docker配置代理pull报错:proxyconnect tcp: tls: first record does not look like a TLS handshake

1、docker pull mysql报错

[root@k8s docker.service.d]# docker pull mysql
Using default tag: latest
Error response from daemon: Get https://registry-1.docker.io/v2/: proxyconnect tcp: tls: first record does not look like a TLS handshake

2、查看代理配置

[root@k8s docker.service.d]# sudo systemctl show --property=Environment docker
Environment=HTTP_PROXY=http://proxy.scott.net:8081 HTTPS_PROXY=https://proxy.scott.net:8081 NO_PROXY=localhost,127.0.0.1
[root@k8s docker.service.d]# 

3、代理配置是参考https://docs.docker.com/config/daemon/systemd/

3.1 Create a systemd drop-in directory for the docker service

sudo mkdir -p /etc/systemd/system/docker.service.d

3.2 Create a file named /etc/systemd/system/docker.service.d/http-proxy.conf that adds the HTTP_PROXY environment variable:

[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80"

If you are behind an HTTPS proxy server, set the HTTPS_PROXY environment variable:

[Service]
Environment="HTTPS_PROXY=https://proxy.example.com:443"

Multiple environment variables can be set; to set both a non-HTTPS and a HTTPs proxy;

[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80"
Environment="HTTPS_PROXY=https://proxy.example.com:443"

3.3 

If you have internal Docker registries that you need to contact without proxying you can specify them via the NO_PROXY environment variable.

The NO_PROXY variable specifies a string that contains comma-separated values for hosts that should be excluded from proxying. These are the options you can specify to exclude hosts:

  • IP address prefix (1.2.3.4)
  • Domain name, or a special DNS label (*)
  • A domain name matches that name and all subdomains. A domain name with a leading “.” matches subdomains only. For example, given the domains foo.example.com and example.com:
    • example.com matches example.com and foo.example.com, and
    • .example.com matches only foo.example.com
  • A single asterisk (*) indicates that no proxying should be done
  • Literal port numbers are accepted by IP address prefixes (1.2.3.4:80) and domain names (foo.example.com:80)

Config example:

[Service]
Environment="HTTP_PROXY=http://proxy.example.com:80"
Environment="HTTPS_PROXY=https://proxy.example.com:443"
Environment="NO_PROXY=localhost,127.0.0.1,docker-registry.example.com,.corp"

3.4 Flush changes and restart Docker

sudo systemctl daemon-reload
sudo systemctl restart docker

3.5 Verify that the configuration has been loaded and matches the changes you made, for example:

sudo systemctl show --property=Environment docker
    
Environment=HTTP_PROXY=http://proxy.example.com:80 HTTPS_PROXY=https://proxy.example.com:443 NO_PROXY=localhost,127.0.0.1,docker-registry.example.com,.corp

4、查看docker info 

[root@k8s ~]# docker info
Client:
 Debug Mode: false

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 0
 Server Version: 19.03.13
 Storage Driver: overlay2
  Backing Filesystem: xfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 8fba4e9a7d01810a393d5d25a3621dc101981175
 runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
 init version: fec3683
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 3.10.0-693.el7.x86_64
 Operating System: CentOS Linux 7 (Core)
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 2.875GiB
 Name: k8s
 ID: 3547:O4LB:HJ52:ERHQ:2CWG:UURI:FUYC:EK4J:CLEO:LIYS:UWQ3:BFFI
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http://proxy.scott.net:8081/
 HTTPS Proxy: https://proxy.scott.net:8081/
 No Proxy: localhost,127.0.0.1
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Registry Mirrors:
  https://docker.mirrors.ustc.edu.cn/
 Live Restore Enabled: false

5、修改配置文件/etc/systemd/system/docker.service.d/http-proxy.conf,去掉HTTPS_PROXY

修改前

[root@k8s docker.service.d]# cat https-proxy.conf 
[Service]
Environment="HTTP_PROXY=http://proxy.scott.net:8081/" "HTTPS_PROXY=https://proxy.scott.net:8081/" "NO_PROXY=localhost,127.0.0.1"

修改后

[root@k8s docker.service.d]# cat https-proxy.conf 
[Service]
Environment="HTTP_PROXY=http://proxy.scott.net:8081/" "NO_PROXY=localhost,127.0.0.1"

docker info

[root@k8s docker.service.d]# docker info
Client:
 Debug Mode: false

Server:
 Containers: 0
  Running: 0
  Paused: 0
  Stopped: 0
 Images: 0
 Server Version: 19.03.13
 Storage Driver: overlay2
  Backing Filesystem: xfs
  Supports d_type: true
  Native Overlay Diff: true
 Logging Driver: json-file
 Cgroup Driver: cgroupfs
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local logentries splunk syslog
 Swarm: inactive
 Runtimes: runc
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: 8fba4e9a7d01810a393d5d25a3621dc101981175
 runc version: dc9208a3303feef5b3839f4323d9beb36df0a9dd
 init version: fec3683
 Security Options:
  seccomp
   Profile: default
 Kernel Version: 3.10.0-693.el7.x86_64
 Operating System: CentOS Linux 7 (Core)
 OSType: linux
 Architecture: x86_64
 CPUs: 4
 Total Memory: 2.875GiB
 Name: k8s
 ID: 3547:O4LB:HJ52:ERHQ:2CWG:UURI:FUYC:EK4J:CLEO:LIYS:UWQ3:BFFI
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 HTTP Proxy: http://proxy.scott.net:8081/
 No Proxy: localhost,127.0.0.1
 Registry: https://index.docker.io/v1/
 Labels:
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Registry Mirrors:
  https://docker.mirrors.ustc.edu.cn/
 Live Restore Enabled: false

6、Flush changes and restart Docker

sudo systemctl daemon-reload
sudo systemctl restart docker

7、查看docker代理

[root@k8s docker.service.d]# sudo systemctl show --property=Environment docker
Environment=HTTP_PROXY=http://proxy.scott.net:8081/ NO_PROXY=localhost,127.0.0.1

8、pull

[root@k8s docker.service.d]# docker pull mysql
Using default tag: latest
latest: Pulling from library/mysql
bb79b6b2107f: Pull complete 
49e22f6fb9f7: Pull complete 
842b1255668c: Pull complete 
9f48d1f43000: Pull complete 
c693f0615bce: Pull complete 
8a621b9dbed2: Pull complete 
0807d32aef13: Pull complete 
a56aca0feb17: Pull complete 
de9d45fd0f07: Pull complete 
1d68a49161cc: Pull complete 
47834b5a7c81: Pull complete 
7b0764b0009c: Pull complete 
Digest: sha256:b30e3c13ab71f51c7951120826671d56586afb8d9e1988c480b8673c8570eb74
Status: Downloaded newer image for mysql:latest
docker.io/library/mysql:latest

 

你可能感兴趣的:(docker)