When working behind a corporate proxy (automatically activated in Windows) by Cisco AnyConnect(v4.7.03052) VPN, I'm unable to pull any docker image either from our docker nexus registry or the official registry.
Funny enough, if I set the proxy settings in the config.json and pass the proxy as build-arg my containers are able to build(from previously pulled images) and talk to the exterior.
Only the docker engine is unable to access the internet through the proxy.
I've already tried the following:
Set the HTTP_PROXY/HTTPS_PROXY as environments variables
Set the proxy settings in the Docker Desktop proxy section - Docker doc
Set the resources network IP to the non-secured Cisco AnyConnect routes IPv4
No firewall rules seems to block the outbound request from the docker engine service.
Edit the deamon.json used by the docker service to register the mirror registries.
Stackoverflow answers not working in this case: docker-win10; docker on windows; docker image proxy
Platform info:
Win 10 - Build 19401
Docker Desktop 4.4.4(73704)
Docker Engine 20.12.12 (Linux container on Hyper-V)
Cisco AnyConnect v4.7.03052
Error message on docker pull:
λ docker pull traefik:2.0
Error response from daemon: Get "https://registry-1.docker.io/v2/": net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers)
Based on the similar stackoverflow issue briefly executing the command below had it working for a short time:
cd "C:\Program Files\Docker\Docker"
./DockerCli.exe -SwitchDaemon
This was a regression that slipped in the 4.4.4 see github issue.
It seems to have been resolved in the v4.5.0
Related
I build a very simple web app and web api on .net core and configured the docker-compose to get them to communicate over the same network correctly.
On visual studio, when I hit play on the Docker Compose project, it runs fine, both the web app and the web api work and communicate correctly.
On the Docker Desktop app i see them running (green).
But when I close/stop the debugger on VS I can't access the websites anymore even though the containers are still running. I thought docker worked as a sort of IIS.
Am I misunderstanding the docker capabilities or do I need to run them again from a CLI or publish them somewhere or what?
I thought the fact the containers are up and running should mean they're live for me to navigate to.
Help me out over here please.
You are correct, unless there is some special routing happening, the fact that the containers are running means your services are available.
You can see the ports being exposed from the docker ps -a command:
CONTAINER_ID: 560f78689902
IMAGE: moviedecisionweb:dev
COMMAND: "C:\\remote_debugger\\…"
CREATED: About a minute ago
STATUS: Up About a minute
PORTS: 0.0.0.0:52002->80/tcp, 0.0.0.0:52001->443/tcp
NAMES: mdweb
CONTAINER_ID: 1cd7f72426fe
IMAGE: moviedecisionapi:dev
COMMAND: "C:\\remote_debugger\\…"
CREATED: About a minute ago
STATUS: Up About a minute
PORTS: 0.0.0.0:52005->80/tcp, 0.0.0.0:52004->443/tcp
NAMES: mdapi
Based on the provided output, you have two docker containers running.
I'm assuming the ports 80 & 443 are serving the HTTP & HTTPS services (respectively) from your app/s.
Based on this...
For container "mdweb", you should be able to access the docker services from your docker host machine (PC) via:
http://0.0.0.0:52002
https://0.0.0.0:52001
For container "mdapi", you should be able to access the docker services from your docker host machine (PC) via:
http://0.0.0.0:52005
https://0.0.0.0:52004
I believe you can use localhost, 127.0.0.1 & 0.0.0.0 interchangeably in the above.
You cannot use the hostnames "mdweb" or "mdapi" from your docker HOST machine - unless you have explicitly setup your DNS to handle these names. However you can use these hostnames if you are inside a docker container on the same docker network.
If you provide more information (e.g. your docker-compose.yml), we could help you further...
I found a lot of material on this issue online, however I wasn't able to find a solution. Also majority of them are rather old (a few years) and things could have considerably changed meanwhile.
I have Docker Desktop Community v 2.3.0.3 running on my Windows machine and a simple container with Ubuntu and a Rails app running on localhost:5000 inside.
The container gets run using:
docker run -p 5000:5000 rails:6.0.3 foreman start
I would like to connect to the Rails app from my Windows host machine via browser, but connection gets refused.
The server is up and running:
> docker exec 3c167e206f60 wget localhost:5000
--2020-06-06 08:21:26-- http://localhost:5000/
Resolving localhost (localhost)... ::1, 127.0.0.1
Connecting to localhost (localhost)|::1|:5000... connected.
HTTP request sent, awaiting response... 200 OK
Port forwarding doesn't seem to work correctly (run from WSL, but similarly from Windows via Chrome):
> wget localhost:5000
--2020-06-06 10:22:50-- http://localhost:5000/
Resolving localhost (localhost)... 127.0.0.1
Connecting to localhost (localhost)|127.0.0.1|:5000... failed: Connection refused.
It doesn't work when using container address instead of localhost, either:
> docker inspect --format '{{ .NetworkSettings.IPAddress }}' 3c167e206f60
172.17.0.2
> wget 172.17.0.2:5000
--2020-06-06 10:29:02-- http://172.17.0.2:5000/
Connecting to 172.17.0.2:5000... failed: Resource temporarily unavailable.
Also (as probably expected), I don't see any docker related entry in ifconfig (from WSL) or ipconfig (from Windows) output.
I also tried docker run --net host parameter, which didn't help either.
I would ideally prefer a solution which doesn't require me to modify the Windows host setup (network setup, etc), to avoid the possibility of breaking other scenarios.
I've been struggling with this issue for several days. What worked for me was to:
Uninstall Docker Desktop
Turn off the Hyper-V, Virtual Machine Platform, and Windows Hypervisor Platform via the Turn Windows Features On and Off control panel module
Reboot
Turn on all features in #2
Re-install Docker Desktop
This seems to reset all of the HyperV virtual networking interfaces. It's possible that uninstalling Docker Desktop isn't necessary but since it relies on at least some of these features I felt it wisest to do a complete cycle.
I have docker (docker for windows server) and jenkins both running on a windows server 2019 and I am trying to add Docker Host URI in Jenkins but I ran into timeout error or connection refused error all time and cannot connect to docker host.
I tried the following urls:
tcp://:2375 (or 2376),
tcp://localhost:2375 (or 2376),
tcp://127.0.0.1:2375 (or 2376)
Do I have to configure anything else on docker or jenkins?. I cannot move forward in this issue. it would really help me if any one can provide some guidance to solve this.
I was facing similar issue. You need to expose your docker demon at port 2375. I did it via docker desktop.
Then added HOST URl as tcp://127.0.0.1:2375
I am running IBM Cloud Private using 5 VMs on my laptop. My home network subnet is 192.168.100 whereas the subnet used by all 5 VMs is 192.168.142. I am port forwarding 8443 from the VMware Workstation from host to the master node which is 192.168.142.103. My laptop IP is 192.168.100.201.
I was hoping that I should be able to access this Web UI from any other machine in my home network and I tried this URL from other machine:
https://192.168.100.201:8443
And, it directs properly to the guest VM as I see the url changes to :
https://192.168.100.201:8443/console/
But, after few seconds, I get the message that the site cannot be reached. I noticed that the url has changed from original host laptop address of 192.168.100.201 address to the Guest VM address 192.168.142.103 as shown:
https://192.168.142.103:8443/idauth/oidc/endpoint/OP/authorize?client_id=617a0480d5e506a5e797f852bea1df38&response_type=code&scope=openid%20email%20profile&redirect_uri=https://192.168.100.201:8443/auth/liberty/callback
This seems like that the redirection in the Web UI is not handled properly.
However, I installed kubectl for Windows on another machine and I did the port 8001 forward from 192.168.100.201 to the VM's master Guest 192.168.142.103 and added kubectl set config commands (from web UI Client Configure option) on my other laptop (192.168.100.202).
kubectl config set-cluster pot_icp_cluster.icp --server=https://192.168.100.201:8001 --insecure-skip-tls-verify=true
kubectl config set-context pot_icp_cluster.icp-context --cluster=pot_icp_cluster.icp
kubectl config set-credentials admin --token=<token>
kubectl config set-context pot_icp_cluster.icp-context --user=admin --namespace=default
kubectl config use-context pot_icp_cluster.icp-context
And, this works perfect as I am able to run kubectl commands from the other laptop (192.168.100.202) to the VMs running on another laptop (192.168.100.201) using port forwarding same way I did for the Web UI.
My question is: Is there something that I can do to get this redirection problem fixed in the Web UI?
I received a reply from an expert that liberty server that authenticates and verifies a login has only the master node's IP address registered with it as a callback URL during the installation. In the version of IBM Cloud Private 2.1.0.1, there is no direct way to register the new clients. However, this limitation is being fixed and starting next upgrade, we should be able to register new clients dynamically post install also.
I get the following error when I try to do "docker run" on my Windows 2016.
PS C:\Users\Administrator> docker run microsoft/sample-dotnet
Unable to find image 'microsoft/sample-dotnet:latest' locally
C:\Program Files\Docker\docker.exe: Error response from daemon: Get https://registry-1.docker.io/v2/: net/http: request canceled while waiting for connection (Client.Timeout exceeded while awaiting headers).
See 'C:\Program Files\Docker\docker.exe run --help'.
I followed the instructions here to get started.
This is different from this question because this is Windows.
Any ideas?
same Problem for Windows. Some people wrote to delete dns 8.8.8.8 from resolve.conf
But i added this dns to my Settings (right click on docker icon -> Network -> Set DNS to Fixed (8.8.8.8)
Go to Docker settings > network > DNS server . change from automatic to fixed ( default is 8.8.8.8 ) . worked on win 10
It turns out I needed to set the proxy as per this link.
Here is an example of what I had to do (replacing my proxy address):
[Environment]::SetEnvironmentVariable("HTTP_PROXY", "http://myproxy:80/", [EnvironmentVariableTarget]::Machine)
[Environment]::SetEnvironmentVariable("HTTPS_PROXY", "https://myproxy:80/", [EnvironmentVariableTarget]::Machine)
restart-service docker
Kindly launch the docker setting and set your dns to 8.8.8.8
So I faced the same problem and it took me days to figure out what to do.
Summary:
I disabled Hyper-V (from the Hyper-V Manager, that comes with docker-desktop)
I disabled every Network Adapter that is a part of Hyper-V (vEthernet(DockerNAT), vEthernet(Default Switch) and Virtual-Box-Host-Only Network)
In the Docker Settings, I set the DNS to 8.8.8.8
In the Docker Settings, I set Proxy to no-Proxy
In the General Docker Settings, I checked "Expose Daemon on tcp[..]"
I reactivated the following network adapters: vEthernet(DockerNAT), vEthernet(Default Switch) and Virtual-Box-Host-Only Network
I restarted (enabled) Hyper-V
I restarted Docker
In my console I tried docker run hello-world
Pull works! Login works! Everything works! -> Time to get a coffee
Ubuntu, Centos
Create a file called /etc/systemd/system/docker.service.d/http-proxy.conf that
mkdir -p /etc/systemd/system/docker.service.d
sudo nano /etc/systemd/system/docker.service.d/http-proxy.conf
adds the HTTP_PROXY environment variable:
[Service]
Environment="HTTP_PROXY=http://172.28.5.202:3128/"
Or, if you are behind an HTTPS proxy server, create a file called
/etc/systemd/system/docker.service.d/https-proxy.conf that adds the HTTPS_PROXY environment variable:
[Service]
Environment="HTTPS_PROXY=http://172.28.5.202:3128/"
Flush changes:
$ sudo systemctl daemon-reload
Restart Docker:
$ sudo systemctl restart docker
It worked!