Use a web proxy

Estimated reading time: 1 minute

Docker Trusted Registry makes outgoing connections to check for new versions, automatically renew its license, and update its vulnerability database. If DTR can’t access the internet, then you’ll have to manually apply updates.

One option to keep your environment secure while still allowing DTR access to the internet is to use a web proxy. If you have an HTTP or HTTPS proxy, you can configure DTR to use it. To avoid downtime you should do this configuration outside business peak hours.

As an administrator, log into a node where DTR is deployed, and run:

docker run -it --rm \
  docker/dtr:2.5.2 reconfigure \
  --http-proxy http://<domain>:<port> \
  --https-proxy https://<doman>:<port> \
  --ucp-insecure-tls

To confirm how DTR is configured, check the Settings page on the web UI.

DTR settings

If by chance the web proxy requires authentication you can submit the username and password, in the command, as shown below:

docker run -it --rm \
  docker/dtr:2.5.2 reconfigure \
  --http-proxy username:password@<domain>:<port> \
  --https-proxy username:password@<doman>:<port> \
  --ucp-insecure-tls

NOTE: DTR will hide the password portion of the URL, when it is displayed in the DTR UI.

Where to go next

dtr, configure, http, proxy