search

abiosoft / colima

Container runtimes on macOS (and Linux) with minimal setup
MIT License
17.75k stars 365 forks source link

colima x86_64 daemon.json file has incorrect proxy #956

Open dragonfriend0013 opened 5 months ago

dragonfriend0013 commented 5 months ago

Description

I use zscaler on my machine (M2 Mac), so my local proxy is set to 127.0.0.1:9000. during the colima start, it set the proxy variable to a 192.* address, but the daemon.json file still shows as the original 127 address. this should be updates with the updated address. i can manually update this through ssh, but it would be better if this is done when colima starts.

docker build does not have this issue, only docker compose and docker-compose

Version

colima version 0.6.7 git commit: ba1be00e9aec47f2c1ffdacfb7e428e465f0b58a

runtime: docker arch: x86_64 client: v24.0.7 server: v24.0.7 limactl version 0.19.1 qemu-img version 8.2.0 Copyright (c) 2003-2023 Fabrice Bellard and the QEMU Project developers

Operating System

Output of colima status

INFO[0000] colima is running using QEMU INFO[0000] arch: x86_64 INFO[0000] runtime: docker INFO[0000] mountType: sshfs INFO[0000] socket: unix:///Users/jamurphy/.colima/default/docker.sock

Reproduction Steps

  1. colima delete
  2. colima start --arch x86_64
  3. docker compose up --detach (have an external image that must be pulled through proxy)

Expected behaviour

docker compose works

Additional context

env variable on Mac: http_proxy=http://127.0.0.1:9000 https_proxy=http://127.0.0.1:9000

env variable on colima https_proxy=http://192.168.5.2:9000 http_proxy=http://192.168.5.2:9000

daemon.json on colima cat daemon.json { "exec-opts": [ "native.cgroupdriver=cgroupfs" ], "features": { "buildkit": true }, "proxies": { "http-proxy": "http://127.0.0.1:9000", "https-proxy": "http://127.0.0.1:9000" } } No response

fralken commented 5 months ago

I have the same issue with colima 0.6.7. This was working properly until version 0.5.x.

I notice that in the feature list of release 0.6.0 there is this statement:

  • Proxy variables HTTP_PROXY, HTTPS_PROXY, NO_PROXY and their lowercase variants are now forwarded to the Docker daemon.

Proxy variables should be taken from inside Qemu and not from the Host, so to get the remapped values (that is 192.168.5.2 instead of 127.0.0.1).

For now I must stay on colima 0.5.6, where I do not have this issue.

abiosoft commented 5 months ago

It is an oversight. 127.0.0.1 proxy host address should be auto-translated to 192.168.5.2.

fralken commented 5 months ago

Is it necessary to set the proxies in daemon.json? In colima 0.5.6 they are not set but docker info shows the values from the env variables.

HTTP Proxy: http://192.168.5.2:8128 HTTPS Proxy: http://192.168.5.2:8128

dragonfriend0013 commented 4 months ago

Any update on getting this corrected?

hotwebmatter commented 4 months ago

This approach worked for me.

Using the provision key in ~/.colima/default/colima.yml:

provision:
  - mode: system
    script: |
      GLOBAL_PROXY='127.0.0.1:9000'
      COLIMA_PROXY=$(echo $http_proxy | sed -e 's/http:\/\///')
      sed -i "s/$GLOBAL_PROXY/$COLIMA_PROXY/" /etc/docker/daemon.json
      systemctl daemon-reload
      systemctl restart docker

First, this sets $GLOBAL_PROXY to 127.0.0.1:9000 (NOTE: If the correct proxy setting for your host OS differs from this, set this value accordingly.)

Then, it gets the value of $http_proxy from inside the vm (equivalent to colima ssh), strips the leading protocol identifier, and stores it as $COLIMA_PROXY.

Then it finds $GLOBAL_PROXY in /etc/docker/daemon.json and updates that value to match $COLIMA_PROXY.

Finally, it reloads the changes and restarts the Docker daemon. (If the provisioning script were run as a user instead of as mode: system, these last two commands would require sudo.)

rteeling-evernorth commented 4 months ago

This approach worked for me.

Using the provision key in ~/.colima/default/colima.yml:

provision:
  - mode: system
    script: |
      GLOBAL_PROXY='127.0.0.1:9000'
      COLIMA_PROXY=$(echo $http_proxy | sed -e 's/http:\/\///')
      sed -i "s/$GLOBAL_PROXY/$COLIMA_PROXY/" /etc/docker/daemon.json
      systemctl daemon-reload
      systemctl restart docker

First, this sets $GLOBAL_PROXY to 127.0.0.1:9000 (NOTE: If the correct proxy setting for your host OS differs from this, set this value accordingly.)

Then, it gets the value of $http_proxy from inside the vm (equivalent to colima ssh), strips the leading protocol identifier, and stores it as $COLIMA_PROXY.

Then it finds $GLOBAL_PROXY in /etc/docker/daemon.json and updates that value to match $COLIMA_PROXY.

Finally, it reloads the changes and restarts the Docker daemon. (If the provisioning script were run as a user instead of as mode: system, these last two commands would require sudo.)

Nice!

MagicGopher commented 3 weeks ago

I'm wondering if you have solved the problem of configuring the proxy in the daemon.json file when you start docker in colima? Every time I modify the daemon.json file to configure proxies, the proxy is not implemented.