I’m am fairly new to docker, to please bear with me
I am running Docker Desktop 3.5.2 on a Windows 2019 Server, which operates behind a corporate proxy. I have set up the proxy address and credentials under Settings->Ressources->Proxies, and within system and user environment variables. The Docker Subnet ist configured as 192.168.65.0/28, and the DNS is set to 10.1.10.10, the primary DNS of the server.
When I try to pull ANY image, I get the following error message:
Using default tag: latest
Error response from daemon: Get https://registry-1.docker.io/v2/: proxyconnect tcp: dial tcp: lookup http on 192.168.65.5:53: read udp 192.168.65.4:62744->192.168.65.5:53: i/o timeout
This seems to be some kind of DNS problem, but I don’t know why. I do not fully understand how a DNS query for registry-1.docker.io fails within docker when it can be resolved within windows:
Also, why is the DNS query coming from the Docker Subnet , and is it forrwarded through the Windows server ? I feel like I am missing some key point of understanding here.
Docker heavily depends on Linux kernel features. This is why Docker Desktop on Windows/Mac always depends on a linux vm (for the sake of consitancy Docker Desktop for Linux does use a linxu vm as well) that runs the actualy docker-engine, regardless if you use Windows System for Linux version 1 (runs a vm in hyper-v) or 2 (runs all distributions on a shared vm using the virtual computer platform feature). The wsl1 vm /wsl2 distribution that actualy runs the docker-engine must also be able to access the dns server in order to pull images
If you used wsl2, you should be able to access the docker-desktop distributions using the command wsl -d docker-desktop. Then troubleshoot from inside the distribution why dns issues happen.
" The wsl1 vm /wsl2 distribution that actualy runs the docker-engine must also be able to access the dns server in order to pull images"
Ok that makes sense. I cannot use WSL2 since it is not supported on windows Server 2019, so I’m using the “old way”.
How do I achieve that though ? Is the default DNS Server 8.8.8.8 for that or does it use the one I specify in the settings ? Also, I asume this is routed over the specified proxy, so the proxy has have port 53 open for outbound connections, correct ?
I Those are questions for someone else to answer. I am neiter using Windows Server, nor Docker Desktop with WSL1 - I could only assist with WSl2 to some degree. Personaly I use Docker-CE in WSL2 directly.
I am not sure this helps or even necessary, because Docker should know that tre traffic to these IP addresses should not go thorugh the proxy, but it is worth a try.
