All geek questions in one place

Docker-compose Console Using Host DNS Server

I use several containers on my "Ubuntu 16.10 server" on a "custom" bridge network with compose 2.9 (in version 2.1 for yml). Most of my containers use the same ports, so I cannot use the host driver. All of my containers are links that use the highlighted links attribute.

But I also need access to services available outside of my containers. These services have a dedicated URL with names registered on my company's DNS server. Although I have no problem using the public DNS and accessing any public service from my containers, I simply cannot access my private DNS.

Do you know a working solution for using private DNS from a container? Or, better yet, use the host's DNS configuration?

PS: Of course, I can refer to the services of my company using the extra_hosts attribute in my services in my docker-compose.yml file. But ... it's definitely not the goal of having a DNS. I don’t want to register all my services in my YML file and I don’t want to update it every time the IP-address of services is updated in my company.

Context:

  • Host: Ubuntu 16.10 Server
  • Docker Engine: 1.12.6
  • Docker Composition: 1.9.0
  • docker-compose.yml: 2.1
  • Network: own bridge.

Docker-compose.yml file (extract):

 version: '2.1' services: nexus: image: sonatype/nexus3:$NEXUS_VERSION container_name: nexus restart: always hostname: nexus.$URL ports: - "$NEXUS_81:8081" - "$NEXUS_443:8443" extra_hosts: - "repos.private.network:192.168.200.200" dns: - 192.168.3.7 - 192.168.111.1 - 192.168.10.5 - 192.168.10.15 volumes_from: - nexus-data networks: - pic networks: pic: driver: bridge ipam: driver: default config: - subnet: 172.18.0.0/16 gateway: 172.18.0.1

I tried with and without ipam configuration for pic network, without any luck.

Tests and results: docker exec -ti nexus curl repos.private.network correctly returns the HTML page served by this service

docker exec -ti nexus curl another-service.private.network Returns curl: (6) Could not resolve host: another-service.private.network; Name or service not known curl: (6) Could not resolve host: another-service.private.network; Name or service not known curl: (6) Could not resolve host: another-service.private.network; Name or service not known curl: (6) Could not resolve host: another-service.private.network; Name or service not known While curl another-service.private.network from the host returns the corresponding HTML page.

And of course another-service.private.network is another-service.private.network known on my 4 DNS servers (192.168.3.7, 192.168.111.1, 192.168.10.5, 192.168.10.15).

+11
source share
1 answer

You do not specify in which environment you use docker-compose, for example, on Mac, Windows or Unix, so this will depend a little on what changes are needed. You also do not indicate whether you use the default bridge network in Docker on a user-created bridge network.

In any case, by default, Docker should try to map the DNS resolution from the Docker host to your containers. So if your Docker Host can resolve private DNS addresses, then theoretically your containers should also do this.

I would recommend reading this official Docker DNS documentation, as that is pretty reasonable. Here for the default Docker bridge network, here for the user-created bridge networks.

The slight difficulty is that if you use Docker for Mac, Docker Machine, or Docker for Windows, you need to remember that your Docker Host is actually a virtual machine running on your machine, not the physical box itself, so you need to Verify that the correct DNS resolution settings are set on the virtual machine. You will need to restart your containers for the changes in DNS resolution to be accepted by them.

Of course, you can override all default settings using docker-compose . It has full parameters for explicitly configuring DNS servers, DNS lookup options, etc. For instance:

 version: 2 services: application: dns: - 8.8.8.8 - 4.4.4.4 - 192.168.9.45

You will find documentation on these features here .

+13
source

Source: https://habr.com/ru/post/1014176/

More articles:


All Articles