Shulou(Shulou.com)06/01 Report--

This article will explain in detail how to configure container DNS in the default bridge of Docker. The editor thinks it is very practical, so I share it with you for reference. I hope you can get something after reading this article.

How to configure container DNS in the Docker default bridge. When you install Docker, a bridging network called bridge is automatically created.

Note: the Docker network feature allows you to create a user-defined network in addition to the default bridge. For more information about user-customized DNS configurations in the network, see the Docker embedded DNS section.

How does Docker provide a hostname and DNS configuration for each container without having to write the hostname internally when building a custom Docker image? The trick is to overwrite three key / etc files in the container using virtual files that can write new information. You can see this by running mount in a container:

Root@f38c87f2a42d:/# mount.../dev/disk/by-uuid/1fec...ebdf on / etc/hostname type ext4... / dev/disk/by-uuid/1fec...ebdf on / etc/hosts type ext4... / dev/disk/by-uuid/1fec...ebdf on / etc/resolv.conf type ext4.

In this way, Docker allows the host to keep the resolv.conf in all containers up-to-date after receiving the new configuration via DHCP later. The details of how Docker maintains these files in the container may change as the Docker version evolves, so instead of managing / etc files yourself, you should use the following Docker option.

Four different options affect the container domain name service.

Parameter description-h HOSTNAME or-- hostname=HOSTNAME sets the hostname of the container. The value of this setting will be written to / etc/hostname; write / etc/hosts as the name of the host-oriented IP address of the container (the author presses: add a record in / etc/hosts, IP is the IP,host that the host can access is the host you set), and the name displayed by the container inside / bin/bash at its prompt. But the host name is not easy to see from the outside of the container. It does not appear in the / etc/hosts file of docker ps or any other container. -- link=CONTAINER_NAMEor ID:ALIAS uses this option when run container to add an additional entry called ALIAS to the / etc/hosts of the new container, pointing to the IP address of the CONTAINER_NAME_or_ID identified by CONTAINER_NAME_or_ID. This allows processes in the new container to connect to the hostname ALIAS without knowing its IP. The link= option is discussed in more detail below. Because Docker can assign a different IP address to the linked container on restart, Docker updates the ALIAS entry in the recipient container's / etc/hosts file. -- dns=IP_ADDRESS... Add a nameserver line to the container's / etc/resolv.conf file with the IP address of the specified IP. If the process in the container needs to access the hostname in / etc/hosts, it will connect to port 53 of these IP addresses to find a name resolution service. -- dns-search=DOMAIN... The domain name searched when a naked unqualified hostname is used within the container by writing the search line in the / etc/resolv.conf of the container. When the container process attempts to access the host and the search domain example.com is set, for example, the DNS logic will look not only for host, but also for host.example.com. Use-- dns-search=. If you do not want to set up the search field. -- dns-opt=OPTION... Set the options used by the DNS parser by writing the options line to the container's / etc/resolv.conf. For a list of valid options, see the resolv.conf documentation

Is there any-- dns=IP_ADDRESS... ,-- dns-search=DOMAIN... Or-- dns-opt=OPTION... Option, Docker makes the / etc/resolv.conf of each container look like the / etc/resolv.conf of the host. When the / etc/resolv.conf of the container is created, Docker daemon filters out all localhost IP address nameserver entries from the host's original file.

Filtering is necessary because all localhost addresses on the host are not accessible from the container's network. After filtering, if there are no more nameserver entries in the container's / etc/resolv.conf file, Docker daemon adds Google DNS name servers (8.8.8.8 and 8.8.4.4) to the container's DNS configuration. If the daemon has IPv6 enabled, a public IPv6 Google DNS name server (2001 4860 4860 8888 and 2001 4860 8844) will also be added.

Note: if you need to access the host's localhost parser, you must modify the DNS service on the host to listen for non-localhost addresses accessible from within the container.

You might want to know what happened to the / etc/resolv.conf file of the host. Docker daemon has a file change notification program that monitors changes to the host DNS configuration.

Note: the file change notifier relies on the inotify functionality of the Linux kernel. Because this feature is currently incompatible with the overlay file system driver, Docker daemon that uses "overlay" will not be able to take advantage of the automatic update feature of / etc/resolv.conf.

When the host file changes, all stopped containers that resolv.conf matches the host are immediately updated to the latest host configuration. When the host configuration changes, the running container will need to stop and start receiving the host changes due to the lack of equipment to ensure atomic writes to the resolv.conf file while the container is running. If the container modifies the default resolv.conf file, the file will not be replaced, because if replaced, the changes made by the container will be overwritten. If the option (--dns,-- dns-search, or-- dns-opt) has been used to modify the default host configuration, changing the host's / etc/resolv.conf will not occur.

Note: for containers created before the / etc/resolv.conf update feature was implemented in Docker 1.5.0, these containers will not receive updates when the host resolv.conf file changes. Only containers created with Docker version 1.5.0 and above can use this automatic update feature.

This is the end of the article on "how to configure container DNS in the default bridge of Docker". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.