Question

When a Docker daemon needs to pull images from external registries in a network that uses a proxy, which configuration file is modified to set these proxy details for the daemon?

Accepted Answer

When a Docker daemon needs to pull images from external registries in a network that uses a proxy, the configuration file modified to set these proxy details for the daemon is typically a systemd drop-in configuration file for the `docker.service` unit. A common path for this file is `/etc/systemd/system/docker.service.d/http-proxy.conf`, though the specific filename within the `docker.service.d` directory can vary as long as it ends with `.conf`. This approach is used because the Docker daemon, which is the persistent background process that manages Docker containers, images, volumes, and networks, runs as a systemd service on most Linux distributions. For the daemon&#x27;s general outbound connections, including pulling images from remote Docker registries like Docker Hub or private registries, it relies on standard proxy environment variables. A proxy is an intermediary server that routes network traffic, often used for security, monitoring, or to access the internet from a restricted network. To configure the Docker daemon to use a proxy, these environment variables—`HTTP_PROXY`, `HTTPS_PROXY`, and `NO_PROXY`—are set within the `[Service]` section of the systemd drop-in file. For example, the file content might include lines like `Environment="HTTP_PROXY=http://proxy.example.com:8080/"` and `Environment="HTTPS_PROXY=http://proxy.example.com:8080/"`. The `NO_PROXY` environment variable specifies a comma-separated list of hostnames or IP addresses for which the proxy should be bypassed. After creating or modifying this file, the systemd configuration must be reloaded using `sudo systemctl daemon-reload`, and the Docker daemon must be restarted with `sudo systemctl restart docker` for the changes to take effect. This ensures that the Docker daemon process inherits these environment variables, directing all its subsequent outbound HTTP and HTTPS requests, including image pull operations, through the specified proxy server.

Home → All Courses → Engineering and Technology Courses → Docker Certified Associate (DCA) → Flashcard

When a Docker daemon needs to pull images from external registries in a network that uses a proxy, which configuration file is modified to set these proxy details for the daemon?