Skip to content

Docker fix for SSL issues due to corporate network

Jump to bottom
Matt S edited this page Sep 29, 2017 · 8 revisions

Goal

Docker may fail to resolve DNS addresses on a network that uses proxy servers, such as a corporate network. This will manifest itself as an error when running docker-compose build commands and look something like this:

---> Running in 371637437e86
/tmp/download-kafka.sh: line 3: jq: not found
/tmp/download-kafka.sh: line 3: curl: not found
wget: bad address 'kafka'
ERROR: Service 'kafka' failed to build: The command '/bin/sh -c chmod a+x /tmp/download-kafka.sh && sync && /tmp/download-kafka.sh && tar xfz /tmp/kafka_${SCALA_VERSION}-${KAFKA_VERSION}.tgz -C /opt && rm /tmp/kafka_${SCALA_VERSION}-${KAFKA_VERSION}.tgz' returned a non-zero code: 1

This can be fixed by manually overriding where Docker looks for the system DNS server.

Procedure

1. Find the address of your DNS server.

Run nslookup www.google.com and you will see an output like this:

$ nslookup www.google.com
Server:		192.168.1.1
Address:	192.168.1.1#53

Note the address that appears (192.168.1.1 in this case).

2. Tell Docker where to look for DNS server.

Create a new daemon.json file in your /etc/docker directory containing the following info. Replace the 192.168.1.1 with the address found in step 1. The 8.8.8.8 address should not be changed, this is the default Docker DNS address.

{"dns": ["192.168.1.1", "8.8.8.8"]}

A simple way to create this file is to run a command like this:

echo '{"dns": ["192.168.1.1", "8.8.8.8"]}' > /etc/docker/daemon.json

If you get a permissions error, rerun the command with sudo in front.

3. Restart the Docker daemon

sudo service docker restart

Running docker-compose up --build -d should now create and start the containers without any build issues.

Reference

Reference: https://robinwinslow.uk/2016/06/23/fix-docker-networking-dns/

Releases

Change Notices

Informational Reference

  • Decode a file with asn1c
  • Deposit BSM to S3
  • Docker fix for SSL issues due to corporate network
  • Docker management
  • ECDSA Primer
  • Filter BSMs through PPM module
  • Geofence Filtering for PPM
  • Import BSMs from RSU log file
  • Import TIMs from RSU log file
  • jpo security svcs Integration
  • Link host directory to Docker directory
  • Migrating from SDW websocket depositor to SDW Depositor Submodule
  • ODE Release Deployment
  • ODE Release Preparation
  • Prepare a fresh Ubuntu instance for ODE installation
  • Process for Handling Bugs (Code Defects)
  • Run the ODE using the ASN codec module
  • Query RSU for set TIMs
  • Schema Version 6 Change Notice
  • Signed Message File Import
  • TIM REST Endpoint Changes
  • Using the .env configuration file
  • Using the ODE test harness

Test Procedures

  • Delete TIM on RSU test
  • Event Logger Test
  • Import Decode and Deliver BSM Test
  • Manage SNMP Test
  • Sending PDM to RSU Test
  • Sending TIM to RSU Test
  • Submit_TIM_To_SDW Test

Archived

  • Log File Changes (schemaVersion=4)
  • Receive BSMs over UDP
  • Receive ISD via UDP and deposit to SDC
  • Receive VSD via UDP and deposit to SDC
  • Run the crypto test vectors code with ODE team's OSS encoder
  • SchemaVersion 5 Change Notice
Clone this wiki locally