Docker with a new nameserver - docker

How I can add new nameserver in /etc/resolv.conf (dockerfile)?
On my dockerfile I use:
FROM ubuntu:14.04
RUN echo "nameserver 10.111.122.1" >> /etc/resolv.conf
On my test I use:
docker run --rm 746cb98d6c9b echo cat /etc/resolv.conf
I didn't get my change (the new nameserver)... So I try adding mannualy with
docker run --rm 746cb98d6c9b echo "nameserver 10.111.122.1" >> /etc/resolv.conf
and I get
zsh: permission denied: /etc/resolv.conf
How I can change permission of this file OR use a root user OR use a chmod in docker files ? My real task is to add and dns server for my build of this dockerfile.
I'm using a linux mint.
I'm get a correct result with a ping test on docker run command (with --dns)

So, one of the ways you can add new DNS information to your container's build process is by adding some startup options to your Docker daemon. The documentation for that process reveals that the option you'll use is --dns. The location of your configuration file depends on your specific distro. On my Linux Mint machine, the file is in /etc/default/docker. On Linux Mint, look for the DOCKER_OPTS= line, and add the appropriate --dns=x.x.x.x entries to that line.
For example, if you want to use Google's DNS, you should change that line to look like this:
DOCKER_OPTS="--dns=8.8.4.4 --dns=8.8.8.8"
Additionally, in the absense of --dns or --dns-search startup options, Docker will use the /etc/resolv.conf of the host it's running on instead.

The DNS configuration of a Docker container may be adjusted during the creation of the container and does not need to be hard-coded in the Docker image itself.
Passing a single DNS server to the container works by providing the --dns parameter:
$ docker run --rm --dns=8.8.8.8 <image>
You're free to provide more than one DNS server and you can also define other DNS related options like the DNS search name or common DNS options:
$ docker run --rm --dns=8.8.8.8 --dns=8.8.4.4 --dns-search=your.search.domain --dns-opt=timeout:50 <image>
If you pass cat /etc/resolv.conf as command to your container, you can easily verify that the passed DNS configuration options made it into the container's DNS configuration:
$ docker run --rm --dns=8.8.4.4 --dns=8.8.8.8 --dns-search=your.domain.name --dns-opt=timeout:50 alpine cat /etc/resolv.conf
search your.domain.name
nameserver 8.8.4.4
nameserver 8.8.8.8
options timeout:50
Please also refer to the docker run configuration which can be found at https://docs.docker.com/engine/reference/commandline/run/

Related

Connecting to named server from a docker container

I am trying to access a named postgres server from inside a docker container. I can access the server via it's IP address, but not its name. I've tried --net=host and -p ServerName:5432:5432 options on the docker run command.
I will demonstrate the issue:
# on the host
$ ping ServerName
# This works
$ ping 10.1.1.25
# Works
# Then enter container with:
$ winpty docker exec -it containerName bash
$ ping 10.1.1.25
# Works
$ ping ServerName
# Does NOT work
I would guess that I need to give docker some kind of mapping from the hosts knowlegde of the network to the container. I presume that would be through the network functionality, but I can't find any instructions that I understand.
And before anyone suggests it, the postgres instance cannot be moved, including being moved into a docker container of it's own.
Output of docker ps is:
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
15c7903f7ccd imageName "tail -f /dev/null" 47 minutes ago Up 47 minutes 0.0.0.0:5432->5432/tcp, 0.0.0.0:8000->8888/tcp containerName
Solved: I needed to use the --dns option in docker run command. Then, inside the container, I needed to use the fully qualified name i.e. serverName.companyName.com instead of just serverName.
Thanks to #Dupinder Singh for pointing me to some useful DNS articles (see comments on the question).

Acessing ARP table of Host from Docker container

How can I access the host ARP records from within a Docker container?
I tried to mount a volume (in a docker-compose file) /proc/net/arp:/proc/net/arp but found out that I can't make any volume with /proc. Then I tried to mount it elsewhere like /proc/net/arp:/root/arp, but then if I cat /root/arp, from within the container, the table comes out empty.
docker run -v /proc/net/arp:/root/arp alpine cat /root/arp <-- returns empty table
Ideas?
You should be good if you add privileged mode and make sure you're in host networking mode. This worked for me:
>$ docker run --net host --privileged -v /proc/net/arp:/host/arp alpine cat /host/arp

Docker does not work behind proxy

unfortunately, I can't use my docker behind the proxy , I do what googling search suggest and this is the error I get when I run sudo docker run hello-world:
Unable to find image 'hello-world:latest' locally
docker: Error response from daemon: Get https://registry-
1.docker.io/v2/: Proxy Authentication Required.
See 'docker run --help'.
this is my '/etc/systemd/system/docker.service.d/http-proxy.conf' file :
[Service]
Environment="HTTP_PROXY=http://user:pass#127.0.0.1:8800/"
Environment="HTTPS_PROXY=https://user:pass#127.0.0.1:8800/"
my "etc/default/docker" file :
export http_proxy="http://127.0.0.1:3128/"
export https_proxy="http://127.0.0.1:3128/"
export HTTP_PROXY="http://127.0.0.1:3128/"
export HTTPS_PROXY="http://127.0.0.1:3128/"
what is the problem?
thank you :)
try this,
$ sudo vim /etc/resolv.conf
#add these lines on top and above one for home router…
nameserver 8.8.8.8
nameserver 8.8.4.4
After saving the /etc/resolv.conf file.
run $ sudo systemctl daemon-reload for reloading daemon process.
Then restart your docker :
run $ sudo systemctl restart docker
Docker is not available is some countries because of some unfair sanctions by US which are targeting people directly also startups ...
Any way you can use registry docker instead of docker_hub.
But for creating images and container from micro-services and projects and run them (local) you check this Link
All the best :)

Set DNS options during docker build

Due to local network configuration I have to add --dns and --dns-search options to my docker run commands like so:
docker run --dns XX.XX.1.1 --dns-search companydomain -t mycontainer
However docker build doesn't have the same options. Is there a way to specify these options during build?
Dockerfile-based solution
You can also fix the DNS lookup problem on a per RUN-command level:
RUN echo "nameserver XX.XX.1.1" > /etc/resolv.conf && \
echo "search companydomain" >> /etc/resolv.conf && \
command_depending_on_dns_resolution
Keep in mind: This will only change the DNS resolution behaviour for this one RUN command, as changes to the /etc/resolv.conf are not persistent (I could not find any official reference for this behaviour beside from a comment from of one of the core Docker engineers Brian Goff).
The docker build uses the DNS settings of the docker engine running on the host. See my answer here for steps to update the DNS settings on the engine.

unable to edit /etc/resolv.conf in docker container

I want to add a domain entry to /etc/resolv.conf of my docker container.
Here is my dockerFile
FROM tomcat:8.0.20-jre7
VOLUME /tmp
#RUN sed -i "s|search local|domain com.example.com|g;" /etc/resolv.conf
RUN echo "domain com.example.com" >> /etc/resolv.conf
# Expose ports.
EXPOSE 8080
I tried both echo and sed.
with sed, I get error during build.
sed: cannot rename /etc/sed6LcoES: Device or resource busy
but with echo container build and run successfully.
however, when I get into container, I do not see my domain added in /etc/resolv.conf.
why is it not working?
NOTE: I have got dns-search working by passing during run argument
docker run -p 8080:8080 --dns-search=com.example.com -d --name myawesome my/myawesome:latest
but I am interested in getting dockerFile working.
This is by design. /etc/resolv.conf is used by docker engine to handle service discovery. Documentation states the following:
How can Docker supply each container with a hostname and DNS configuration, without having to build a custom image with the hostname written inside? Its trick is to overlay three crucial /etc files inside the container with virtual files where it can write fresh information … This arrangement allows Docker to do clever things like keep resolv.conf up to date across all containers when the host machine receives new configuration over DHCP later. The exact details of how Docker maintains these files inside the container can change from one Docker version to the next, so you should leave the files themselves alone and use the following Docker options instead.
If you want to override/reconfigure some dns settings, use --dns parameters during container starting. See more details:
Configure DNS in Docker
Using the standard output stream can be solved by trying the following code, the namespace section is corrected to its own DNS server IP, but this is only valid while the container is running:
echo "$(sed '2,$c nameserver 223.5.5.5\nnameserver 223.6.6.6' /etc/resolv.conf)" > /etc/resolv.conf
The sed command does not actually modify a file, but instead creates a new file to replace the original file.(so edit it by vim is ok). Because /etc/resolve.conf is mounted, replacing the original file will inform the device that it is busy.
You can observe the files being mounted by command df -ah :
Filesystem Size Used Avail Use% Mounted on
overlay 59G 7.5G 49G 14% /
...
mqueue 0 0 0 - /dev/mqueue
shm 64M 0 64M 0% /dev/shm
/dev/sda1 59G 7.5G 49G 14% /etc/resolv.conf
....
The right way, you can specify the container's DNS server IP when running docker images:
$ docker run --help|grep dns
--dns list Set custom DNS servers
--dns-option list Set DNS options
--dns-search list Set custom DNS search domains
$ docker run -it --rm --dns=223.5.5.5 --dns=223.6.6.6 centos:perf-tools /bin/bash
[root#ea0ac0fcd834 /]# cat /etc/resolv.conf
nameserver 223.5.5.5
nameserver 223.6.6.6
In addition, DNS server IP can be modified based on the docker-composer.yml configuration file:
dns: 8.8.8.8
dns:
- 8.8.8.8
- 9.9.9.9
more see: https://docs.docker.com/v17.09/compose/compose-file/#dns

Resources