxy.net:8000"

Any thoughts?

UPDATE:

It looks like this is an issue with DNS, not necessarily the proxy server. The host /etc/resolve.conf contains:

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
search dhcp.mycompany.com

The host is a virtualbox vm running on a Windows 7 box, and I've found various half-baked solutions that mostly seem to not work. No matter what I try, I can't get it to resolve the hostname of the proxy server

The issue ended up being with DNS. Docker is running on Ubuntu, which is, itself, a Guest OS on VirtualBox. Due to it's own virutalizing mumbo jumbo, it assigned a nameserver of 127.0.0.1 in resolv.conf.

When this happens, Docker will assign itself a DNS nameserver of 8.8.8.8 (google's nameserver) since localhost refers to the docker container not the host.

To fix this, I went all the way out to Windows and ran

ipconfig /all

And got the IP address of my laptops DNS Servers. I added these to DOCKER_OPTS in the configuration file with --dns=my.dns.ip.address and restarted docker, and the other measures I took to get through the proxy worked fine.

If you are building behind the firewall, you MUST use Docker 1.9.x build-args.

Building a Dockerfile without the build args fails and blocks as follows:

3b0d8aa7c417: Pull complete
Digest: sha256:dc31e6056d314218689f028b51a58b2ca69b1dfdc5f33ead52b9351e9a19ee85
Status: Downloaded newer image for nodesource/trusty:4.2.3
 ---> e17bee681d8f
Step 2 : RUN apt-get update
 ---> Running in bdaf0006ccbd

Apt-get blocks here because it does not have connectivity with archive.ubuntu.com... You can verify that by running the image...

# docker run -ti --net=host --rm nodesource/trusty:4.2.3 bash
root@pppdc9prd9rj:/usr/src/app# apt-get update
0% [Connecting to archive.ubuntu.com (91.189.92.201)]^C
root@pppdc9prd9rj:/usr/src/app# ping archive.ubuntu.com
PING archive.ubuntu.com (91.189.91.24) 56(84) bytes of data.
^C
--- archive.ubuntu.com ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 1999ms

Using the build-arg solves the problem....

# docker build -t migrator --build-arg http_proxy=$HTTP_PROXY .

arg http_proxy=$HTTP_PROXY .
Sending build context to Docker daemon 3.333 MB
Step 1 : FROM nodesource/trusty:4.2.3
 ---> e17bee681d8f
Step 2 : RUN apt-get update
 ---> Running in 019b32d09a77
Ign http://archive.ubuntu.com trusty InRelease
Get:1 http://archive.ubuntu.com trusty-updates InRelease [65.9 kB]
Get:2 http://archive.ubuntu.com trusty-security InRelease [65.9 kB]
Get:3 http://archive.ubuntu.com trusty Release.gpg [933 B]
Get:4 http://archive.ubuntu.com trusty Release [58.5 kB]
Get:5 http://archive.ubuntu.com trusty-updates/main Sources [326 kB]
Get:6 http://archive.ubuntu.com trusty-updates/restricted Sources [5217 B]
Get:7 http://archive.ubuntu.com trusty-updates/universe Sources [1

A couple of comments, after my own experience:

• make sure to use an http url for HTTPS_PROXY.
• use lowercase proxy variables in the Dockerfile itself
• use both cases proxy variables in the docker profile (in my case, it was in /var/lib/boot2docker/profile)
• in all instances, set a no_proxy/NO_PROXY variable (to .company,.sock,localhost,127.0.0.1,::1)
• don't forget to include the credentials in the proxy url if your proxy request authentication.

Adding to the above solution, we can also do the below things inside a container to get install with apt-get

In VM, after installing docker when running images in the container by using behind proxy settings

docker run -it ubuntu:14.04

apt-get install wget

This command will unable to pull packages from apt-get, to do this use the command below

docker run -it --net=host ubuntu:14.04

export http_proxy="proxy:port"

apt-get install wget