/etc/hosts in docker image ignored

GoogleContainerTools / kaniko

Build Container Images In Kubernetes

Apache License 2.0

14.58k stars 1.42k forks source link

/etc/hosts in docker image ignored #612

Open viceice opened 5 years ago

viceice commented 5 years ago

Actual behavior Kaniko is ignoring /etc/hosts configured by docker

Expected behavior Kaniko should respect /etc/hosts

To Reproduce Steps to reproduce the behavior:

run kaniko docker image with extrahosts for redirecting registry

Additional Information This is caused by missing /etc/nsswitch.conf : echo "hosts: files dns" > /etc/nsswitch.conf`` See https://github.com/golang/go/issues/22846 for details

dlorenc commented 5 years ago

Thanks! Would you like to try fixing this? It should be as simple as modifying the Dockerfiles in https://github.com/GoogleContainerTools/kaniko/blob/master/deploy/Dockerfile

viceice commented 5 years ago

I think adding this file is not enough. When i use a multistage build, /etc/ will get deleted.

We need a Workaround for redirecting our /etc to /kaniko/etc/.

viceice commented 5 years ago

Unpacking a image will overwrite that files too.

dlorenc commented 5 years ago

Hmm, if you mount it in as a volume during the run (either docker or k8s) then it should not get overwritten. Would that work for your use case?

viceice commented 5 years ago

that could work, does docker mount the hosts file or do i have to mount that when i run kaniko container?

tejal29 commented 4 years ago

@ViceIce you will have to mount it explicitly

Windforce17 commented 3 years ago

may be we can have a '--add-host' option like docker ?

hegerdes commented 2 years ago

I found a workaround that worked for me that I wanted to share:

Background:
Docker does not allow to modify the /etc/host at build time. The solution is to use --extra-hosts to provide domain resulution while building. Kaniko does not support this.

Note This is not a solution just a dirty workaround

I will assume that most of you will run kaniko in CI. I use GitLab

So we can override the entrypoint and run a _beforescript:

Assuming you habe a domains.list file (however you generate or get it)

Before running kaniko do:

for(line in "$(<domains.list)") {
  echo "127.0.0.1 ${line}" >> /etc/hosts
}

Now my domains in the reverse proxy config are resolvable and the config test passes.

CharkeyQK commented 11 months ago

for(line in "$(<domains.list)") {
  echo "127.0.0.1 ${line}" >> /etc/hosts
}

is this workaround works? the before_script seems wrong?