Docker-compose container using host DNS server
You don't specify which environment you're running docker-compose in e.g Mac, Windows or Unix, so it will depend a little bit on what changes are needed. You also don't specify if you're using the default bridge network in docker on a user created bridge network.
In either case, by default, Docker should try and map DNS resolution from the Docker Host into your containers. So if your Docker Host can resolve the private DNS addresses, then in theory your containers should be able to as well.
I'd recommend reading this official Docker DNS documentation as it is pretty reasonable. Here for the default Docker bridge network, here for user created bridge networks.
A slight gotcha is if you're running using Docker for Mac, Docker Machine or Docker for Windows you need to remember that your Docker Host is actually the VM running on your machine and not the physical box itself, so you need to ensure that the VM has the correct DNS resolution options set. You will need to restart your containers for changes to DNS resolution to be picked up by them.
You can of course override all the default settings using docker-compose
. It has full options for explicitly setting DNS servers, DNS search options etc. As an example:
version: 2
services:
application:
dns:
- 8.8.8.8
- 4.4.4.4
- 192.168.9.45
You'll find the documentation for those features here.
Olivier
Updated on July 01, 2021Comments
-
Olivier almost 3 years
I'm running several containers on my "Ubuntu 16.10 Server" in a "custom" bridge network with compose 2.9 (in a yml version 2.1). Most of my containers are internally using the same ports, so there is no way for me to use the "host" network driver. My containers are all links together, using the dedicated
links
attribute.But, I also need to access services exposed outside of my containers. These services have dedicated URL with names registered in my company's DNS server. While I have no problem to use public DNS and reach any public service from within my containers, I just can't reach my private DNS.
Do you know a working solution to use private DNS from a container? Or even better, use host's network DNS configuration?
PS: Of course, I can link to my company's services using the
extra_hosts
attribute in my services in my docker-compose.yml file. But... that's definitively not the goal of having a DNS. I don't want to register all my services in my YML file, and I don't want to update it each time services' IP are updated in my company.Context :
- Host: Ubuntu 16.10 server
- Docker Engine: 1.12.6
- Docker Compose: 1.9.0
- docker-compose.yml: 2.1
- Network: Own bridge.
docker-compose.yml file (extract):
version: '2.1' services: nexus: image: sonatype/nexus3:$NEXUS_VERSION container_name: nexus restart: always hostname: nexus.$URL ports: - "$NEXUS_81:8081" - "$NEXUS_443:8443" extra_hosts: - "repos.private.network:192.168.200.200" dns: - 192.168.3.7 - 192.168.111.1 - 192.168.10.5 - 192.168.10.15 volumes_from: - nexus-data networks: - pic networks: pic: driver: bridge ipam: driver: default config: - subnet: 172.18.0.0/16 gateway: 172.18.0.1
I tried with and without the
ipam
configuration for thepic
network, without any luck.Tests & Results:
docker exec -ti nexus curl repos.private.network
returns properly the HTML page served by this servicedocker exec -ti nexus curl another-service.private.network
Returnscurl: (6) Could not resolve host: another-service.private.network; Name or service not known
Whilecurl another-service.private.network
from the host returns the appropriate HTML page.And "of course"
another-service.private.network
is known in my 4 DNS servers (192.168.3.7, 192.168.111.1, 192.168.10.5, 192.168.10.15). -
Olivier over 7 yearsHi @Rob, Thanks for your answer. I'm editing my original post to add details about my conf (running on Ubuntu 16.10 server with a custom bridge).
-
user674669 about 3 yearsUpdated link with the various dns options: docs.docker.com/compose/compose-file/compose-file-v2
-
johnbt over 2 yearsYou might also need to add
network_mode
to the YAML. E.g.:network_mode: "bridge"
-
George almost 2 yearsjust out of curiosity do you list the google dns server first for a reason? I assume this searches in order meaning checks google first (8.8.8.8) then whatever 4.4.4.4 is then lastly the custom dns server? So if we want to override something like stackoverflow.com and point at a different IP address we would have to list the custom domain server first I think? follow up question. Assuming our host already uses 8.8.8.8 do we need to list it or do we just need to list the custom internal dns server? in other words is the compose.yml additive or it replaces the list?