Current docker version: 1.13.1, build 092cba3
.
Contents of /etc/resolv.conf:
search mycompany.local
nameserver 127.0.0.11
options ndots:0
(real company name obfuscated).
nslookup
on the host itself is 100% fine, but from within container any external hostname look fails (can't event run apt-get update
).
The same symptoms persist in all my hosts in the 4-node cluster.
Note that internal service name resolution seems to be working between the containers.
Running the same application directly on my laptop (on same office network) hostnames resolve fine.
This is becoming a bit of a slow moving disaster.
The cluster involved is still a pre-1.12 build, it that might have any bearing.
Docker containers take DNS IPs from the host machine, which is managed by systemd-resolve . Those IPs themselves are the cloud provider's DNS.
The solution: a Docker DNS cache, using dnsmasq A great choice for a cache like this is dnsmasq. It's reliable, widely used, and super simple to set up. And since all of our testing runs inside Docker containers, it made sense to run the DNS server in Docker too.
DNS services conf configuration file. Containers that use the default bridge network get a copy of this file, whereas containers that use a custom network use Docker's embedded DNS server, which forwards external DNS lookups to the DNS servers configured on the host.
In Linux, the lo
or localhost interface will have the address 127.0.0.1/8 (i.e. netmask 255.0.0.0). That netmask covers this entire range:
127.0.0.0 - 127.255.255.255
Since 127.0.0.11 falls into this range, connections to that address will attempt to route via the lo
interface (inside the container) as a connected route. Unless your container has that address configured internally and has a DNS resolver listening on that address, this will result in a connection timeout.
You can probably solve this by either routing 127.0.0.11 out the main interface of the container (e.g. eth0
), or by changing the DNS resolver address so it is outside of 127.0.0.0/8.
You can also set DNS server IP(s) explicitly.
docker run --dns 1.2.3.4 # set one server
docker run --dns 1.2.3.4 --dns 5.6.7.8 # set multiple servers
Or using docker-compose.yml:
dns: 1.2.3.4
dns:
- 1.2.3.4
- 5.6.7.8
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With