首先,需要一个socks5的代理地址。
然后修改文件中的service部分,增加三行代理内容,然后重启docker服务。
cat <<'EOF'>/usr/lib/systemd/system/docker.service
[Unit]
Description=Docker Application Container Engine
Documentation=https://docs.docker.com
After=network-online.target docker.socket firewalld.service containerd.service time-set.target
Wants=network-online.target containerd.service
Requires=docker.socket
[Service]
Type=notify
# the default is not to use systemd for cgroups because the delegate issues still
# exists and systemd currently does not support the cgroup feature set required
# for containers run by docker
ExecStart=/usr/bin/dockerd -H fd:// --containerd=/run/containerd/containerd.sock
ExecReload=/bin/kill -s HUP $MAINPID
TimeoutStartSec=0
RestartSec=2
Restart=always
Environment="HTTP_PROXY=socks5://192.168.124.139:47891"
Environment="HTTPS_PROXY=socks5://192.168.124.139:47891"
Environment="SOCKS_PROXY=socks5://192.168.124.139:47891"
Environment="NO_PROXY=localhost,127.0.0.0/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8"
# Note that StartLimit* options were moved from "Service" to "Unit" in systemd 229.
# Both the old, and new location are accepted by systemd 229 and up, so using the old location
# to make them work for either version of systemd.
StartLimitBurst=3
# Note that StartLimitInterval was renamed to StartLimitIntervalSec in systemd 230.
# Both the old, and new name are accepted by systemd 230 and up, so using the old name to make
# this option work for either version of systemd.
StartLimitInterval=60s
# Having non-zero Limit*s causes performance problems due to accounting overhead
# in the kernel. We recommend using cgroups to do container-local accounting.
LimitNOFILE=infinity
LimitNPROC=infinity
LimitCORE=infinity
# Comment TasksMax if your systemd version does not support it.
# Only systemd 226 and above support this option.
TasksMax=infinity
# set delegate yes so that systemd does not reset the cgroups of docker containers
Delegate=yes
# kill only the docker process, not all processes in the cgroup
KillMode=process
OOMScoreAdjust=-500
[Install]
WantedBy=multi-user.target
EOF
systemctl daemon-reload
systemctl restart docker
或者直接使用如下命令:
sed -i '/\[Service\]/a Environment="HTTP_PROXY=socks5://192.168.124.139:47891"' /usr/lib/systemd/system/docker.service
sed -i '/\[Service\]/a Environment="HTTPS_PROXY=socks5://192.168.124.139:47891"' /usr/lib/systemd/system/docker.service
sed -i '/\[Service\]/a Environment="SOCKS_PROXY=socks5://192.168.124.139:47891"' /usr/lib/systemd/system/docker.service
sed -i '/\[Service\]/a Environment="NO_PROXY=localhost,127.0.0.0/8,192.168.0.0/16,172.16.0.0/12,10.0.0.0/8"' /usr/lib/systemd/system/docker.service
/bin/cp /usr/lib/systemd/system/docker.service /etc/systemd/system/docker.service
注意,在systemd的各种配置优先级中,有如下规则
/etc/systemd/system/(优先级最高)
/run/systemd/system/
/usr/lib/systemd/system/(优先级最低)