-
Notifications
You must be signed in to change notification settings - Fork 2
Docker and DNS
- Last modified: fre apr 12, 2019 11:12
- Sign: JN
- Tested on: Xubuntu 18.04
- Solved: Yes
Can't access internet from within a docker container started on a computer behind the NRM firewall.
Specify an address to a NRM DNS server at run time.
Basically, the file /etc/resolv.conf
is copied in to the docker container when started, and if the
settings there doesn't work, your container can't access internet (DNS lookups will fail).
On Ubuntu 18.04, the /etc/resolv.conf
file is generated by systemd-resolved
and will default to
a "local DNS cache" 127.0.0.53
, which will not work inside a container. Docker then changes the
default DNS addresses to Googles DNS servers (8.8.8.8
), which access appear to be blocked by the NRM
firewall.
One workaround is to specify an IP to a NRM DNS server when running docker. For example:
$ docker run --dns 172.16.0.9 -it debian:sid /bin/bash
The correct DNS address(es) can be found by running $ nmcli device show eth0 | grep IP4.DNS
.
You might have to change eth0
to the name of your active network device (which can be found
by, e.g., $ nmcli dev status
.)
There are potentially other ways of making sure docker sees the NRM DNS addresses (see https://stackoverflow.com/questions/20430371/my-docker-container-has-no-internet), but I haven't settled with a long-term, stable, solution.
For detailed information on this issue, see the Docker documentation on https://docs.docker.com/v17.09/engine/installation/linux/linux-postinstall/#ip-forwarding-problems
Description on a working solution is most welcome.