9

I'm trying to pull images through a socks5 proxy. I've started the socks5 proxy on port 8888 like this:

ssh -NC -D 8888 parham@***.***.**

However, when I run docker-compose like this, it is evident that it's not using the environment variable:

$ ALL_PROXY=socks5://127.0.0.1:8888 docker-compose up

How can I make Docker pull images through this proxy?

Parham Doustdar
  • 191
  • 1
  • 1
  • 5

4 Answers4

20

Looks like this feature has been recently added to docker, particularly in version 1.11.0. Though there isn't enough documentation about its usage, setting the ALL_PROXY environment variable should work, according to this comment.

$ export ALL_PROXY=socks5://localhost:port 
$ docker pull image

I'm not sure about docker-compose at the moment. If your primary aim is to speed up the download process using socks5, you might be able to achieve the purpose by manually pulling images using docker pull before finally running docker-compose up.

nikhilweee
  • 316
  • 3
  • 4
4

Method 1

Error:

docker-compose up 
Pulling web (jitsi/web:stable-6433)...
ERROR: toomanyrequests: You have reached your pull rate limit. You may increase the limit by authenticating and upgrading: https://www.docker.com/increase-rate-limit

then setting HTTP_PROXY and HTTPS_PROXY this way:

export HTTP_PROXY=socks5://localhost:9040/
export HTTPS_PROXY=socks5://localhost:9040/

result:

docker-compose up 
Pulling web (jitsi/web:stable-6433)...
stable-6433: Pulling from jitsi/web
b380bbd43752: Downloading [===================>                               ]  10.36MB/27.14MB
0312863d422f: Download complete
503063a74a58: Downloading [============================>                      ]  7.998MB/14.15MB
392a862abfe3: Download complete
41a073b705ed: Download complete
a8f4844f6941: Download complete
f500f1f2f4ae: Downloading [============>                                      ]  11.69MB/47.56MB

A shot of before HTTP_PROXY and after setting them up:

enter image description here

Method 2

If method 1 did not work (simple one) you can go with this one:

first

Find systemd location for configuration:

systemctl status docker | grep docker.service\;
   Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled)

which here for my on Debian 9 is /lib/systemd/system/docker.service and its directory is /lib/systemd/system/
So cd into /lib/systemd/system/.

second

mkdir for docker.service.d or:

mkdir docker.service.d && cd !$

third

In docker.service.d directory create a .conf file like: http-proxy.conf

forth

Add these in http-proxy.conf file:

[Service]
Environment="HTTP_PROXY=socks5://localhost:9040"
Environment="HTTPS_PROXY=socks5://localhost:9040"

NOTE that localhost:9040 is mine, update it if you have a different IP or PORT

fifth

Because we update the configuration run:

systemctl daemon-reload

and then restart docker service

systemctl restart docker

Now it is up and running:

enter image description here

1

@nikhilweee's answer above is missing a crucial point.

The proxy used for image-pull is taken from the environment of dockerd. There is presently no way to change it without restarting dockerd.

I have filed moby issue #37335 about it, because I wanted to use a specific proxy for a single pull command, but not in general.

robbat2
  • 320
  • 4
  • 10
0

In Docker 17.07 and higher, you can also use json file for proxy configuration:

       $ vim ~/.docker/config.json

          {
            "proxies":
              {
                "default":
                 {
                  "httpProxy": "http://127.0.0.1:8118",
                  "httpsProxy": "http://127.0.0.1:8118"
                  }
              }
          }

        $  docker pull ubuntu:18.04
        $  docker-compose build

More info in official docs.

And in addition to use Socks, You can forward Socks to HTTP by using privoxy:

    $ sudo apt install -y privoxy
    $ sudo vim /etc/privoxy/config
    
              forward-socks5 / 127.0.0.1:9090  .
              forward-socks4a / 127.0.0.1:9090 .
              forward-socks5t             /     127.0.0.1:9090 .
              forward         192.168.*.*/     .
              forward            10.*.*.*/     .
              forward           127.*.*.*/     .
              forward           localhost/     .
    
    $ sudo service privoxy restart

More info in official docs.

Omid Raha
  • 1,895
  • 1
  • 10
  • 4