Docker container and host network VPN

Docker Desktop
,
1

Hi all.
I’m trying to set up docker in such a way that containers have access to vpn resources that are connected to the host machine.
I have a macbook pro m1 max (2021), the network configuration is like this (I hid extra network devices, utun3 VPN network)::

morohon@morohon-mbp ~ % ifconfig 
lo0: flags=8049<UP,LOOPBACK,RUNNING,MULTICAST> mtu 16384
	options=1203<RXCSUM,TXCSUM,TXSTATUS,SW_TIMESTAMP>
	inet 127.0.0.1 netmask 0xff000000 
	inet6 ::1 prefixlen 128 
	inet6 fe80::1%lo0 prefixlen 64 scopeid 0x1 
	nd6 options=201<PERFORMNUD,DAD>
utun3: flags=8051<UP,POINTOPOINT,RUNNING,MULTICAST> mtu 1350
	inet 172.17.33.81 --> 172.17.33.80 netmask 0xffffff00

The docker daemon has the following configuration:

{
  "builder": {
    "gc": {
      "defaultKeepStorage": "20GB",
      "enabled": true
    }
  },
  "default-address-pools": [
    {
      "base": "10.10.0.0/16",
      "size": 24
    }
  ],
  "experimental": false,
  "features": {
    "buildkit": true
  }
}

For storage of images own registry (harbor) is used. If I run the command:

docker build . -t test-app

Then I get the correct assembly of the application and the absence of network problems.But if I do the same build with the command:

docker buildx build .

then in the log I get an error like:

Dockerfile:1
--------------------
   1 | >>> FROM custom-harbor.ru/library/openjdk:17.0-jdk-for-build as build
--------------------
ERROR: failed to solve: custom-harbor.ru/library/openjdk:17.0-jdk-for-build: failed to do request: Head "https://custom-harbor.ru/v2/library/openjdk/manifests/17.0-jdk-for-build": x509: certificate signed by unknown authority

The error says that there are problems with certificates, but in fact if you go into the container and try to ping the registry, we get an error (DNS is not detected), and if you do a traceroute to the IP address, then it goes to the gateway docker network and thats all.

/ # ping custom-harbor.ru
ping: bad address 'custom-harbor.ru'
/ # ping 172.17.116.24
PING 172.17.116.24 (172.17.116.24): 56 data bytes
^C
--- 172.17.116.24 ping statistics ---
12 packets transmitted, 0 packets received, 100% packet loss
/ # traceroute 172.17.116.24
traceroute to 172.17.116.24 (172.17.116.24), 30 hops max, 46 byte packets
 1  10.10.0.1 (10.10.0.1)  0.007 ms  0.006 ms  0.005 ms
 2  *  *  *
/ # ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
2: tunl0@NONE: <NOARP> mtu 1480 qdisc noop state DOWN qlen 1000
    link/ipip 0.0.0.0 brd 0.0.0.0
3: ip6tnl0@NONE: <NOARP> mtu 1452 qdisc noop state DOWN qlen 1000
    link/tunnel6 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00 brd 00:00:00:00:00:00:00:00:00:00:00:00:00:00:00:00
6: eth0@if7: <BROADCAST,MULTICAST,UP,LOWER_UP,M-DOWN> mtu 1500 qdisc noqueue state UP 
    link/ether 02:42:0a:0a:00:02 brd ff:ff:ff:ff:ff:ff
    inet 10.10.0.2/24 brd 10.10.0.255 scope global eth0
       valid_lft forever preferred_lft forever

Please tell me what needs to be configured on my mac so that docker containers can see the resources connected using vpn on the host machine.

Result of command diagnostic:

morohon@morohon-mbp ~ % /Applications/Docker.app/Contents/MacOS/com.docker.diagnose check                             
[2023-04-04T14:32:07.412222000Z][com.docker.diagnose][I] set path configuration to OnHost
Starting diagnostics

[PASS] DD0027: is there available disk space on the host?
[PASS] DD0028: is there available VM disk space?
[PASS] DD0018: does the host support virtualization?
[PASS] DD0001: is the application running?
[PASS] DD0017: can a VM be started?
[PASS] DD0016: is the LinuxKit VM running?
[PASS] DD0011: are the LinuxKit services running?
[PASS] DD0004: is the Docker engine running?
[PASS] DD0015: are the binary symlinks installed?
[PASS] DD0031: does the Docker API work?
[PASS] DD0013: is the $PATH ok?
[PASS] DD0003: is the Docker CLI working?
[PASS] DD0038: is the connection to Docker working?
[PASS] DD0014: are the backend processes running?
[PASS] DD0007: is the backend responding?
[PASS] DD0008: is the native API responding?
[PASS] DD0009: is the vpnkit API responding?
[PASS] DD0010: is the Docker API proxy responding?
[SKIP] DD0030: is the image access management authorized?
[PASS] DD0033: does the host have Internet access?
[PASS] DD0018: does the host support virtualization?
[PASS] DD0001: is the application running?
[PASS] DD0017: can a VM be started?
[PASS] DD0016: is the LinuxKit VM running?
[PASS] DD0011: are the LinuxKit services running?
[PASS] DD0004: is the Docker engine running?
[PASS] DD0015: are the binary symlinks installed?
[PASS] DD0031: does the Docker API work?
[PASS] DD0032: do Docker networks overlap with host IPs?
No fatal errors detected.

i use Docker for MAC v. 4.17.0 (99724)

morohon@morohon-mbp ~ % docker version 
Client:
 Cloud integration: v1.0.31
 Version:           20.10.23
 API version:       1.41
 Go version:        go1.18.10
 Git commit:        7155243
 Built:             Thu Jan 19 17:35:19 2023
 OS/Arch:           darwin/arm64
 Context:           default
 Experimental:      true

Server: Docker Desktop 4.17.0 (99724)
 Engine:
  Version:          20.10.23
  API version:      1.41 (minimum version 1.12)
  Go version:       go1.18.10
  Git commit:       6051f14
  Built:            Thu Jan 19 17:31:28 2023
  OS/Arch:          linux/arm64
  Experimental:     false
 containerd:
  Version:          1.6.18
  GitCommit:        2456e983eb9e37e47538f59ea18f2043c9a73640
 runc:
  Version:          1.1.4
  GitCommit:        v1.1.4-0-g5fd4c4d
 docker-init:
  Version:          0.19.0
  GitCommit:        de40ad0