Univention Bugzilla – Bug 44561
Proxy settings of host are not inherited to docker containers
Last modified: 2017-06-15 17:58:15 CEST
When UCS runs behind a proxy, the proxy settings of the host (proxy/http="http://10.200.30.254:8080" and proxy/https="https://10.200.30.254:8080") are not passed to the docker containers. Please note that this is not about the docker daemon ("docker pull" works fine). This is about the applications inside the docker container. They cannot access the internet because they are not aware of the proxy. This means that you cannot install Nextcloud/ownCloud plugins, for example (or install debugging tools inside the container). As a workaround, you can set this UCR variable BEFORE the App installation (thanks Dirk): ucr set --force appcenter/apps/nextcloud/docker/params="--env http_proxy=http://10.200.30.254:8080 --env https_proxy=https://10.200.30.254:8080" I think we should do this automatically as some kind of pre-hook before the main app installation, if proxy/http(s) is set on the host. The challenge is, that ENV variables can only be passed to a container while it is being created. They cannot be changed for an existing container afterwards: https://github.com/moby/moby/issues/8838#issuecomment-285789380 This means that we can only change the ENV variables before the installation or before an app upgrade, afaics. I think we also need something like "univention-app reinstall" that simply removes the current container and creates a new one without purging app data. But that's a separate bug.
univention-appcenter r79694, r79696 univention-appcenter.yaml r79695 * always (ro) map /etc/apt/apt.conf.d/80proxy into container (proxy settings for apt-get) * set proxy/http (http_proxy), proxy/https (https_proxy) and proxy/no_proxy (no_proxy) in container if set on the host * both can be disabled by appcenter/docker/container/proxy/settings=no Note! These env variable can not be changed afterwards, so changes to the proxy settings require a re-installation of the app Workaround: * stop container * edit env var in /var/lib/docker/containers/CONTAINER_ID/config.v2.json * restart docker * start container QA: * if these changes are OK, please clone the Bug for errata4.1-4
With these changes, I am able to access the internet from within a container. YAML OK
<http://errata.software-univention.de/ucs/4.2/38.html>