[ZUN] Proxy on Docker + Zun

Hongbin Lu hongbin034 at gmail.com
Sat May 4 05:12:38 UTC 2019


Alejandro,

Yes, it might be an proxy issue. According to
https://docs.docker.com/config/daemon/systemd/#httphttps-proxy , the
NO_PROXY is a list of comma-separated hosts (not a cidr like 10.8.0.0/16
<http://127.0.0.0/8,10.8.0.0/16>). So you might want to try:

NO_PROXY=localhost,127.0.0.1,10.8.9. <http://127.0.0.0/8,10.8.0.0/16>
54,...

On Fri, May 3, 2019 at 3:09 PM Alejandro Ruiz Bermejo <
arbermejo0417 at gmail.com> wrote:

> I'm still working on my previous error of the openstack appcontainer run
> error state:
>
> I have Docker working behind a Proxy. As you can see in the Docker info i
> attach  to this mail. I tried to do the curl http://10.8.9.54:2379/health
> with the proxy environment variable and i got timeout error (without it the
> curl return the normal healthy state for the etcd cluster). So my question
> is if i'm having a problem with the proxy configuration and docker commands
> when i'm executing the openstack appcontainer run. And if you know any use
> case of someone working with Docker behind a proxy and Zun in the Openstack
> environment.
>
> This is the outputh of
>
> # systemctl show --property Environment docker
> Environment=HTTP_PROXY=http://10.8.7.60:3128/ NO_PROXY=localhost,
> 127.0.0.0/8,10.8.0.0/16 HTTPS_PROXY=http://10.8.7.60:3128/
>
> And this is the one of
>
> root at compute /h/team# docker info
> Containers: 9
>  Running: 0
>  Paused: 0
>  Stopped: 9
> Images: 7
> Server Version: 18.09.5
> Storage Driver: overlay2
>  Backing Filesystem: extfs
>  Supports d_type: true
>  Native Overlay Diff: true
> Logging Driver: json-file
> Cgroup Driver: cgroupfs
> Plugins:
>  Volume: local
>  Network: bridge host macvlan null overlay
>  Log: awslogs fluentd gcplogs gelf journald json-file local logentries
> splunk syslog
> Swarm: inactive
> Runtimes: runc
> Default Runtime: runc
> Init Binary: docker-init
> containerd version: bb71b10fd8f58240ca47fbb579b9d1028eea7c84
> runc version: 2b18fe1d885ee5083ef9f0838fee39b62d653e30
> init version: fec3683
> Security Options:
>  apparmor
>  seccomp
>   Profile: default
> Kernel Version: 4.15.0-48-generic
> Operating System: Ubuntu 18.04.2 LTS
> OSType: linux
> Architecture: x86_64
> CPUs: 8
> Total Memory: 15.66GiB
> Name: compute
> ID: W35H:WCPP:AM3K:NENH:FEOR:S23C:N3FZ:QELB:LLUR:USMJ:IM7W:YMFX
> Docker Root Dir: /var/lib/docker
> Debug Mode (client): false
> Debug Mode (server): false
> HTTP Proxy: http://10.8.7.60:3128/
> HTTPS Proxy: http://10.8.7.60:3128/
> No Proxy: localhost,127.0.0.0/8,10.8.0.0/16
> Registry: https://index.docker.io/v1/
> Labels:
> Experimental: false
> Cluster Store: etcd://10.8.9.54:2379
> Insecure Registries:
>  127.0.0.0/8
> Live Restore Enabled: false
> Product License: Community Engine
>
> WARNING: API is accessible on http://compute:2375 without encryption.
>          Access to the remote API is equivalent to root access on the
> host. Refer
>          to the 'Docker daemon attack surface' section in the
> documentation for
>          more information:
> https://docs.docker.com/engine/security/security/#docker-daemon-attack-surface
> WARNING: No swap limit support
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-discuss/attachments/20190504/68b2609a/attachment.html>


More information about the openstack-discuss mailing list