Tell docker to use the DNS server in the host system












5















I have dnsmasq running in the host, and I want the docker containers to use that, instead of the default Google servers (8.8.8.8)



My host /etc/resolv.conf looks as follows:



» cat /etc/resolv.conf 
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 127.0.0.1
search mydomain.net


And the container's /etc/resolv.conf looks as follows:



root@ubuntu:/# cat /etc/resolv.conf 
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
# DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
search mydomain.net

nameserver 8.8.8.8
nameserver 8.8.4.4


It seems that docker is reusing the host's /etc/resolv.conf but discarding the 127.0.0.1 entry, and instead adding Google's nameservers.



I have tried adding a dns entry referring to the docker0 interface:



» ifconfig docker0
docker0 Link encap:Ethernet HWaddr 02:42:8e:65:b0:88
inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
inet6 addr: fe80::42:8eff:fe65:b088/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:55824 errors:0 dropped:0 overruns:0 frame:0
TX packets:74365 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:15702804 (15.7 MB) TX bytes:60639605 (60.6 MB)


As follows:



docker run 
-it
--name ubuntu.bionic
--restart always
--dns 172.17.0.1
ubuntu:bionic


But dns is not working:



root@ubuntu:/# apt-get update
Err:1 http://security.ubuntu.com/ubuntu bionic-security InRelease
Temporary failure resolving 'security.ubuntu.com'


How can I dell a docker container to use the dns server in the host system?



EDIT



It seems that I need to tell dnsmasq to bind to the docker0 interface:



listen-address=127.0.0.1,172.17.0.1


I still do not like that I need to give the IP address of the docker0 interface twice, once for the docker run command for each container that I want to create, and also for the dnsmasq configuration.



EDIT2



I can tell docker to use by default my local DNS server (which is runninng in a container, and reachable to the other containers in the docker0 interface: 172.17.0.1):



» sudo cat /etc/docker/daemon.json
{
"dns": ["172.17.0.1", "8.8.8.8"]
}


And then restart the docker daemon:



sudo service docker restart


I am still somewhat worried that docker could decide to change the IP address of the docker0 interface, and I will be forced to reconfigure docker and dnsmasq, and rebuild the containers.










share|improve this question





























    5















    I have dnsmasq running in the host, and I want the docker containers to use that, instead of the default Google servers (8.8.8.8)



    My host /etc/resolv.conf looks as follows:



    » cat /etc/resolv.conf 
    # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
    # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
    nameserver 127.0.0.1
    search mydomain.net


    And the container's /etc/resolv.conf looks as follows:



    root@ubuntu:/# cat /etc/resolv.conf 
    # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
    # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
    search mydomain.net

    nameserver 8.8.8.8
    nameserver 8.8.4.4


    It seems that docker is reusing the host's /etc/resolv.conf but discarding the 127.0.0.1 entry, and instead adding Google's nameservers.



    I have tried adding a dns entry referring to the docker0 interface:



    » ifconfig docker0
    docker0 Link encap:Ethernet HWaddr 02:42:8e:65:b0:88
    inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
    inet6 addr: fe80::42:8eff:fe65:b088/64 Scope:Link
    UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
    RX packets:55824 errors:0 dropped:0 overruns:0 frame:0
    TX packets:74365 errors:0 dropped:0 overruns:0 carrier:0
    collisions:0 txqueuelen:0
    RX bytes:15702804 (15.7 MB) TX bytes:60639605 (60.6 MB)


    As follows:



    docker run 
    -it
    --name ubuntu.bionic
    --restart always
    --dns 172.17.0.1
    ubuntu:bionic


    But dns is not working:



    root@ubuntu:/# apt-get update
    Err:1 http://security.ubuntu.com/ubuntu bionic-security InRelease
    Temporary failure resolving 'security.ubuntu.com'


    How can I dell a docker container to use the dns server in the host system?



    EDIT



    It seems that I need to tell dnsmasq to bind to the docker0 interface:



    listen-address=127.0.0.1,172.17.0.1


    I still do not like that I need to give the IP address of the docker0 interface twice, once for the docker run command for each container that I want to create, and also for the dnsmasq configuration.



    EDIT2



    I can tell docker to use by default my local DNS server (which is runninng in a container, and reachable to the other containers in the docker0 interface: 172.17.0.1):



    » sudo cat /etc/docker/daemon.json
    {
    "dns": ["172.17.0.1", "8.8.8.8"]
    }


    And then restart the docker daemon:



    sudo service docker restart


    I am still somewhat worried that docker could decide to change the IP address of the docker0 interface, and I will be forced to reconfigure docker and dnsmasq, and rebuild the containers.










    share|improve this question



























      5












      5








      5


      2






      I have dnsmasq running in the host, and I want the docker containers to use that, instead of the default Google servers (8.8.8.8)



      My host /etc/resolv.conf looks as follows:



      » cat /etc/resolv.conf 
      # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
      # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
      nameserver 127.0.0.1
      search mydomain.net


      And the container's /etc/resolv.conf looks as follows:



      root@ubuntu:/# cat /etc/resolv.conf 
      # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
      # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
      search mydomain.net

      nameserver 8.8.8.8
      nameserver 8.8.4.4


      It seems that docker is reusing the host's /etc/resolv.conf but discarding the 127.0.0.1 entry, and instead adding Google's nameservers.



      I have tried adding a dns entry referring to the docker0 interface:



      » ifconfig docker0
      docker0 Link encap:Ethernet HWaddr 02:42:8e:65:b0:88
      inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
      inet6 addr: fe80::42:8eff:fe65:b088/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:55824 errors:0 dropped:0 overruns:0 frame:0
      TX packets:74365 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:15702804 (15.7 MB) TX bytes:60639605 (60.6 MB)


      As follows:



      docker run 
      -it
      --name ubuntu.bionic
      --restart always
      --dns 172.17.0.1
      ubuntu:bionic


      But dns is not working:



      root@ubuntu:/# apt-get update
      Err:1 http://security.ubuntu.com/ubuntu bionic-security InRelease
      Temporary failure resolving 'security.ubuntu.com'


      How can I dell a docker container to use the dns server in the host system?



      EDIT



      It seems that I need to tell dnsmasq to bind to the docker0 interface:



      listen-address=127.0.0.1,172.17.0.1


      I still do not like that I need to give the IP address of the docker0 interface twice, once for the docker run command for each container that I want to create, and also for the dnsmasq configuration.



      EDIT2



      I can tell docker to use by default my local DNS server (which is runninng in a container, and reachable to the other containers in the docker0 interface: 172.17.0.1):



      » sudo cat /etc/docker/daemon.json
      {
      "dns": ["172.17.0.1", "8.8.8.8"]
      }


      And then restart the docker daemon:



      sudo service docker restart


      I am still somewhat worried that docker could decide to change the IP address of the docker0 interface, and I will be forced to reconfigure docker and dnsmasq, and rebuild the containers.










      share|improve this question
















      I have dnsmasq running in the host, and I want the docker containers to use that, instead of the default Google servers (8.8.8.8)



      My host /etc/resolv.conf looks as follows:



      » cat /etc/resolv.conf 
      # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
      # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
      nameserver 127.0.0.1
      search mydomain.net


      And the container's /etc/resolv.conf looks as follows:



      root@ubuntu:/# cat /etc/resolv.conf 
      # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
      # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
      search mydomain.net

      nameserver 8.8.8.8
      nameserver 8.8.4.4


      It seems that docker is reusing the host's /etc/resolv.conf but discarding the 127.0.0.1 entry, and instead adding Google's nameservers.



      I have tried adding a dns entry referring to the docker0 interface:



      » ifconfig docker0
      docker0 Link encap:Ethernet HWaddr 02:42:8e:65:b0:88
      inet addr:172.17.0.1 Bcast:0.0.0.0 Mask:255.255.0.0
      inet6 addr: fe80::42:8eff:fe65:b088/64 Scope:Link
      UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
      RX packets:55824 errors:0 dropped:0 overruns:0 frame:0
      TX packets:74365 errors:0 dropped:0 overruns:0 carrier:0
      collisions:0 txqueuelen:0
      RX bytes:15702804 (15.7 MB) TX bytes:60639605 (60.6 MB)


      As follows:



      docker run 
      -it
      --name ubuntu.bionic
      --restart always
      --dns 172.17.0.1
      ubuntu:bionic


      But dns is not working:



      root@ubuntu:/# apt-get update
      Err:1 http://security.ubuntu.com/ubuntu bionic-security InRelease
      Temporary failure resolving 'security.ubuntu.com'


      How can I dell a docker container to use the dns server in the host system?



      EDIT



      It seems that I need to tell dnsmasq to bind to the docker0 interface:



      listen-address=127.0.0.1,172.17.0.1


      I still do not like that I need to give the IP address of the docker0 interface twice, once for the docker run command for each container that I want to create, and also for the dnsmasq configuration.



      EDIT2



      I can tell docker to use by default my local DNS server (which is runninng in a container, and reachable to the other containers in the docker0 interface: 172.17.0.1):



      » sudo cat /etc/docker/daemon.json
      {
      "dns": ["172.17.0.1", "8.8.8.8"]
      }


      And then restart the docker daemon:



      sudo service docker restart


      I am still somewhat worried that docker could decide to change the IP address of the docker0 interface, and I will be forced to reconfigure docker and dnsmasq, and rebuild the containers.







      ubuntu dns docker dnsmasq






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Mar 13 '18 at 8:02







      dangonfast

















      asked Mar 13 '18 at 6:31









      dangonfastdangonfast

      1,09531227




      1,09531227






















          1 Answer
          1






          active

          oldest

          votes


















          1














          You can use the host's local DNS resolver (e.g. dnsmasq) from your Docker containers if they are on a user defined network. In that case a container's /etc/resolv.conf will have the nameserver 127.0.0.11 (a.k.a. the Docker's embedded DNS server), which can forward DNS requests to the host's loopback address properly.



          $ cat /etc/resolv.conf
          nameserver 127.0.0.1
          $ docker run --rm alpine cat /etc/resolv.conf
          nameserver 8.8.8.8
          nameserver 8.8.4.4
          $ docker network create demo
          557079c79ddf6be7d6def935fa0c1c3c8290a0db4649c4679b84f6363e3dd9a0
          $ docker run --rm --net demo alpine cat /etc/resolv.conf
          nameserver 127.0.0.11
          options ndots:0


          If you use docker-compose, it will set up a custom network for your services automatically (with a file format v2+). Note, however, that while docker-compose runs containers in a user-defined network, it still builds them in the default network. To use a custom network for builds you can specify the network parameter in the build configuration (requires file format v3.4+).






          share|improve this answer























            Your Answer








            StackExchange.ready(function() {
            var channelOptions = {
            tags: "".split(" "),
            id: "3"
            };
            initTagRenderer("".split(" "), "".split(" "), channelOptions);

            StackExchange.using("externalEditor", function() {
            // Have to fire editor after snippets, if snippets enabled
            if (StackExchange.settings.snippets.snippetsEnabled) {
            StackExchange.using("snippets", function() {
            createEditor();
            });
            }
            else {
            createEditor();
            }
            });

            function createEditor() {
            StackExchange.prepareEditor({
            heartbeatType: 'answer',
            autoActivateHeartbeat: false,
            convertImagesToLinks: true,
            noModals: true,
            showLowRepImageUploadWarning: true,
            reputationToPostImages: 10,
            bindNavPrevention: true,
            postfix: "",
            imageUploader: {
            brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
            contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
            allowUrls: true
            },
            onDemand: true,
            discardSelector: ".discard-answer"
            ,immediatelyShowMarkdownHelp:true
            });


            }
            });














            draft saved

            draft discarded


















            StackExchange.ready(
            function () {
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1302921%2ftell-docker-to-use-the-dns-server-in-the-host-system%23new-answer', 'question_page');
            }
            );

            Post as a guest















            Required, but never shown

























            1 Answer
            1






            active

            oldest

            votes








            1 Answer
            1






            active

            oldest

            votes









            active

            oldest

            votes






            active

            oldest

            votes









            1














            You can use the host's local DNS resolver (e.g. dnsmasq) from your Docker containers if they are on a user defined network. In that case a container's /etc/resolv.conf will have the nameserver 127.0.0.11 (a.k.a. the Docker's embedded DNS server), which can forward DNS requests to the host's loopback address properly.



            $ cat /etc/resolv.conf
            nameserver 127.0.0.1
            $ docker run --rm alpine cat /etc/resolv.conf
            nameserver 8.8.8.8
            nameserver 8.8.4.4
            $ docker network create demo
            557079c79ddf6be7d6def935fa0c1c3c8290a0db4649c4679b84f6363e3dd9a0
            $ docker run --rm --net demo alpine cat /etc/resolv.conf
            nameserver 127.0.0.11
            options ndots:0


            If you use docker-compose, it will set up a custom network for your services automatically (with a file format v2+). Note, however, that while docker-compose runs containers in a user-defined network, it still builds them in the default network. To use a custom network for builds you can specify the network parameter in the build configuration (requires file format v3.4+).






            share|improve this answer




























              1














              You can use the host's local DNS resolver (e.g. dnsmasq) from your Docker containers if they are on a user defined network. In that case a container's /etc/resolv.conf will have the nameserver 127.0.0.11 (a.k.a. the Docker's embedded DNS server), which can forward DNS requests to the host's loopback address properly.



              $ cat /etc/resolv.conf
              nameserver 127.0.0.1
              $ docker run --rm alpine cat /etc/resolv.conf
              nameserver 8.8.8.8
              nameserver 8.8.4.4
              $ docker network create demo
              557079c79ddf6be7d6def935fa0c1c3c8290a0db4649c4679b84f6363e3dd9a0
              $ docker run --rm --net demo alpine cat /etc/resolv.conf
              nameserver 127.0.0.11
              options ndots:0


              If you use docker-compose, it will set up a custom network for your services automatically (with a file format v2+). Note, however, that while docker-compose runs containers in a user-defined network, it still builds them in the default network. To use a custom network for builds you can specify the network parameter in the build configuration (requires file format v3.4+).






              share|improve this answer


























                1












                1








                1







                You can use the host's local DNS resolver (e.g. dnsmasq) from your Docker containers if they are on a user defined network. In that case a container's /etc/resolv.conf will have the nameserver 127.0.0.11 (a.k.a. the Docker's embedded DNS server), which can forward DNS requests to the host's loopback address properly.



                $ cat /etc/resolv.conf
                nameserver 127.0.0.1
                $ docker run --rm alpine cat /etc/resolv.conf
                nameserver 8.8.8.8
                nameserver 8.8.4.4
                $ docker network create demo
                557079c79ddf6be7d6def935fa0c1c3c8290a0db4649c4679b84f6363e3dd9a0
                $ docker run --rm --net demo alpine cat /etc/resolv.conf
                nameserver 127.0.0.11
                options ndots:0


                If you use docker-compose, it will set up a custom network for your services automatically (with a file format v2+). Note, however, that while docker-compose runs containers in a user-defined network, it still builds them in the default network. To use a custom network for builds you can specify the network parameter in the build configuration (requires file format v3.4+).






                share|improve this answer













                You can use the host's local DNS resolver (e.g. dnsmasq) from your Docker containers if they are on a user defined network. In that case a container's /etc/resolv.conf will have the nameserver 127.0.0.11 (a.k.a. the Docker's embedded DNS server), which can forward DNS requests to the host's loopback address properly.



                $ cat /etc/resolv.conf
                nameserver 127.0.0.1
                $ docker run --rm alpine cat /etc/resolv.conf
                nameserver 8.8.8.8
                nameserver 8.8.4.4
                $ docker network create demo
                557079c79ddf6be7d6def935fa0c1c3c8290a0db4649c4679b84f6363e3dd9a0
                $ docker run --rm --net demo alpine cat /etc/resolv.conf
                nameserver 127.0.0.11
                options ndots:0


                If you use docker-compose, it will set up a custom network for your services automatically (with a file format v2+). Note, however, that while docker-compose runs containers in a user-defined network, it still builds them in the default network. To use a custom network for builds you can specify the network parameter in the build configuration (requires file format v3.4+).







                share|improve this answer












                share|improve this answer



                share|improve this answer










                answered Sep 9 '18 at 8:24









                Eugene YarmashEugene Yarmash

                68711122




                68711122






























                    draft saved

                    draft discarded




















































                    Thanks for contributing an answer to Super User!


                    • Please be sure to answer the question. Provide details and share your research!

                    But avoid



                    • Asking for help, clarification, or responding to other answers.

                    • Making statements based on opinion; back them up with references or personal experience.


                    To learn more, see our tips on writing great answers.




                    draft saved


                    draft discarded














                    StackExchange.ready(
                    function () {
                    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1302921%2ftell-docker-to-use-the-dns-server-in-the-host-system%23new-answer', 'question_page');
                    }
                    );

                    Post as a guest















                    Required, but never shown





















































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown

































                    Required, but never shown














                    Required, but never shown












                    Required, but never shown







                    Required, but never shown







                    Popular posts from this blog

                    How to make a Squid Proxy server?

                    Is this a new Fibonacci Identity?

                    19世紀