anaconda error "HTTP 000 CONNECTION FAILED for url <https://conda.anaconda.org/conda-forge/linux-64/current_repodata.json>"

Question

I want to implement this repository : https://github.com/abedavis/visbeat To do so, I am running a docker file as mentioned in the README.MD file of the repository using the command

sudo docker build --build-arg http_proxy=172.16.2.30:8080 -t visbeat .

inside the 'docker' folder of the repository. Yes I am using proxied wifi.

Expected results : Docker image build succesfully

Actual result : Facing an error on the step 6 :-

Step 6/14 : RUN conda create --quiet --yes -p $CONDA_DIR/envs/python2 python=2.7 ipython >ipykernel kernda && conda clean -tipsy ---> Running in b7c3b4b1d5db Collecting package metadata (current_repodata.json): ...working... failed

CondaHTTPError: HTTP 000 CONNECTION FAILED for url https://conda.anaconda.org/conda-forge/linux-64/current_repodata.json Elapsed: -

An HTTP error occurred when trying to retrieve this URL. HTTP errors are often intermittent, and a simple retry will get you on your way. 'https://conda.anaconda.org/conda-forge/linux-64'

The command '/bin/sh -c conda create --quiet --yes -p $CONDA_DIR/envs/python2 python=2.7 >ipython ipykernel kernda && conda clean -tipsy' returned a non-zero code: 1

What I have tried :

1) I have searched the error on Google and github.

2) I tried adding proxy that I am using in .condarc file.

None of the above solutions worked for me.

To reproduce the problem :

1) Clone the repository

2) Run the command to build the dockerfile. Give any sudo access if required.

Answer 1

This problem is directly addressed in Anaconda's documentation, and here is their recommended solution. I am dealing with the same problem, and will post when I figured out how to fully implement it. Straight from Anaconda:

Some corporate environments use proxy services that use Man-In-The-Middle (MITM) attacks to sniff encrypted traffic. These services can interfere with SSL connections such as those used by conda and pip to download packages from repositories such as PyPI.

-Ref: https://docs.conda.io/projects/conda/en/latest/user-guide/configuration/disable-ssl-verification.html

Option 1: Insecure Solution

One option, which I do not recommend for a permanent solution, is to turn off SSL verification. This makes you vulnerable to man in the middle attacks.

conda config --set ssl_verify false

Once you have downloaded the files you need, turn SSL back on:

conda config --set ssl_verify true

Option2: Anaconda's Commercial Edition

Again, this is straight from Anaconda's documentation and I am not a security expert. Anaconda's documentation is limited on this, but if you read the help documentation in conda (conda token -h) you will see that the token command is used to configure access for Anaconda Commercial. Disable the SSL certificate so you can install the necessary library.

conda config --set ssl_verify false

Install conda-token, here it is going into the base environment:

conda install conda-token -n base

Ensure the token verification step ignores SSL errors, and replace <token> with your token. At the moment, :

conda token set --no-ssl-verify <token>

You will still see InsecureRequestWarning, but it is expected.

My network security team gave the CRT file for this step, but I received an error that the CRT token couldn't be validated.

To see if the token was accepted, use:

conda token list

Reference: https://docs.anaconda.com/anaconda-professional/troubleshooting/#id5

Option 3: Security Changes

Contact your network security team to change the rules to allow conda to communicate with Anaconda without decrypting the traffic. This is the solution I ended up using.