Build docker behind VPN

I tried all kinds of things, in the end the simplest thins helped on Ubuntu 18.04. Stoping and starting docker deamon.

Prerequisites: VPN off

sudo systemctl stop docker---> Start VPNsudo systemctl start docker

Hope will help someone.

If I understood you correctly, you'd like to access an svn repository through the VPN during the build of the docker image, i.e. one of the instructions of the Dockerfile must resolve the hostname.

If your problem is related to the domain name resolution, you can use the --add-host option (see the doc) to docker-build to explicitly map the IP to the relevant hostname. Note that it might require a relatively high docker version.

docker build --add-host host_name:host_IP .

See the useful related post as well.

It's likely one of two issues:

1) DNS

2) Your desktop's routing table

My specific case (also Ubuntu 14.04) turned out to be routing tables. That's what I go through below.

To factor out if DNS is a problem, can you successfully ping an IP from inside your container?

docker run -i -t ubuntu:14.04 /bin/bash                                                root@44445bfefc4e:/# ping 8.8.8.8PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.64 bytes from 8.8.8.8: icmp_seq=1 ttl=54 time=76.1 ms64 bytes from 8.8.8.8: icmp_seq=2 ttl=54 time=75.6 ms

If that works and your containers still can't reach out while you're connected to the VPN, look at your routes.

Disconnect from the VPN and inspect your routes with route. Here's my output as an example:

Destination     Gateway         Genmask         Flags Metric Ref    Use Ifacedefault         DD-WRT          0.0.0.0         UG    0      0        0 wlan0172.17.0.0      *               255.255.0.0     U     0      0        0 docker0192.168.1.0     *               255.255.255.0   U     9      0        0 wlan0192.168.122.0   *               255.255.255.0   U     0      0        0 virbr0

In there, you'll see Docker's network (172.17.0.0).

Now, connect to your VPN and re-issue the command. Your mileage may vary, but what I found was a duplicate entry in the route table:

172.17.0.0      *               255.255.0.0     U     0      0        0 vpn0172.17.0.0      *               255.255.0.0     U     0      0        0 docker0

The server was pushing a duplicate route!

In my case, I didn't need those routes to successfully navigate the VPN, so I found a way of disabling them. I use OpenVPN, so I drilled down in the settings in the dialog and checked the 'Ignore automatically obtained routes'.

That image is from this blog post.

Once I checked that and reconnected to the VPN, I no longer had the duplicate entry and my Docker containers were able to connect to the Internet and to hosts inside the VPN.