Open runephilosof opened 6 years ago
+1
Temporary solution is to run container in the --net=host
network.
https://stackoverflow.com/a/43314989/2263395
EDIT: One of the Github users added this as a solution, however he deleted his comments, not sure if this works though:
a better solution than @tomekit's would be to use --dns 172.30.0.2
I've just bumped into this issue using AWS ECS EC2 using Windows Server 2016 (that's a lot of context acronyms!). The Docker host DNS setup is all correct and resolves Route53 names (DNS + DNS search suffix), the containers have an extra stray DNS entry (the Docker host) that will resolve public names but not Route53 private zones.
Here is the container network config:
PS C:\ssp> ipconfig /all
Windows IP Configuration
Host Name . . . . . . . . . . . . : 3522fe3b78c6
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : services-dev.local <------- CORRECT
Ethernet adapter vEthernet (Container NIC afe9c470):
Connection-specific DNS Suffix . : services-dev.local <------ CORRECT
Description . . . . . . . . . . . : Hyper-V Virtual Ethernet Adapter #3
Physical Address. . . . . . . . . : 00-15-5D-84-EB-FD
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::d850:2564:2392:7ff9%22(Preferred)
IPv4 Address. . . . . . . . . . . : 172.18.124.89(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.240.0
Default Gateway . . . . . . . . . : 172.18.112.1
DNS Servers . . . . . . . . . . . : 172.18.112.1 <--- WRONG, this is the Docker host
10.0.0.2 <------ CORRECT
NetBIOS over Tcpip. . . . . . . . : Disabled
Strangely most network tools work with this configuration except for nslookup
, the one I was using! The standard install of Windows nslookup
. ping
, Test-NetConnection
and Resolve-DnsName
all work fine (although I'm not quite sure how).
+1
Expected behavior
$
host non-public.dns.name
# should output ip from private dns $ tcpdump port domain # on the host Should show the container querying the same dns server as the host would do.Actual behavior
$
host non-public.dns.name
# outputs ip from public dns (or not found if only available in private). $ tcpdump port domain # on the host Shows the container querying 8.8.8.8Steps to reproduce the behavior
On AWS:
sudo apt update && sudo apt install docker.io && sudo systemd start docker
host non-public.dns.name
# should output the ip you configured in the private dnssudo docker run --rm -it ubuntu
apt update && apt install -y bind9-host && host non-public.dns.name
Output of
docker version
:Output of
docker info
:Additional environment details (AWS, VirtualBox, physical, etc.)
On AWS EC2 with an Ubuntu 18.04 the /etc/resolv.conf looks similar to:
Running
systemd-resolve --status
gives:When I create a docker container and queries dns it goes directly to 8.8.8.8. Instead, it should use the same dns server as the host.
On one of my hosts: If I edit the /etc/resolv.conf on the host to contain nameserver 172.30.0.2, it starts working as expected. Docker should recognize this by itself.
But on the host I just created to test my steps to replicate it doesn't help to change the /etc/resolv.conf, on that host the /etc/resolv.conf is reverted to 127.0.0.53 when I run the container.