Docker Build with Proxy

Recently I just faced some network issues when building up docker images on our AWS Bastion. The docker build command cannot pick up the environment variable for network proxy.

Network Issue with Docker Build

When I used curl -i https://registry.docker.io to check the network, everything looks OK. But when I was trying to build the docker image via docker build -t nba ./ and it raised the following Timeout error.

1
2
3
4
5
6
7
8

[user@host project]$ docker build \
>   --build-arg http_proxy="http://<PROXY-SERVER>:8080" \
>   --build-arg https_proxy="http://<PROXY-SERVER>:8080" \
>   -t nba ./
>
Sending build context to Docker daemon  4.096kB
Step 1/14 : FROM python:3.6-slim
Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)

Looks like docker daemon cannot reach out to the docker registry. The solution proposed at here didn’t work to me.

Then I found the Systemd setup page from offical Docker document. So basically I need to setup a /etc/systemd/system/docker.service.d/http-proxy.conf file and specify the proxy setting there.

1
2
3

[Service]
Environment="HTTP_PROXY=http://<PROXY-SERVER>:8080"
Environment="HTTPS_PROXY=http://<PROXY-SERVER>:8080"

After setup those, it’s better to restart the docker daemon and docker service to let the daemon pick up the latest configuration.

1
2

sudo systemctl daemon-reload
sudo systemctl restart docker

To check the configuration we can use

1
2

$ systemctl show --property=Environment docker
Environment=HTTP_PROXY=http://<PROXY-SERVER>:8080/ HTTPS_PROXY=http://<PROXY-SERVER>:8080/

Network Issue with Pip in Docker Image

Now it’s OK to build docker images. But then there is another network issue for install python libraries via pip.

To solve this problem, we need to specify the --build-arg arguments and add the HTTP_PROXY and HTTPS_PROXY variables in the docker build command.

The complete docker build image will looks like

1
2
3
4
5

docker build \
  --no-cache \
  --build-arg HTTP_PROXY="http://<PROXY-SERVER>:8080" \
  --build-arg HTTPS_PROXY="http://<PROXY-SERVER>:8080" \
  -t nba ./

Until then the docker image can be happily built with no errors.

Reference

• Docker docs: Systemd setup for Docker
• Stackoverflow: Pip inside dockerfile under proxy