Open defender opened 9 years ago
root@fc07bb57ad8f:/# ls /tmp/ -l
total 4
-rwxr-xr-x 1 root root 2633 Oct 31 17:21 deploy_squid.py
I tested with a freshly build image and the registry downloaded image, using docker 1.4.1
Thank you for response
This is the way Im running your solution on my Vagrant machine: 1, Ubuntu 14.04 as a host
docker run -d -name=squid --net=host --privileged -e DISK_CACHE_SIZE=5000 -e MAX_CACHE_OBJECT=1000 squid
docker run --name=iptables --privileged --net=host iptables
After that Im trying to build my image without setting http_proxy inside Docker file :
Docker file
FROM centos:6.5 RUN yum reinstall glibc-common.x86_64 -y RUN yum -y install tar gzip krb5-devel zlib-devel sudo unzip which nc wget && clean all
Thanks.
I can run your docker file executing the following:
docker run -d -name=squid --net=host --privileged -e DISK_CACHE_SIZE=5000 -e MAX_CACHE_OBJECT=1000 jpetazzo/squid-in-a-can:latest
docker run -ti --privileged --net=host iptables
Note: I ran the iptables with -ti not -d to be able to see the console output and so I can ctrl-c it to clean up the iptables on shutdown.
With the above run I could build the following dockerfile:
FROM centos:6
RUN yum reinstall glibc-common.x86_64 -y
RUN yum -y install tar gzip krb5-devel zlib-devel sudo unzip which nc
What does your iptables look like for you when running? This is mine.
$ sudo iptables --list -t nat
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
DOCKER all -- anywhere anywhere ADDRTYPE match dst-type LOCAL
REDIRECT tcp -- anywhere anywhere tcp dpt:http redir ports 3129
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
DOCKER all -- anywhere !127.0.0.0/8 ADDRTYPE match dst-type LOCAL
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE all -- 172.17.0.0/16 anywhere
Chain DOCKER (2 references)
target prot opt source destination
In case I set env http_proxy inside container It works like a charm.
Thanks,