I am behind a corporate proxy. In order to use Docker Containers from all over the internet without setting http_proxy or https_proxy I am using nclarier/redsocks docker container.
If I use it by running docker run --privileged=true --net=host -d ncarlier/redsocks proxy.domain.com 8080 and then running another container for example docker run -it ubuntu bash and then executing curl google.com inside of the ubuntu container everything is fine.
But if I use the containers with docker-compose the second container has no internet access/does not use the proxy server.
Here is the yaml:
version: '3'
services:
proxy:
image: ncarlier/redsocks
command: proxy.domain.com 8080
privileged: true
network_mode: "host"
othercontainer:
image: ubuntu
depends_on:
- "proxy"
network_mode: "host"
stdin_open: true
tty: true
Does Docker compose does something different? Does it need some special attributes? Nclarier/redsocks image uses iptables to route the traffic I highly suspect that as the breaking point.
Well the problem itself had nothing to do with docker-compose, it just surfaced it.
docker-compose creates its own bridge network for the containers it spins up, even if you do not specify it.
The nclarier/redsocks image creates iptable rules in order to route the traffic through its proxy, it does this by specifying an interface - docker0 which happens to be the bridge network.
If you don't specify an interface everything is fine. All traffic, from every network that has access to the internet gets routed through the redsocks proxy.
I've created a PR for the image and hope that this also helps others.