Best IT Recipes

Network call failure during image build on corporate network

I have a problem creating Docker images on my corporate network. I'm just starting to work with Docker, so I have the following Dockerfile for an application like hello-world:

# DOCKER-VERSION 0.3.4 FROM centos:6.4 # Enable EPEL for Node.js RUN rpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm # Install Node.js and npm RUN yum install -y npm # Bundle app source ADD . /src # Install app dependencies RUN cd /src; npm install EXPOSE 8080 CMD ["node", "/src/index.js"]

This works great when I collect it on my laptop at home, on my own wireless network. It omits the necessary dependencies and correctly creates the image.

However, when I am at work on my corporate network, the same Docker build fails when I try to remove the RPM from download.fedoraproject.org with the following error message:

Step 2: RUNrpm -Uvh http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm ---> Running in e0c26afe9ed5 curl: (5) Couldn't resolve proxy 'some.proxy.address' error: skipping http://download.fedoraproject.org/pub/epel/6/i386/epel-release-6-8.noarch.rpm - transfer failed

On my corporate network, I can access this URL from my laptop. But as soon as Docker tries to build a container, he suddenly cannot solve it. This behavior is the same for various external resources (apt-get, etc.): All of them can work fine on my laptop on the corporate network, but Docker cannot resolve them.

I do not have the network know-how to understand what is happening here. Does anyone know why this strange behavior will occur when building Docker containers?

+69
docker dns
Jun 10 '14 at 21:26
source share
8 answers

I managed to find out this problem. On Ubuntu, Docker installs the DNS servers for the container on Google servers at 8.8.8.x. As far as I understand, this is a workaround for Ubuntu due to the fact that Ubuntu sets /etc/resolv.conf as 127.0.0.1.

These Google servers were not available due to our firewall, so we were not able to resolve any URLs.

The fix is โ€‹โ€‹to tell Docker which DNS servers to use. It depends on how you installed Docker:

Ubuntu package

If you have the Ubuntu package installed, edit the / etc / default / docker file and add the following line:

 DOCKER_OPTS="--dns <your_dns_server_1> --dns <your_dns_server_2>"

You can add as many DNS servers as you want. After you have edited this file, you need to restart the Docker service:

 sudo service docker restart

Binary

If you installed Docker through the binary method (i.e. there is no package), then you will install DNS servers when the Docker daemon starts:

 sudo docker -d -D --dns <your_dns_server_1> --dns <your_dns_server_2> &
+85
Jun 12 '14 at 4:46
source share

I advise you to change the DNS settings of the Docker daemon. You can set default options for the docker daemon by creating the daemon configuration file in /etc/docker/daemon.json . Set the DNS server according to your host computer, for example. my DNS server is 10.0.0.2:

 {"dns": ["10.0.0.2", "8.8.8.8"] }

Then you just need to restart the docker service:

 sudo service docker restart

A step-by-step explanation is available here. Configuring the DNS Docker network configuration

+56
Feb 19 '17 at 20:48 on
source share

The following steps work for me (for the docker launch command and the docker launch command). My version of Linux is Ubuntu 14.04.

  • Identify the DNS using the following command.
      nm-tool |  grep DNS

This DNS result : 192.168.1.1 in my case

  • Create an entry in the /etc/default/docker.io file. My current entry is as follows:
  DOCKER_OPTS = "- dns 8.8.8.8 --dns 8.8.4.4 --dns 192.168.1.1"
  • Restart docker service
  sudo service docker.io restart
+19
Feb 11 '15 at 6:11
source share

For any Linux distribution that works with SystemD (Ubuntu 16, RHEL 7 ...), the path will be displayed using the following command:

 $ systemctl status docker โ— docker.service - Docker Application Container Engine Loaded: loaded (/lib/systemd/system/docker.service; enabled; vendor preset: enabled) Active: active (running) since Wed 2016-06-29 08:10:33 PDT; 2min 34s ago Docs: https://docs.docker.com Main PID: 1169 (dockerd) Tasks: 19 Memory: 85.0M CPU: 1.779s CGroup: /system.slice/docker.service โ”œโ”€1169 /usr/bin/dockerd --dns 172.18.20.11 --dns 172.20.100.15 --dns 8.8.8.8 --dns 8.8.4.4 -H fd:// โ””โ”€1232 docker-containerd -l unix:///var/run/docker/libcontainerd/docker-containerd.sock --shim docker-containerd-shim --met

The path will be /lib/systemd/system/docker.service . Add the DOCKER_OPTS values โ€‹โ€‹that any of --dns can have in the line where the daemon starts.

 cat /lib/systemd/system/docker.service | grep dns ExecStart=/usr/bin/dockerd --dns 172.18.20.11 --dns 172.20.100.15 --dns 8.8.8.8 --dns 8.8.4.4 -H fd://
+10
Jun 29 '16 at 15:20
source share

Docker (at least> = 1.13, possibly earlier) on Mac and Windows allows you to configure DNS in Preferences โ†’ Daemon โ†’ Advanced:

The following configuration installs two corporate DNS servers (use your own values โ€‹โ€‹here) with a backup response to Googleโ€™s public DNS servers.

Docker Daemon Adv Config

+6
Feb 23 '17 at 0:17
source share

Specify your DNS for the Docker daemon.

First of all, get your DNS address

 $ nmcli dev show | grep 'IP4.DNS' IP4.DNS[1]: 10.0.0.2

Check if the problem is really in DNS by running a docker container forcing this new DNS

 $ docker run --dns 10.0.0.2 <image_name> <command_name>

If this solves the problem, you can apply this fix to all docker daemons as follows

Edit or create the file /etc/docker/daemon.json

Add the following line to this file

 { "dns": ["10.0.0.2", "8.8.8.8"] }

Restart docker

 $ sudo service docker restart

A very good guide for ALL of this process can be found here.

https://development.robinwinslow.uk/2016/06/23/fix-docker-networking-dns/

+4
Aug 08 '18 at 21:49
source share

Solution without restarting the Docker service

You can change the DNS settings for one Docker image without affecting other docker build calls (and without restarting the Docker service) by overriding resolv.conf during build:

 FROM ubuntu:18.04 RUN echo "nameserver 123.123.123.123" > /etc/resolv.conf && apt update

Replace IP 123.123.123.123 with the one used on your corporate network (use nmcli dev show | grep 'IP4.DNS' to get the current DNS server used).

MINUSES:

  • This does not affect any other line from the Dockerfile. Therefore, you must prefix each line with the fix if it depends on DNS resolution
+2
Oct 25 '18 at 11:22
source share

On my computer with Ubuntu 16.04, sometimes Google DNS does not work for creating Docker images.

 cat /etc/docker/daemon.json {"dns": [""8.8.8.8"] }

I have to manually find the DNS of my service providers using the following command

 nmcli device show <interfacename> | grep IP4.DNS 125.22.47.102

and add it to my daemon.json as below

 cat /etc/docker/daemon.json {"dns": ["125.22.47.102","8.8.8.8"] } restart docker sudo service docker restart

(PS nm-tool deprecated in Ubuntu 15.04)

0
Sep 09 '19 at 6:03
source share


More articles:


All Articles