Use a web proxy

Estimated reading time: 1 minute

This topic applies to Docker Enterprise.

The Docker Enterprise platform business, including products, customers, and employees, has been acquired by Mirantis, inc., effective 13-November-2019. For more information on the acquisition and how it may affect you and your business, refer to the Docker Enterprise Customer FAQ.

Docker Trusted Registry makes outgoing connections to check for new versions, automatically renew its license, and update its vulnerability database. If DTR can’t access the internet, then you’ll have to manually apply updates.

One option to keep your environment secure while still allowing DTR access to the internet is to use a web proxy. If you have an HTTP or HTTPS proxy, you can configure DTR to use it. To avoid downtime you should do this configuration outside business peak hours.

As an administrator, log into a node where DTR is deployed, and run:

docker run -it --rm \
  docker/dtr:2.7.4 reconfigure \
  --http-proxy http://<domain>:<port> \
  --https-proxy https://<doman>:<port> \
  --ucp-insecure-tls

To confirm how DTR is configured, check the Settings page on the web UI.

DTR settings

If by chance the web proxy requires authentication you can submit the username and password, in the command, as shown below:

docker run -it --rm \
  docker/dtr:2.7.4 reconfigure \
  --http-proxy username:password@<domain>:<port> \
  --https-proxy username:password@<doman>:<port> \
  --ucp-insecure-tls

Note: DTR will hide the password portion of the URL, when it is displayed in the DTR UI.

Where to go next

dtr, configure, http, proxy