How to Configure Proxy for Docker: Complete Guide
Docker needs internet access to pull images and communicate with registries. In corporate environments, network traffic often flows through proxy servers. Without proper proxy configuration, Docker fails to download images or access external resources.
What is Docker Proxy Configuration?
Docker proxy configuration tells the Docker daemon and containers how to route network traffic through proxy servers. This involves configuring environment variables and systemd service files to ensure Docker can communicate with external registries and services.
Key Scenarios
- Docker daemon proxy: Enables Docker to pull images from Docker Hub and other registries
- Container runtime proxy: Allows containers to access external resources during build and runtime
- Build-time proxy: Passes proxy settings to containers during image build
- Docker CLI proxy: Configures the Docker client for API communication
Configure Docker Daemon Proxy
Create a systemd drop-in directory for Docker service:
sudo mkdir -p /etc/systemd/system/docker.service.d
Create a proxy configuration file:
sudo nano /etc/systemd/system/docker.service.d/http-proxy.conf
Add proxy settings:
[Service]
Environment="HTTP_PROXY=http://proxy.example.com:8080"
Environment="HTTPS_PROXY=http://proxy.example.com:8080"
Environment="NO_PROXY=localhost,127.0.0.1,*.local"
Reload systemd and restart Docker:
sudo systemctl daemon-reload
sudo systemctl restart docker
Verify configuration:
sudo systemctl show --property=Environment docker
Configure Container Build Proxy
Set proxy for Docker build using --build-arg:
docker build --build-arg HTTP_PROXY=http://proxy.example.com:8080 \
--build-arg HTTPS_PROXY=http://proxy.example.com:8080 \
--build-arg NO_PROXY=localhost,127.0.0.1 \
-t myimage .
Or create ~/.docker/config.json for persistent build settings:
{
"proxies": {
"default": {
"httpProxy": "http://proxy.example.com:8080",
"httpsProxy": "http://proxy.example.com:8080",
"noProxy": "localhost,127.0.0.1,*.local"
}
}
}
Configure Container Runtime Proxy
Pass environment variables when running containers:
docker run -e HTTP_PROXY=http://proxy.example.com:8080 \
-e HTTPS_PROXY=http://proxy.example.com:8080 \
-e NO_PROXY=localhost,127.0.0.1 \
myimage
For Docker Compose, add to docker-compose.yml:
services:
myservice:
environment:
- HTTP_PROXY=http://proxy.example.com:8080
- HTTPS_PROXY=http://proxy.example.com:8080
- NO_PROXY=localhost,127.0.0.1
Operational Tips
- NO_PROXY variable: Always include localhost, 127.0.0.1, and internal service addresses to prevent routing local traffic through proxy
- Authentication: Use format
http://username:[email protected]:8080for authenticated proxies - Testing: Verify configuration with
docker pull hello-worldafter setup - Troubleshooting: Check Docker logs with
journalctl -u docker.serviceif pull operations fail - Security: Store sensitive proxy credentials in Docker secrets or external credential managers
Conclusion
Proper proxy configuration ensures Docker works seamlessly in corporate networks. By configuring daemon, build, and runtime proxy settings, you maintain full Docker functionality while complying with network policies. For intelligent incident management and automated issue resolution, consider using Akmatori, an open-source AI agent platform that helps SRE teams respond to infrastructure incidents faster.
FAQ
Why does Docker ignore system proxy settings?
- Docker daemon runs as a system service and doesn't inherit user environment variables. Configure proxy in systemd service files.
How to configure proxy for specific Docker registries?
- Use registry-specific configuration in
/etc/docker/daemon.jsonwithregistry-mirrorsandinsecure-registriesoptions.
- Use registry-specific configuration in
Can I use different proxies for HTTP and HTTPS?
- Yes, set separate
HTTP_PROXYandHTTPS_PROXYenvironment variables with different proxy endpoints.
- Yes, set separate