Configuring Docker Daemon HTTP Proxy: A Complete Guide
Master the art of configuring HTTP proxy settings for Docker daemon to ensure smooth container operations in enterprise environments.
Configuring Docker Daemon HTTP Proxy
Understanding Docker Proxy Configuration
1. Configuration Locations
# System-wide proxy settings
/etc/systemd/system/docker.service.d/http-proxy.conf
# Docker daemon configuration
/etc/docker/daemon.json
# Environment-specific settings
~/.docker/config.json
2. Proxy Types
{
"proxies": {
"default": {
"httpProxy": "http://proxy.example.com:3128",
"httpsProxy": "http://proxy.example.com:3128",
"noProxy": "localhost,127.0.0.1,.example.com"
}
}
}
Implementation Guide
1. Systemd Configuration
#!/bin/bash
# configure-docker-proxy.sh
# Create systemd override directory
mkdir -p /etc/systemd/system/docker.service.d/
# Create HTTP proxy configuration
cat > /etc/systemd/system/docker.service.d/http-proxy.conf << 'EOF'
[Service]
Environment="HTTP_PROXY=http://proxy.example.com:3128"
Environment="HTTPS_PROXY=http://proxy.example.com:3128"
Environment="NO_PROXY=localhost,127.0.0.1,.example.com"
EOF
# Reload systemd and restart Docker
systemctl daemon-reload
systemctl restart docker
2. Docker Configuration
// /etc/docker/daemon.json
{
"proxies": {
"default": {
"httpProxy": "http://proxy.example.com:3128",
"httpsProxy": "http://proxy.example.com:3128",
"noProxy": "localhost,127.0.0.1,.example.com",
"ftpProxy": "http://proxy.example.com:3128"
}
},
"dns": ["8.8.8.8", "8.8.4.4"]
}
Proxy Verification
1. Testing Configuration
#!/usr/bin/env python3
# verify_docker_proxy.py
import subprocess
import json
import requests
def check_docker_proxy():
"""Verify Docker proxy configuration"""
try:
# Check Docker info
docker_info = subprocess.check_output(
['docker', 'info', '--format', '{{json .}}']
).decode()
info = json.loads(docker_info)
# Check proxy settings
if 'HttpProxy' in info:
print(f"HTTP Proxy: {info['HttpProxy']}")
if 'HttpsProxy' in info:
print(f"HTTPS Proxy: {info['HttpsProxy']}")
return True
except Exception as e:
print(f"Error checking Docker configuration: {e}")
return False
def test_connectivity():
"""Test Docker registry connectivity"""
try:
# Pull a test image
subprocess.run(
['docker', 'pull', 'hello-world'],
check=True,
capture_output=True
)
print("Registry connectivity: OK")
return True
except subprocess.CalledProcessError as e:
print(f"Registry connectivity failed: {e.stderr.decode()}")
return False
if __name__ == "__main__":
check_docker_proxy()
test_connectivity()
2. Proxy Debugging
#!/bin/bash
# debug-docker-proxy.sh
# Check proxy environment
check_proxy_env() {
echo "Docker Proxy Environment:"
docker info | grep -i proxy
echo -e "\nSystem Proxy Environment:"
env | grep -i proxy
}
# Test registry access
test_registry() {
local registry=$1
echo "Testing connection to $registry..."
curl -v -s -o /dev/null https://$registry 2>&1 | \
grep -E "Connected|Proxy|HTTP"
}
# Check proxy logs
check_proxy_logs() {
journalctl -u docker | grep -i proxy
}
# Main execution
check_proxy_env
test_registry "registry.hub.docker.com"
check_proxy_logs
Advanced Configuration
1. Client Configuration
// ~/.docker/config.json
{
"proxies": {
"default": {
"httpProxy": "http://proxy.example.com:3128",
"httpsProxy": "http://proxy.example.com:3128",
"noProxy": "localhost,127.0.0.1,.example.com"
},
"custom-registry": {
"httpProxy": "http://custom-proxy.example.com:3128",
"httpsProxy": "http://custom-proxy.example.com:3128",
"noProxy": "custom-registry.example.com"
}
}
}
2. Build-time Configuration
# Example Dockerfile with proxy configuration
FROM ubuntu:22.04
# Set proxy environment variables
ENV HTTP_PROXY="http://proxy.example.com:3128"
ENV HTTPS_PROXY="http://proxy.example.com:3128"
ENV NO_PROXY="localhost,127.0.0.1,.example.com"
# Install packages
RUN apt-get update && apt-get install -y \
curl \
wget \
&& rm -rf /var/lib/apt/lists/*
# Clear proxy settings for final image
ENV HTTP_PROXY=""
ENV HTTPS_PROXY=""
ENV NO_PROXY=""
Monitoring and Maintenance
1. Proxy Health Check
#!/usr/bin/env python3
# monitor_proxy_health.py
import requests
import time
import json
from datetime import datetime
def check_proxy_health(proxy_url):
"""Check proxy server health"""
try:
response = requests.get('https://registry.hub.docker.com/v2/',
proxies={
'http': proxy_url,
'https': proxy_url
},
timeout=5)
return response.status_code == 200
except Exception as e:
return False
def monitor_proxy():
"""Continuous proxy monitoring"""
proxy_url = "http://proxy.example.com:3128"
while True:
timestamp = datetime.now().strftime('%Y-%m-%d %H:%M:%S')
status = "UP" if check_proxy_health(proxy_url) else "DOWN"
with open('proxy_health.log', 'a') as f:
f.write(f"{timestamp} - Proxy Status: {status}\n")
time.sleep(300) # Check every 5 minutes
if __name__ == "__main__":
monitor_proxy()
2. Automated Recovery
#!/bin/bash
# proxy-recovery.sh
# Monitor and restart Docker on proxy issues
while true; do
if ! curl -s --proxy http://proxy.example.com:3128 \
https://registry.hub.docker.com/v2/ > /dev/null; then
echo "Proxy issue detected, restarting Docker..."
systemctl restart docker
sleep 60 # Wait for Docker to restart
fi
sleep 300 # Check every 5 minutes
done
Best Practices
Configuration Management
- Version control configs
- Document changes
- Test in staging
Security
- Use HTTPS where possible
- Implement authentication
- Regular audits
Maintenance
- Monitor proxy health
- Regular updates
- Performance tracking
Remember to regularly review and update your Docker proxy configuration to maintain optimal container operations in your environment.