Docker proxy config doesn't work on CentOS 7.0.1406

[TheNitek]

Similar to #133 the docker proxy configuration doesn't work for me on CentOS 7 because the config is written to /etc/sysconfig/docker even though the system is using the systemd config format.

[otahi]

@TheNitek Thank you for your reporting. Can you describe the problem to solve the problem? Like https://github.com/tmatilai/vagrant-proxyconf/pull/133#issuecomment-139824618, can you list the followings?

• Vagrant and Vagrant-proxyconf version
• Vagrantfile
  • password and other information is hidden
• Log when vagrant reload or vagrant up
  • at first, usual log is enough
• Result of check proxy related environment variables
  • vagrant ssh -c 'sudo strings /proc/sudo pgrep docker|head -n1/environ | grep -i proxy'

[TheNitek]

Sure!

Vagrant 1.7.4
vagrant-proxyconf (1.5.2)

Vagrantfile:

Vagrant.configure(2) do |config|
  config.vm.box = "puppetlabs/centos-7.0-64-nocm"
  config.vm.hostname = "onenodecluster"

  # port forwarding
  # Wildfly http
  config.vm.network "forwarded_port", guest: 8080, host: 8083
  # Wildfly management http
  config.vm.network "forwarded_port", guest: 9990, host: 9990
  # Docker management
  config.vm.network "forwarded_port", guest: 2375, host: 2375

  config.vm.synced_folder ".", "/vagrant"
  config.vm.synced_folder "../..", "/project"

  config.vm.provider "virtualbox" do |vb|
     vb.memory = "4196"
  end

        if Vagrant.has_plugin?("vagrant-proxyconf")
                config.proxy.http      = "http://10.0.2.2:3128/"
                config.proxy.https     = "http://10.0.2.2:3128/"
                config.proxy.no_proxy  = "localhost,127.0.0.1,.intra.net"
        end

        config.vm.provision "shell", path: "vagrant_provision.sh"
end

$ vagrant reload

==> default: Attempting graceful shutdown of VM...
==> default: Checking if box 'puppetlabs/centos-7.0-64-nocm' is up to date...
==> default: Clearing any previously set forwarded ports...
==> default: Clearing any previously set network interfaces...
==> default: Preparing network interfaces based on configuration...
    default: Adapter 1: nat
==> default: Forwarding ports...
    default: 8080 => 8083 (adapter 1)
    default: 9990 => 9990 (adapter 1)
    default: 2375 => 2375 (adapter 1)
    default: 22 => 2222 (adapter 1)
==> default: Running 'pre-boot' VM customizations...
==> default: Booting VM...
==> default: Waiting for machine to boot. This may take a few minutes...
    default: SSH address: 127.0.0.1:2222
    default: SSH username: vagrant
    default: SSH auth method: private key
    default: Warning: Connection timeout. Retrying...
==> default: Machine booted and ready!
==> default: Checking for guest additions in VM...
    default: The guest additions on this VM do not match the installed version of
    default: VirtualBox! In most cases this is fine, but in rare cases it can
    default: prevent things such as shared folders from working properly. If you see
    default: shared folder errors, please make sure the guest additions within the
    default: virtual machine match the version of VirtualBox you have installed on
    default: your host and reload your VM.
    default:
    default: Guest Additions Version: 4.3.22
    default: VirtualBox Version: 5.0
==> default: Setting hostname...
==> default: Configuring proxy for Docker...
==> default: Configuring proxy environment variables...
==> default: Configuring proxy for Yum...
==> default: Mounting shared folders...
    default: /vagrant => C:/Update/infrastructure/vagrant
    default: /project => C:/Update
==> default: Machine already provisioned. Run `vagrant provision` or use the `--provision`
==> default: flag to force provisioning. Provisioners marked to run always will still run.

$ vagrant ssh -c 'sudo strings /proc/`sudo pgrep docker|head -n1`/environ | grep -i proxy '
HTTP_PROXY=http://10.0.2.2:3128/
NO_PROXY=localhost,127.0.0.0/8,.intra.net
Connection to 127.0.0.1 closed.

$ vagrant ssh -c 'ps -p1 | grep systemd'
    1 ?        00:00:00 systemd
Connection to 127.0.0.1 closed.

[otahi]

@TheNitek Thank you for your response. It seems OK for me. So I need to check more.

1. the docker version
2. the docker result when it runs

In addition, you can try to add /var/run/docker.sock to NO_PROXY. See #109

[TheNitek]

Docker version 1.9.0, build 76d6bc9

[vagrant@onenodecluster base_wildfly]$ docker search bla
Error response from daemon: Get https://index.docker.io/v1/search?q=bla: dial tcp 54.173.111.219:443: i/o timeout

I don't think the socket is the problem, since everything runs fine except for things that need to connect to the internet

Dropping a file with the following content in /etc/systemd/system/docker.service.d fixes the issue for me

[Service]
Environment="HTTP_PROXY=http://10.0.2.2:3128/" "NO_PROXY=localhost,127.0.0.0/8"

[otahi]

@TheNitek Thank you for farther information. I will check it with the VM image which you indicated.

[adrianluisgonzalez]

+1

I ran into a similar issue using the https://github.com/fabric8io/fabric8-installer vagrant box jimmidyson/centos-7.1 version 1.2.6.

Adding a file to /etc/systemd/system/docker.service.d also resolved the problem for me.

[rlaveycal]

I don't know if it's related, but the proxy setting on Ubuntu 14.04 / Docker 1.9.1 also don't work because the values written to /etc/default/docker need to have quotes around them. I've submitted PR #142

[ambition-consulting]

It is not related. We basically need https://github.com/tmatilai/vagrant-proxyconf/blob/master/lib/vagrant-proxyconf/cap/coreos/docker_proxy_conf.rb to also work for centos distributions.

[otahi]

I am sorry that I cannot take time to investigate this issue.

@amb-it-ion Thank you for your information! I don't really understand which file should be configured. Do you have any ideas to fix this issue? We need to care both CentOS6 and 7.

[jongiddy]

I suspect the correct incantation should be something like the following shell commands:

# mkdir /etc/systemd/system/docker.service.d
# cat > /etc/systemd/system/docker.service.d/http-proxy.conf <<EOF
[Service]
EnvironmentFile=-/etc/sysconfig/docker
EOF
# systemctl daemon-reload || true
# systemctl restart docker || (other ways to restart deamon)

With this setup, Docker continues to use the /etc/sysconfig/docker file for proxy configuration on systemd-based systems without breaking non-systemd systems.

However, I have not completely tested this, as I am also dealing with an SSL-intercepting proxy.

[otahi]

@jongiddy Thank you for your information. I will check it.

[nanomad]

I can confirm that @jongiddy solution works properly on CentOS 7

[otahi]

Thank you for all. I am creating a pull request #150. But I have not tested it yet.

If you have any questions or advises, please let me know.

[ashahba]

The behavior for "CentOS Linux release 7.2.1511 (Core)" is the same. However I used the method described by @jongiddy and that resolved my issue.

[rafaelri]

In fact it isn't only related to CentOS but to newer linux versions that use systemd instead of SysV or Upstart. I am facing the exact same issue on Ubuntu 16.04. Perhaps the code should detect the init system used and configure accordingly.

[codylane]

2.0.1 has been released. Please re-open if this is still an issue.