Tell docker to use the DNS server in the host system
I have dnsmasq
running in the host, and I want the docker containers to use that, instead of the default Google servers (8.8.8.8
)
My host /etc/resolv.conf
looks as follows:
» cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
search mydomain.net
And the container's /etc/resolv.conf
looks as follows:
root@ubuntu:/# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
search mydomain.net
nameserver 8.8.8.8
nameserver 8.8.4.4
It seems that docker is reusing the host's /etc/resolv.conf
but discarding the 127.0.0.1
entry, and instead adding Google's nameservers.
I have tried adding a dns entry referring to the docker0
interface:
» ifconfig docker0
docker0 Link encap:Ethernet HWaddr 02:42:8e:65:b0:88
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:8eff:fe65:b088/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:55824 errors:0 dropped:0 overruns:0 frame:0
TX packets:74365 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:15702804 (15.7 MB) TX bytes:60639605 (60.6 MB)
As follows:
docker run
-it
--name ubuntu.bionic
--restart always
--dns 172.17.0.1
ubuntu:bionic
But dns is not working:
root@ubuntu:/# apt-get update
Err:1 http://security.ubuntu.com/ubuntu bionic-security InRelease
Temporary failure resolving 'security.ubuntu.com'
How can I dell a docker container to use the dns server in the host system?
EDIT
It seems that I need to tell dnsmasq
to bind to the docker0
interface:
listen-address=127.0.0.1,172.17.0.1
I still do not like that I need to give the IP address of the docker0
interface twice, once for the docker run
command for each container that I want to create, and also for the dnsmasq
configuration.
EDIT2
I can tell docker
to use by default my local DNS server (which is runninng in a container, and reachable to the other containers in the docker0
interface: 172.17.0.1
):
» sudo cat /etc/docker/daemon.json
{
"dns": ["172.17.0.1", "8.8.8.8"]
}
And then restart the docker daemon:
sudo service docker restart
I am still somewhat worried that docker
could decide to change the IP address of the docker0
interface, and I will be forced to reconfigure docker
and dnsmasq
, and rebuild the containers.
ubuntu dns docker dnsmasq
add a comment |
I have dnsmasq
running in the host, and I want the docker containers to use that, instead of the default Google servers (8.8.8.8
)
My host /etc/resolv.conf
looks as follows:
» cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
search mydomain.net
And the container's /etc/resolv.conf
looks as follows:
root@ubuntu:/# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
search mydomain.net
nameserver 8.8.8.8
nameserver 8.8.4.4
It seems that docker is reusing the host's /etc/resolv.conf
but discarding the 127.0.0.1
entry, and instead adding Google's nameservers.
I have tried adding a dns entry referring to the docker0
interface:
» ifconfig docker0
docker0 Link encap:Ethernet HWaddr 02:42:8e:65:b0:88
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:8eff:fe65:b088/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:55824 errors:0 dropped:0 overruns:0 frame:0
TX packets:74365 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:15702804 (15.7 MB) TX bytes:60639605 (60.6 MB)
As follows:
docker run
-it
--name ubuntu.bionic
--restart always
--dns 172.17.0.1
ubuntu:bionic
But dns is not working:
root@ubuntu:/# apt-get update
Err:1 http://security.ubuntu.com/ubuntu bionic-security InRelease
Temporary failure resolving 'security.ubuntu.com'
How can I dell a docker container to use the dns server in the host system?
EDIT
It seems that I need to tell dnsmasq
to bind to the docker0
interface:
listen-address=127.0.0.1,172.17.0.1
I still do not like that I need to give the IP address of the docker0
interface twice, once for the docker run
command for each container that I want to create, and also for the dnsmasq
configuration.
EDIT2
I can tell docker
to use by default my local DNS server (which is runninng in a container, and reachable to the other containers in the docker0
interface: 172.17.0.1
):
» sudo cat /etc/docker/daemon.json
{
"dns": ["172.17.0.1", "8.8.8.8"]
}
And then restart the docker daemon:
sudo service docker restart
I am still somewhat worried that docker
could decide to change the IP address of the docker0
interface, and I will be forced to reconfigure docker
and dnsmasq
, and rebuild the containers.
ubuntu dns docker dnsmasq
add a comment |
I have dnsmasq
running in the host, and I want the docker containers to use that, instead of the default Google servers (8.8.8.8
)
My host /etc/resolv.conf
looks as follows:
» cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
search mydomain.net
And the container's /etc/resolv.conf
looks as follows:
root@ubuntu:/# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
search mydomain.net
nameserver 8.8.8.8
nameserver 8.8.4.4
It seems that docker is reusing the host's /etc/resolv.conf
but discarding the 127.0.0.1
entry, and instead adding Google's nameservers.
I have tried adding a dns entry referring to the docker0
interface:
» ifconfig docker0
docker0 Link encap:Ethernet HWaddr 02:42:8e:65:b0:88
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:8eff:fe65:b088/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:55824 errors:0 dropped:0 overruns:0 frame:0
TX packets:74365 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:15702804 (15.7 MB) TX bytes:60639605 (60.6 MB)
As follows:
docker run
-it
--name ubuntu.bionic
--restart always
--dns 172.17.0.1
ubuntu:bionic
But dns is not working:
root@ubuntu:/# apt-get update
Err:1 http://security.ubuntu.com/ubuntu bionic-security InRelease
Temporary failure resolving 'security.ubuntu.com'
How can I dell a docker container to use the dns server in the host system?
EDIT
It seems that I need to tell dnsmasq
to bind to the docker0
interface:
listen-address=127.0.0.1,172.17.0.1
I still do not like that I need to give the IP address of the docker0
interface twice, once for the docker run
command for each container that I want to create, and also for the dnsmasq
configuration.
EDIT2
I can tell docker
to use by default my local DNS server (which is runninng in a container, and reachable to the other containers in the docker0
interface: 172.17.0.1
):
» sudo cat /etc/docker/daemon.json
{
"dns": ["172.17.0.1", "8.8.8.8"]
}
And then restart the docker daemon:
sudo service docker restart
I am still somewhat worried that docker
could decide to change the IP address of the docker0
interface, and I will be forced to reconfigure docker
and dnsmasq
, and rebuild the containers.
ubuntu dns docker dnsmasq
I have dnsmasq
running in the host, and I want the docker containers to use that, instead of the default Google servers (8.8.8.8
)
My host /etc/resolv.conf
looks as follows:
» cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
search mydomain.net
And the container's /etc/resolv.conf
looks as follows:
root@ubuntu:/# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
search mydomain.net
nameserver 8.8.8.8
nameserver 8.8.4.4
It seems that docker is reusing the host's /etc/resolv.conf
but discarding the 127.0.0.1
entry, and instead adding Google's nameservers.
I have tried adding a dns entry referring to the docker0
interface:
» ifconfig docker0
docker0 Link encap:Ethernet HWaddr 02:42:8e:65:b0:88
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:8eff:fe65:b088/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:55824 errors:0 dropped:0 overruns:0 frame:0
TX packets:74365 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:15702804 (15.7 MB) TX bytes:60639605 (60.6 MB)
As follows:
docker run
-it
--name ubuntu.bionic
--restart always
--dns 172.17.0.1
ubuntu:bionic
But dns is not working:
root@ubuntu:/# apt-get update
Err:1 http://security.ubuntu.com/ubuntu bionic-security InRelease
Temporary failure resolving 'security.ubuntu.com'
How can I dell a docker container to use the dns server in the host system?
EDIT
It seems that I need to tell dnsmasq
to bind to the docker0
interface:
listen-address=127.0.0.1,172.17.0.1
I still do not like that I need to give the IP address of the docker0
interface twice, once for the docker run
command for each container that I want to create, and also for the dnsmasq
configuration.
EDIT2
I can tell docker
to use by default my local DNS server (which is runninng in a container, and reachable to the other containers in the docker0
interface: 172.17.0.1
):
» sudo cat /etc/docker/daemon.json
{
"dns": ["172.17.0.1", "8.8.8.8"]
}
And then restart the docker daemon:
sudo service docker restart
I am still somewhat worried that docker
could decide to change the IP address of the docker0
interface, and I will be forced to reconfigure docker
and dnsmasq
, and rebuild the containers.
ubuntu dns docker dnsmasq
ubuntu dns docker dnsmasq
edited Mar 13 '18 at 8:02
dangonfast
asked Mar 13 '18 at 6:31
dangonfastdangonfast
1,09531227
1,09531227
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
You can use the host's local DNS resolver (e.g. dnsmasq
) from your Docker containers if they are on a user defined network. In that case a container's /etc/resolv.conf
will have the nameserver 127.0.0.11
(a.k.a. the Docker's embedded DNS server), which can forward DNS requests to the host's loopback address properly.
$ cat /etc/resolv.conf
nameserver 127.0.0.1
$ docker run --rm alpine cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
$ docker network create demo
557079c79ddf6be7d6def935fa0c1c3c8290a0db4649c4679b84f6363e3dd9a0
$ docker run --rm --net demo alpine cat /etc/resolv.conf
nameserver 127.0.0.11
options ndots:0
If you use docker-compose
, it will set up a custom network for your services automatically (with a file format v2+). Note, however, that while docker-compose
runs containers in a user-defined network, it still builds them in the default network. To use a custom network for builds you can specify the network
parameter in the build configuration (requires file format v3.4+).
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1302921%2ftell-docker-to-use-the-dns-server-in-the-host-system%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
You can use the host's local DNS resolver (e.g. dnsmasq
) from your Docker containers if they are on a user defined network. In that case a container's /etc/resolv.conf
will have the nameserver 127.0.0.11
(a.k.a. the Docker's embedded DNS server), which can forward DNS requests to the host's loopback address properly.
$ cat /etc/resolv.conf
nameserver 127.0.0.1
$ docker run --rm alpine cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
$ docker network create demo
557079c79ddf6be7d6def935fa0c1c3c8290a0db4649c4679b84f6363e3dd9a0
$ docker run --rm --net demo alpine cat /etc/resolv.conf
nameserver 127.0.0.11
options ndots:0
If you use docker-compose
, it will set up a custom network for your services automatically (with a file format v2+). Note, however, that while docker-compose
runs containers in a user-defined network, it still builds them in the default network. To use a custom network for builds you can specify the network
parameter in the build configuration (requires file format v3.4+).
add a comment |
You can use the host's local DNS resolver (e.g. dnsmasq
) from your Docker containers if they are on a user defined network. In that case a container's /etc/resolv.conf
will have the nameserver 127.0.0.11
(a.k.a. the Docker's embedded DNS server), which can forward DNS requests to the host's loopback address properly.
$ cat /etc/resolv.conf
nameserver 127.0.0.1
$ docker run --rm alpine cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
$ docker network create demo
557079c79ddf6be7d6def935fa0c1c3c8290a0db4649c4679b84f6363e3dd9a0
$ docker run --rm --net demo alpine cat /etc/resolv.conf
nameserver 127.0.0.11
options ndots:0
If you use docker-compose
, it will set up a custom network for your services automatically (with a file format v2+). Note, however, that while docker-compose
runs containers in a user-defined network, it still builds them in the default network. To use a custom network for builds you can specify the network
parameter in the build configuration (requires file format v3.4+).
add a comment |
You can use the host's local DNS resolver (e.g. dnsmasq
) from your Docker containers if they are on a user defined network. In that case a container's /etc/resolv.conf
will have the nameserver 127.0.0.11
(a.k.a. the Docker's embedded DNS server), which can forward DNS requests to the host's loopback address properly.
$ cat /etc/resolv.conf
nameserver 127.0.0.1
$ docker run --rm alpine cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
$ docker network create demo
557079c79ddf6be7d6def935fa0c1c3c8290a0db4649c4679b84f6363e3dd9a0
$ docker run --rm --net demo alpine cat /etc/resolv.conf
nameserver 127.0.0.11
options ndots:0
If you use docker-compose
, it will set up a custom network for your services automatically (with a file format v2+). Note, however, that while docker-compose
runs containers in a user-defined network, it still builds them in the default network. To use a custom network for builds you can specify the network
parameter in the build configuration (requires file format v3.4+).
You can use the host's local DNS resolver (e.g. dnsmasq
) from your Docker containers if they are on a user defined network. In that case a container's /etc/resolv.conf
will have the nameserver 127.0.0.11
(a.k.a. the Docker's embedded DNS server), which can forward DNS requests to the host's loopback address properly.
$ cat /etc/resolv.conf
nameserver 127.0.0.1
$ docker run --rm alpine cat /etc/resolv.conf
nameserver 8.8.8.8
nameserver 8.8.4.4
$ docker network create demo
557079c79ddf6be7d6def935fa0c1c3c8290a0db4649c4679b84f6363e3dd9a0
$ docker run --rm --net demo alpine cat /etc/resolv.conf
nameserver 127.0.0.11
options ndots:0
If you use docker-compose
, it will set up a custom network for your services automatically (with a file format v2+). Note, however, that while docker-compose
runs containers in a user-defined network, it still builds them in the default network. To use a custom network for builds you can specify the network
parameter in the build configuration (requires file format v3.4+).
answered Sep 9 '18 at 8:24
Eugene YarmashEugene Yarmash
68711122
68711122
add a comment |
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1302921%2ftell-docker-to-use-the-dns-server-in-the-host-system%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown