7
3
I have dnsmasq
running in the host, and I want the docker containers to use that, instead of the default Google servers (8.8.8.8
)
My host /etc/resolv.conf
looks as follows:
» cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
search mydomain.net
And the container's /etc/resolv.conf
looks as follows:
root@ubuntu:/# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
search mydomain.net
nameserver 8.8.8.8
nameserver 8.8.4.4
It seems that docker is reusing the host's /etc/resolv.conf
but discarding the 127.0.0.1
entry, and instead adding Google's nameservers.
I have tried adding a dns entry referring to the docker0
interface:
» ifconfig docker0
docker0 Link encap:Ethernet HWaddr 02:42:8e:65:b0:88
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:8eff:fe65:b088/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:55824 errors:0 dropped:0 overruns:0 frame:0
TX packets:74365 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:15702804 (15.7 MB) TX bytes:60639605 (60.6 MB)
As follows:
docker run \
-it \
--name ubuntu.bionic \
--restart always \
--dns 172.17.0.1 \
ubuntu:bionic
But dns is not working:
root@ubuntu:/# apt-get update
Err:1 http://security.ubuntu.com/ubuntu bionic-security InRelease
Temporary failure resolving 'security.ubuntu.com'
How can I dell a docker container to use the dns server in the host system?
EDIT
It seems that I need to tell dnsmasq
to bind to the docker0
interface:
listen-address=127.0.0.1,172.17.0.1
I still do not like that I need to give the IP address of the docker0
interface twice, once for the docker run
command for each container that I want to create, and also for the dnsmasq
configuration.
EDIT2
I can tell docker
to use by default my local DNS server (which is runninng in a container, and reachable to the other containers in the docker0
interface: 172.17.0.1
):
» sudo cat /etc/docker/daemon.json
{
"dns": ["172.17.0.1", "8.8.8.8"]
}
And then restart the docker daemon:
sudo service docker restart
I am still somewhat worried that docker
could decide to change the IP address of the docker0
interface, and I will be forced to reconfigure docker
and dnsmasq
, and rebuild the containers.