cli icon indicating copy to clipboard operation
cli copied to clipboard
verified publisher icon docker

Proxy config is unable to distinguish ssh type target daemon host

Open jasonqsong opened this issue 1 year ago • 0 comments

Description

The docker cli docs about proxy config says that

To configure the proxies for individual daemons, use the address of the daemon instead of the default key.

However, when setting ssh target, the configuration is not effective because the client is constructed by the ssh connection helper, which force the daemon target to be "http://docker.example.com"

See https://github.com/docker/cli/blob/9f9e4058019a37304dc6572ffcbb409d529b59d8/cli/connhelper/connhelper.go#L59

Thus the config parser is unable to find the real ssh target.

See https://github.com/docker/cli/blob/9f9e4058019a37304dc6572ffcbb409d529b59d8/cli/config/configfile/file.go#L186

Since the phantom "http://docker.example.com" host is not requested, I wonder if we can simply put the real ssh target here for proxy config parser to pick up? Thanks for considering!

Reproduce

  1. Put the proxy config specific for an ssh target at ~/.docker/config.json
{
 "proxies": {
   "default": {
     "httpProxy": "http://proxy.example.com"
   },
   "ssh://daemon2.example.com": {
     "httpProxy": "http://proxy2.example.com"
   }
 }
}
  1. Start with DOCKER_HOST=ssh://daemon2.example.com docker run --rm -it ubuntu:latest
  2. Check with env, expect HTTP_PROXY=proxy2 but see HTTP_PROXY=proxy

Expected behavior

No response

docker version

Client:
 Version:           27.1.1
 API version:       1.46
 Go version:        go1.21.12
 Git commit:        6312585
 Built:             Tue Jul 23 19:55:52 2024
 OS/Arch:           linux/amd64
 Context:           default

Server: Docker Engine - Community
 Engine:
  Version:          27.5.1
  API version:      1.47 (minimum version 1.24)
  Go version:       go1.22.11
  Git commit:       4c9b3b0
  Built:            Wed Jan 22 13:41:09 2025
  OS/Arch:          linux/amd64
  Experimental:     false
 containerd:
  Version:          1.7.25
  GitCommit:        bcc810d6b9066471b0b6fa75f557a15a1cbf31bb
 runc:
  Version:          1.2.4
  GitCommit:        v1.2.4-0-g6c52b3f
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0

docker info

Client:
 Version:    27.1.1
 Context:    default
 Debug Mode: false
 Plugins:
  buildx: Docker Buildx (Docker Inc.)
    Version:  v0.16.1-desktop.1
    Path:     /usr/local/lib/docker/cli-plugins/docker-buildx
  compose: Docker Compose (Docker Inc.)
    Version:  v2.29.1-desktop.1
    Path:     /usr/local/lib/docker/cli-plugins/docker-compose
  debug: Get a shell into any image or container (Docker Inc.)
    Version:  0.0.34
    Path:     /usr/local/lib/docker/cli-plugins/docker-debug
  dev: Docker Dev Environments (Docker Inc.)
    Version:  v0.1.2
    Path:     /usr/local/lib/docker/cli-plugins/docker-dev
  extension: Manages Docker extensions (Docker Inc.)
    Version:  v0.2.25
    Path:     /usr/local/lib/docker/cli-plugins/docker-extension
  feedback: Provide feedback, right in your terminal! (Docker Inc.)
    Version:  v1.0.5
    Path:     /usr/local/lib/docker/cli-plugins/docker-feedback
  init: Creates Docker-related starter files for your project (Docker Inc.)
    Version:  v1.3.0
    Path:     /usr/local/lib/docker/cli-plugins/docker-init
  sbom: View the packaged-based Software Bill Of Materials (SBOM) for an image (Anchore Inc.)
    Version:  0.6.0
    Path:     /usr/local/lib/docker/cli-plugins/docker-sbom
  scout: Docker Scout (Docker Inc.)
    Version:  v1.11.0
    Path:     /usr/local/lib/docker/cli-plugins/docker-scout

Server:
 Containers: 2
  Running: 1
  Paused: 0
  Stopped: 1
 Images: 16
 Server Version: 27.5.1
 Storage Driver: overlay2
  Backing Filesystem: extfs
  Supports d_type: true
  Using metacopy: false
  Native Overlay Diff: true
  userxattr: false
 Logging Driver: json-file
 Cgroup Driver: systemd
 Cgroup Version: 2
 Plugins:
  Volume: local
  Network: bridge host ipvlan macvlan null overlay
  Log: awslogs fluentd gcplogs gelf journald json-file local splunk syslog
 Swarm: inactive
 Runtimes: runc io.containerd.runc.v2
 Default Runtime: runc
 Init Binary: docker-init
 containerd version: bcc810d6b9066471b0b6fa75f557a15a1cbf31bb
 runc version: v1.2.4-0-g6c52b3f
 init version: de40ad0
 Security Options:
  seccomp
   Profile: builtin
  cgroupns
 Kernel Version: 5.14.0-503.22.1.el9_5.x86_64
 Operating System: Rocky Linux 9.5 (Blue Onyx)
 OSType: linux
 Architecture: x86_64
 CPUs: 2
 Total Memory: 1.733GiB
 Name: VM-16-13-rockylinux
 ID: 0a905a3b-fb46-44ec-886a-2955e03dba1c
 Docker Root Dir: /var/lib/docker
 Debug Mode: false
 Experimental: false
 Insecure Registries:
  127.0.0.0/8
 Live Restore Enabled: false

Additional Info

No response

jasonqsong avatar Feb 04 '25 21:02 jasonqsong