Browse code
Respect ALL_PROXY during registry operations
Use sockets.DialerFromEnvironment, as is done in other places,
to transparently support SOCKS proxy config from ALL_PROXY
environment variable.
Requires the *engine* have the ALL_PROXY env var set, which
doesn't seem ideal. Maybe it should be a CLI option somehow?
Only tested with push and a v2 registry so far. I'm happy to look
further into testing more broadly, but I wanted to get feedback on
the general idea first.
Signed-off-by: Brett Higgins <brhiggins@arbor.net>
Brett Higgins authored on 2016/04/25 20:54:48Showing 2 changed files
| ... | ... |
@@ -15,6 +15,7 @@ import ( |
| 15 | 15 |
"github.com/docker/docker/dockerversion" |
| 16 | 16 |
"github.com/docker/docker/registry" |
| 17 | 17 |
"github.com/docker/engine-api/types" |
| 18 |
+ "github.com/docker/go-connections/sockets" |
|
| 18 | 19 |
"golang.org/x/net/context" |
| 19 | 20 |
) |
| 20 | 21 |
|
| ... | ... |
@@ -43,20 +44,27 @@ func NewV2Repository(ctx context.Context, repoInfo *registry.RepositoryInfo, end |
| 43 | 43 |
repoName = repoInfo.RemoteName() |
| 44 | 44 |
} |
| 45 | 45 |
|
| 46 |
+ direct := &net.Dialer{
|
|
| 47 |
+ Timeout: 30 * time.Second, |
|
| 48 |
+ KeepAlive: 30 * time.Second, |
|
| 49 |
+ DualStack: true, |
|
| 50 |
+ } |
|
| 51 |
+ |
|
| 46 | 52 |
// TODO(dmcgowan): Call close idle connections when complete, use keep alive |
| 47 | 53 |
base := &http.Transport{
|
| 48 |
- Proxy: http.ProxyFromEnvironment, |
|
| 49 |
- Dial: (&net.Dialer{
|
|
| 50 |
- Timeout: 30 * time.Second, |
|
| 51 |
- KeepAlive: 30 * time.Second, |
|
| 52 |
- DualStack: true, |
|
| 53 |
- }).Dial, |
|
| 54 |
+ Proxy: http.ProxyFromEnvironment, |
|
| 55 |
+ Dial: direct.Dial, |
|
| 54 | 56 |
TLSHandshakeTimeout: 10 * time.Second, |
| 55 | 57 |
TLSClientConfig: endpoint.TLSConfig, |
| 56 | 58 |
// TODO(dmcgowan): Call close idle connections when complete and use keep alive |
| 57 | 59 |
DisableKeepAlives: true, |
| 58 | 60 |
} |
| 59 | 61 |
|
| 62 |
+ proxyDialer, err := sockets.DialerFromEnvironment(direct) |
|
| 63 |
+ if err == nil {
|
|
| 64 |
+ base.Dial = proxyDialer.Dial |
|
| 65 |
+ } |
|
| 66 |
+ |
|
| 60 | 67 |
modifiers := registry.DockerHeaders(dockerversion.DockerUserAgent(ctx), metaHeaders) |
| 61 | 68 |
authTransport := transport.NewTransport(base, modifiers...) |
| 62 | 69 |
|
| ... | ... |
@@ -16,6 +16,7 @@ import ( |
| 16 | 16 |
|
| 17 | 17 |
"github.com/Sirupsen/logrus" |
| 18 | 18 |
"github.com/docker/distribution/registry/client/transport" |
| 19 |
+ "github.com/docker/go-connections/sockets" |
|
| 19 | 20 |
"github.com/docker/go-connections/tlsconfig" |
| 20 | 21 |
) |
| 21 | 22 |
|
| ... | ... |
@@ -165,16 +166,25 @@ func NewTransport(tlsConfig *tls.Config) *http.Transport {
|
| 165 | 165 |
var cfg = tlsconfig.ServerDefault |
| 166 | 166 |
tlsConfig = &cfg |
| 167 | 167 |
} |
| 168 |
- return &http.Transport{
|
|
| 169 |
- Proxy: http.ProxyFromEnvironment, |
|
| 170 |
- Dial: (&net.Dialer{
|
|
| 171 |
- Timeout: 30 * time.Second, |
|
| 172 |
- KeepAlive: 30 * time.Second, |
|
| 173 |
- DualStack: true, |
|
| 174 |
- }).Dial, |
|
| 168 |
+ |
|
| 169 |
+ direct := &net.Dialer{
|
|
| 170 |
+ Timeout: 30 * time.Second, |
|
| 171 |
+ KeepAlive: 30 * time.Second, |
|
| 172 |
+ DualStack: true, |
|
| 173 |
+ } |
|
| 174 |
+ |
|
| 175 |
+ base := &http.Transport{
|
|
| 176 |
+ Proxy: http.ProxyFromEnvironment, |
|
| 177 |
+ Dial: direct.Dial, |
|
| 175 | 178 |
TLSHandshakeTimeout: 10 * time.Second, |
| 176 | 179 |
TLSClientConfig: tlsConfig, |
| 177 | 180 |
// TODO(dmcgowan): Call close idle connections when complete and use keep alive |
| 178 | 181 |
DisableKeepAlives: true, |
| 179 | 182 |
} |
| 183 |
+ |
|
| 184 |
+ proxyDialer, err := sockets.DialerFromEnvironment(direct) |
|
| 185 |
+ if err == nil {
|
|
| 186 |
+ base.Dial = proxyDialer.Dial |
|
| 187 |
+ } |
|
| 188 |
+ return base |
|
| 180 | 189 |
} |