How to make Docker work in China

Source: Dev.to

Overview

When traveling in China, Docker may be unable to download images from Docker Hub, even when using a VPN. A practical workaround is to set up an AWS EC2 instance as a proxy server located outside of the restricted network.

Set Up an EC2 Proxy Server

1. Launch an EC2 instance (e.g., a t2.micro for personal use).
2. Ensure the instance is in a region that can access Docker Hub without restrictions.
3. Open the SSH port (22) and the proxy port (3128) in the security group.

Install and Start Squid

sudo yum update -y
sudo yum install squid -y
sudo systemctl start squid
sudo systemctl enable squid

Squid listens on port 3128 by default.

Configure Squid

Edit the configuration file:

sudo vi /etc/squid/squid.conf

Locate the line:

http_access deny all

and change it to:

http_access allow all

Security note: For a more secure setup, replace allow all with specific IP address ranges that you want to permit.

After editing, restart Squid:

sudo systemctl restart squid

Test the Proxy Server

Run a curl command through the proxy to verify it works:

curl -x http://:3128 https://whatismyipaddress.com/

You should see the public IP address of your EC2 instance.

Configure Docker to Use the Proxy

In Docker Desktop (macOS example), go to Settings → Resources → Proxies and fill in the following fields:

• HTTP server: http://:3128
• HTTPS server: http://:3128
• Bypass proxy settings for these: registry-1.docker.com,*.docker.com,10.0.0.0/8

The exact steps may differ on other operating systems or Docker installations; adjust accordingly.

Verify Docker Connectivity

Try pulling an image:

docker pull hello-world

If the pull succeeds, Docker is now routing traffic through your proxy.

Cleanup

When you no longer need the proxy, stop or terminate the EC2 instance to avoid unwanted charges.