Docker Client cant connect to Server behind proxy

[webmutation]

Previous versions of Docker worked on my machine but for some reason, the new toolbox does not work. I am behind a corporate proxy and have the http_proxy and https_proxy environment variables.

$ docker version
Client:
 Version:      1.11.1
 API version:  1.23
 Go version:   go1.5.4
 Git commit:   5604cbe
 Built:        Tue Apr 26 23:44:17 2016
 OS/Arch:      windows/amd64
**An error occurred trying to connect: Get https://192.168.99.100:2376/v1.23/versi
on: Service Unavailable**

If I start the image normally using virtualbox, the deamon is running

sudo /etc/init.d/docker status Docker daemon is running

Also tried disabling TLS and restart the Daemon DOCKER_TLS=no

No success...

$ curl https://192.168.99.100:2376/v1.23/version curl: (56) Received HTTP code 503 from proxy after CONNECT

If I use the browser

192.168.99.100 didn’t accept your login certificate, or your login certificate may have expired. Try contacting the system admin. ERR_BAD_SSL_CLIENT_AUTH_CERT

Tried to

$ docker-machine regenerate-certs default still no success.

I am not sure where to look next to have the docker client and the Docker daemon talking... where else can i look for possible issues? I suppose that removing .docker and deleting the VM resets the environment and will force to generate new certs but it does not appear to be working.

Inside of the virtualbox i can do docker run hello-world it connects to docker hub and runs just fine. The issue is with the client connecting to the daemon

docker-machine ssh default

Works fine.

[mtttcgcg]

Same issue here, behind a corp proxy and tried setting HTTP_PROXY/HTTPS_PROXY. Also tried DOCKER_TLS=0, and it is blocked in the browser due to a bad cert. Also tried regenerating certs.

$ docker -D pull hello-world time="2016-10-11T17:17:50-07:00" level=debug msg="Trusting 1 certs" Using default tag: latest Warning: failed to get default registry endpoint from daemon (An error occurred trying to connect: Get https://10.0.0.10 0:2376/v1.24/info: Service Unavailable). Using system default: https://index.docker.io/v1/ An error occurred trying to connect: Post https://10.0.0.100:2376/v1.24/images/create?fromImage=hello-world&tag=latest: Service Unavailable

[nathanleclaire]

Same issue here, behind a corp proxy and tried setting HTTP_PROXY/HTTPS_PROXY. Also tried DOCKER_TLS=0, and it is blocked in the browser due to a bad cert. Also tried regenerating certs.

You have to set on Docker daemon as well. Did you docker-machine create --engine-env HTTP_PROXY=http://proxy.com ?

[mtttcgcg]

Yes. I tried this:

After ssh'ing into the docker machine and exporting HTTPS_PROXY variable as the user 'docker', it can successfully use curl. But the problem appears to be related to the certificate: when I run 'docker pull hello-world' from the docker console (not inside ssh to docker machine), it can't connect to

If I go to that address in my browser, it says there's a certificate error and won't connect in IE or Chrome. If I access that same URL with plain HTTP, it works in the browser. So it seems something is wrong with the docker machine's certificate? Is there any way to force docker pull to use plain HTTP instead?

[mtttcgcg]

Chasing the HTTP/HTTPS issue was a red herring. From a fresh install, I was able to get hello-world working by performing the following: 1) After installer finishes, set up cNTLM proxy locally, and uncomment Gateway yes in cntlm.ini to allow it to listen externally, so containers can use it. 2) Set user environment variables HTTP_PROXY and HTTPS_PROXY so the docker shell can download boot2docker 3) Run the Docker Quickstart Terminal with elevated rights (admin) 4) The default machine's IP (192.168.99.100) was being blocked by a local firewall on my host. Therefore I had to pass --virtualbox-hostonly-cidr "10.0.0.1/24" to use an IP it did not block. 5) Command used: docker-machine create --engine-env HTTP_PROXY=http://:3128 --engine-env HTTPS_PROXY=https://:3128 -d virtualbox --virtualbox-hostonly-cidr "10.0.0.1/24" default 6) docker-machine env default 7) eval $("C:\Program Files\Docker Toolbox\docker-machine.exe" env default) 8) docker run hello-world WORKS!

[nathanleclaire]

👍

[webmutation]

@mtttcgcg Does not work for me, its strange. I'm not able to use Compose due to this issue... even using proxifier or other local proxies... I also don't understand why it stopped giving you the expired certificate message, because no matter how many times i recreated the VM it fails... i will try a different driver and create a VM in a public cloud to see where the issue lies.

[DJD-Code-Studio]

@webmutation Have you tried to re-provision the docker machine ? You can try that and see it it fixes the issue !!!