#Dagger engine won't start with proxy set up

Hello! I am trying to run basic dagger pipeline but I'm stuck at the very beginning. Locally, I am using MacOS and everything works flawlessly. But we also have a development server with much more power therefore making the builds faster. Anyway, I installed dagger on both of this devices and on this development server there is proxy set up making issues when starting dagger engine. I try to run simply dagger functions -vvv.
The error message I get is this:
Error: start engine: attach to telemetry: context deadline exceeded. I saw that dagger engine is sending telemetry to dagger.io.

Can you please tell me which endpoints is it trying to reach when starting dagger engine so that I can add them to no_proxy environment variable?

Additionally, I tried to set up DO_NOT_TRACK=1 to avoid sending telemetry just for testing purposes but it didn't help.

Or do you have some other idea what could I be doing wrong?

Hey Fran, I am afraid you may be getting bit by some of the issues here: https://github.com/dagger/dagger/issues/6599

Unfortunately there is no clean workaround right now for the latest version of dagger with modules but we are working on it.

@hard shale separately from our telemetry server, would you proxy typically block access to external docker registries? If so, that's probably 2 distinct problems. Possibly a third is accessing python, go or typescript package registries (depending on the SDK you plan to use)

Worth checking at work side of things, if anything gets blocked, i had to get my networking team to open up the firewall from an aws account so dagger could actually run for me (locally it was working fine)

thank you guys for the answers.
To use jenkins I have to connected to VPN.

@tawdry pelican , thanks for this link. This is very valuable information. Do you have any idea when is it planned to be implemented?

@south cipher thank you for your question. I wasn't aware how it worked but I asked a team in charge.
On the node itself there are proxy no restrictions to access external docker registries.
But one cannot access them from within a container, which is the case here as the dagger engine itself is a container.
You also mentioned SDK, I'd like to use go SDK. That's the step I expect tu stumble upon issues when calling some go Functions.
I assume I need to add daggerverse as well to be able to pull other modules.

I there a way of making the dagger engine startup more verbose?

@fervent mortar , thank you for sharing your experience, I have a feeling that the right proxy configuration could help me.

One more thing. I don't know if it's worth mentioning but on my dagger cloud I'm able to see these failed attempts of starting a dagger engine.

@hard shale if you do a docker ps, do you see a failed engine container?

or it doesn't even get to start?

@hollow vector Well, I see the created container whose status is restarting and it looks like an endless loop. It's recurring logs are provided below:

@hard shale this is on a mac you mentioned?

oh no, the development server, right? Which linux version is this using?

I'd suggest running modprobe iptable_nat in your server @hard shale and I think that'll fix the engine starting issue. There's still going to be other problems with the proxy thing, but ping me tomorrow and we can try to find workarounds

@hollow vector Linux version is: Red Hat Enterprise Linux release 8.9 (Ootpa)
✅ Thanks a lot for the command. That worked like a charm for the dagger-engine startup (as you said 😃 ), but I couldn't get dagger init --sdk=go potato running due to proxy setup. I get the following error:

ok, that's progress. Did you configure your docker daemon in that server to use your comapny http proxy?

https://docs.docker.com/network/proxy/

Hello Lev, I am not 100% on how this was solved, I am trying to get this setup in my corpo env at the moment, but hit the issue with dagger init --sdk=python mydaggerthing
I am not sure what workaround I should take here, I want to make this as offline as possible

There are a lot of inter related issues here, Can you share the output errors you get when you try to run this command?

Can you also share more of what you mean by “offline as possible” there may be some hard requirements that are not possible to get around at the moment

First Response:
When running the dagger init for python I get an exit 1 when it tried to do this
...
writing internal/telemetry/span.go
running post-command: go mod tidy
post-command failed: exit status 1
Stderr:
...
go: downloading github.com/pelletier/go-toml/v2 v2.1.1
go: python-sdk imports
github.com/iancoleman/strcase: github.com/iancoleman/strcase@v0.3.0: Get "https://proxy.golang.org/github.com/iancoleman/strcase/@v/v0.3.0.zip": tls: failed to verify certificate: x509: certificate signed by unknown authority
go: python-sdk imports
github.com/pelletier/go-toml/v2: github.com/pelletier/go-toml/v2@v2.1.1: Get "https://proxy.golang.org/github.com/pelletier/go-toml/v2/@v/v2.1.1.zip": tls: failed to verify certificate: x509: certificate signed by unknown authority
go: python-sdk imports
...

Note, I have a corpo custom cert I need to set it to trust

I am not sure what workaround I should take here, I want to make this as offline as possible

👋 FWIW there's no current way to make dagger work in fully airgapped / offline environments. Here's a list of currently identified issues that we're working on:
https://github.com/dagger/dagger/issues/6275

Second Response:
Sorry, I was not very clear in the begining, its more a design requirement I am still working on. I need this to be as local as possible, meaning, no cloud cash. but I am still looking in to this

and yes, the response above is what I was looking for

gotcha! regarding proxy configuration, we recently merged support from that starting v0.11.3 (https://github.com/dagger/dagger/pull/7255). So dagger should pick your system proxy configuration as long as it's set in the container runtime that you're currently using (I'd assume it's docker in your case?)

in a fresh wsl env, and yes, I want this to be the case

this error looks time that it needs the certificates configuration in the Dagger Engine: https://docs.dagger.io/faq#can-i-configure-the-dagger-engine

okay, this makes sense for what it can do now, but I must then shelve the dagger approach for now, I will revisit this approach for my project in the future. Will prep the modules so I can use dagger later until there is a more permanent fix for this.

Thank you so much for the speedy responses!