How to disable "userland-proxy" so that when using "docker-compose" it is disabled.
I tried running docker-compose up --userland-proxy=false but no luck.
Disabling the Userland proxy is a global configuration, configured at the daemon level. You cannot change this configuration from the client, and thus not from docker compose.
To disable the proxy, you need to change the daemon configuration (see the dockerd reference. You can do so following the steps below (these steps should be done on the host that the daemon runs);
Create a file named /etc/docker/daemon.json if it does not exist, and add the "userland-proxy": false setting. The daemon.json file should be valid JSON; if this is the only configuration in that file, it should look like;
{
"userland-proxy": false
}
After saving the file, restart the daemon using (if your host uses systemd);
sudo systemctl restart docker
Note: On Docker for Mac and Docker for Windows, the userland-proxy cannot be disabled, as it is an essential part of the networking (i.e. it allows connections to localhost to be forwarded to the containers)
Related
Which config files could disable the automatically starting ssh server, so a headless connect becomes impossible?
I need to know the config files that might interfere with the ssh server to normally start up at boot.
I believe that you are looking for the following commands (assuming you are running the last version of raspbian):
sudo systemctl stop sshd
sudo systemctl disable sshd
sudo systemctl mask sshd
stop Basically stops the service immediately. disable disables the service from starting at bootup. Additionally, mask will make it impossible to load the service.
Digging deeper into what each command does, on modern linux distributions there are configuration files for each service called unit files. They are stored (usually) in /usr/lib/systemd. These are basically the evolution of scripts to start services.
the stop command just calls the sshd.service unit file with a stop parameter, in order to shut down the server.
the disable (or enable) command removes(or creates) a symlink of the unit file in a directory where systemd looks into when booting services (usually, /etc/systemd/system).
systemctl mask creates a symlink to /dev/null instead of the unit file. That way the service cant be loaded.
I cannot connect to internet from pods. My kubernetes cluster is behind proxy.
I have already set /env/environment and /etc/systemd/system/docker.service.d/http_proxy.conf, and confirmed that environment variables(http_proxy, https_proxy, HTTP_PROXY, HTTPS_PROXY, no_proxy, NO_PROXY) are correct.
But in the pod, when I tried echo $http_proxy, answer is empty. I also tried curl -I https://rubygems.org but it returned curl: (6) Could not resolve host: rubygems.org.
So I think pod doesn't receive environment values correctly or there is something I forget to do what I should do. How should I do to solve it?
I tried to export http_proxy=http://xx.xx.xxx.xxx:xxxx; export https_proxy=....
After that, I tried again curl -I https://rubygems.org and I can received header with 200.
What I see is that you have wrong proxy.conf name.
As per official documention the name should be /etc/systemd/system/docker.service.d/http-proxy.confand not /etc/systemd/system/docker.service.d/http_proxy.conf.
Next you add proxies, reload daemon and restart docker, as mentioned in provided in comments another answer
/etc/systemd/system/docker.service.d/http_proxy.conf:
Content:
[Service]
Environment="HTTP_PROXY=http://x.x.x:xxxx"
Environment="HTTPS_PROXY=http://x.x.x.x:xxxx"
# systemctl daemon-reload
# systemctl restart docker
Or, as per #mk_ska answer you can
add http_proxy setting to your Docker machine in order to forward
packets from the nested Pod container through the target proxy server.
For Ubuntu based operating system:
Add export http_proxy='http://:' record to the file
/etc/default/docker
For Centos based operating system:
Add export http_proxy='http://:' record to the file
/etc/sysconfig/docker
Afterwards restart Docker service.
Above will set proxy for all containers what will be used by docker engine
I'm exploring the new set extensions called VSCode Remote Pack and I want to connect to a Vagrant container using the Remote Container extension. Using a Windows 10 OS, how could I do that?
I tried the extension but it requests me to have Docker installed, what I suppose from that is that it only works for Docker containers. But I wonder if somebody have already managed to connect to a Vagrant box.
This are the docs from the extension: https://code.visualstudio.com/docs/remote/containers
VS Code Remote containers currently only support Docker (its implementation executes docker commands). Please open a feature request if you would like to see other tools supported.
As an alternative, you could try using Remote SSH to connect to vagrant containers. That should work but will require some extra container setup
Sorry for updating this so late.
The solution was pretty simple, as #MnZrk commented, what it needs to be done for setting up the connection is the following:
Run vagrant ssh-config > some-file.txt. This will generate a file with the configuration to run using SSH. Here an example of that file:
Host default
HostName 127.0.0.1
User vagrant
Port 2222
UserKnownHostsFile /dev/null
StrictHostKeyChecking no
PasswordAuthentication no
IdentityFile C:/Users/User/project/.vagrant/machines/default/virtualbox/private_key
IdentitiesOnly yes
LogLevel FATAL
ForwardAgent yes
ForwardX11 yes
Notice that the host name is default, you could rename it to whatever you want so you could identify it more easily.
Copy the content of some-file.txt inside your SSH configuration file. This file could be edit directly from vscode by pressing F1 and writing Remote-SSH: Open Configuration File..., then you select the file you use for ssh configuration. After that file opens, just copy the content of some-file.txt there.
Finally, just press again F1 and type Remote-SSH: Connect to Host..., choose the connection with the host name default or the want you wrote in the first step, and that's all.
I'm running Ubuntu 18.04 and I've installed haproxy 1.8.8. I want to modify the config so that the "-f" option will read a directory rather than a single haproxy.cfg file.
I see /lib/systemd/system/haproxy.service and also /etc/init.d/haproxy were installed. I think systemd is managing haproxy. But I've read that I'm not supposed to modify the installed haproxy.service.
I copied haproxy.service to /etc/systemd/system/ and edited it there. The changes I made were not picked up when I ran sudo systemctl daemon-reload; sudo service haproxy restart.
Which file do I need to modify and then get systemd to recognize the changes? TIA
As you suspected, you should not edit the unit-files (provided by the OS packager) directly. You can supply a drop-in-snippet using the command
systemctl edit haproxy
and customize the relevant directives (ExecStart)
I have a docker daemon/engine running inside guest (Ubuntu) virtual machine
and as per Docker Tooling for Eclipse instruction I had downloaded and setup the plugin in Eclipse Mars on my host Mac OS machine.
How do I connect to Docker running in guest VM from the host machine IDE.
As per instructions, I would need to enter TCP and authentication so how do I get these details to setup the connection?
I had tried with guest OS IP (i.e. tcp://127.0.0.1:2376 output of ifconfig command with local host IP) but was not able to connect.
Here are the steps I used to get Docker Tooling working in Eclipse Neon on Windows.
Open the Docker Quickstart Terminal
Execute docker-machine ls
Copy the URL (e.g. tcp://192.168.99.100:2376)
Click the Add Connection button in the toolbar for Docker Explorer
Provide a Connection name:
Select TCP Connection
Paste the above URL into the URI: edit box
Change tcp to https in the edit box
Select Enable authentication
Set the path to C:\Users\username\.docker\machine\certs
Click on Test Connection to verify
There are two parts to this. First, enabling the TCP socket (which I'll answer). Then, setting TLS authentication on the socket (which I'll link to but won't cover). The first part should get you up.
You'll need to edit the DOCKER_OPTS settings in /etc/default/docker in the VM. Edit this file and set DOCKER_OPTS to something like:
DOCKER_OPTS="-H tcp://0.0.0.0:2376 -H unix://"
Then, restart Docker (sudo service docker restart). This should get you a TCP connection that you can put in your Eclipse settings as:
tcp://10.0.2.15:2376
The second part (which is optional at this point) would be setting up the CA and certificates per https://docs.docker.com/engine/articles/https/. But I'd actually recommend just installing Docker Machine and provisioning your VM that way as it will create the needed certificates for you. Then, if your machine was named dev, you just point the authentication dir to ~/.docker/machine/machines/dev.
If Docker Daemon is running(i.e docker desktop running) in window task bar , not inside the VM , just get the URI from its context menu setting. In eclipse docker tooling perspective , we can connect to running docker daemon only by providing the URI.