At the project I am at now, we have Github Enterprise set up behind a VPN, so I use OpenVPN to connect with my desktop (Ubuntu 14.04 LTS), but when I try to build with Docker (using Centos6) I always get ssh: Could not resolve hostname github.xxx.xxx: Name or service not known.

I've looked at the Docker documentation, but it looks that it is only solving problem using Proxy or a Bridge, and Google only returns answers on how I can set up OpenVPN on a Docker image.

So then I turn to Stackoverflow and hope for an answer on how I can run sudo docker build image and get it to use my VPN to clone from Github.

Also, our Mac users have installed Boot2Docker, and have no problems building the image.

I tried all kinds of things, in the end the simplest thins helped on Ubuntu 18.04. Stoping and starting docker deamon.

Prerequisites: VPN off

sudo systemctl stop docker

---> Start VPN

sudo systemctl start docker

Hope will help someone.

If I understood you correctly, you'd like to access an svn repository through the VPN during the build of the docker image, i.e. one of the instructions of the Dockerfile must resolve the hostname.

If your problem is related to the domain name resolution, you can use the --add-host option (see the doc) to docker-build to explicitly map the IP to the relevant hostname. Note that it might require a relatively high docker version.

docker build --add-host host_name:host_IP .

See the useful related post as well.

It's likely one of two issues:

1) DNS

2) Your desktop's routing table

My specific case (also Ubuntu 14.04) turned out to be routing tables. That's what I go through below.

To factor out if DNS is a problem, can you successfully ping an IP from inside your container?

docker run -i -t ubuntu:14.04 /bin/bash                                                
root@44445bfefc4e:/# ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=54 time=76.1 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=54 time=75.6 ms

If that works and your containers still can't reach out while you're connected to the VPN, look at your routes.

Disconnect from the VPN and inspect your routes with route. Here's my output as an example:

Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
default         DD-WRT          0.0.0.0         UG    0      0        0 wlan0
172.17.0.0      *               255.255.0.0     U     0      0        0 docker0
192.168.1.0     *               255.255.255.0   U     9      0        0 wlan0
192.168.122.0   *               255.255.255.0   U     0      0        0 virbr0

In there, you'll see Docker's network (172.17.0.0).

Now, connect to your VPN and re-issue the command. Your mileage may vary, but what I found was a duplicate entry in the route table:

172.17.0.0      *               255.255.0.0     U     0      0        0 vpn0
172.17.0.0      *               255.255.0.0     U     0      0        0 docker0

The server was pushing a duplicate route!

In my case, I didn't need those routes to successfully navigate the VPN, so I found a way of disabling them. I use OpenVPN, so I drilled down in the settings in the dialog and checked the 'Ignore automatically obtained routes'.

That image is from this blog post.

Once I checked that and reconnected to the VPN, I no longer had the duplicate entry and my Docker containers were able to connect to the Internet and to hosts inside the VPN.