Docker: Container Support & Proxy
Module:
Categories:
Pigsty has a DOCKER module, which provides a set of playbooks to install and manage Docker on the target nodes.
This document will guide you through how to enable Docker support in Pigsty, and how to configure a proxy server for DockerHub.
Install Docker
To install docker on specified nodes, you can use the docker.yml playbook:
./docker.yml -l <ip|group|cls>
That’s it.
Proxy 101
Assuming you have a working HTTP(s) proxy server, if you wish to connect to docker hub or other registry sites via the proxy server:
You proxy service should provide you with something like
http://<ip|domain>:<port>|https://[user]:[pass]@<ip|domain>:<port>
For example, if you have a proxy server configuring like this:
export ALL_PROXY=http://192.168.0.104:8118
export HTTP_PROXY=http://192.168.0.104:8118
export HTTPS_PROXY=http://192.168.0.104:8118
export NO_PROXY="localhost,127.0.0.1,10.0.0.0/8,192.168.0.0/16,*.pigsty,*.aliyun.com,mirrors.*,*.myqcloud.com,*.tsinghua.edu.cn"
You can check the proxy server by using the curl command, for example:
curl -x http://192.168.0.104:8118 -I http://www.google.com
How to configure proxy for Docker Daemon?
If you wish to use a proxy server when Docker pulls images, you should specify the proxy_env parameter in the global variables of the pigsty.yml configuration file:
all:
vars:
proxy_env: # global proxy env when downloading packages
no_proxy: "localhost,127.0.0.1,10.0.0.0/8,192.168.0.0/16,*.pigsty,*.aliyun.com,mirrors.*,*.myqcloud.com,*.tsinghua.edu.cn"
http_proxy: http://192.168.0.104:8118
all_proxy: http://192.168.0.104:8118
https_proxy: http://192.168.0.104:8118
And when the Docker playbook is executed, these configurations will be rendered as proxy configurations in /etc/docker/daemon.json:
{
"proxies": {
"http-proxy": "{{ proxy_env['http_proxy'] }}",
"https-proxy": "{{ proxy_env['http_proxy'] }}",
"no-proxy": "{{ proxy_env['no_proxy'] }}"
}
}
Please note that Docker Daemon does not use the
all_proxyparameter
If you wish to manually specify a proxy server, you can directly modify the proxies configuration in /etc/docker/daemon.json;
Or you can modify the service definition in /lib/systemd/system/docker.service (Debian/Ubuntu) and /usr/lib/systemd/system/docker.service to add environment variable declarations in the [Service] section
[Service]
Environment="HTTP_PROXY=http://192.168.0.104:8118"
Environment="HTTPS_PROXY=http://192.168.0.104:8118"
Environment="NO_PROXY=localhost,127.0.0.1,10.0.0.0/8,192.168.0.0/16,*.pigsty,*.aliyun.com,mirrors.*,*.myqcloud.com,*.tsinghua.edu.cn"
And restart dockerd service to take effect:
systemctl restart docker
How to use other registry?
You can specify other registry sites in the docker_registry_mirrors parameter.
It may look like this:
[ "https://mirror.ccs.tencentyun.com" ] # tencent cloud mirror, intranet only
["https://registry.cn-hangzhou.aliyuncs.com"] # aliyun cloud mirror, login required
You can also log in to other mirror sites, such as quay.io, by executing:
docker login quay.io
username #> # input your username
password #> # input your password
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.