How to pass proper DNS to your Docker containers

Image Courtesy Docker

Sometimes you will find some containers do not set proper DNS server or unable to connect to a proper DNS server. In such a case, even if you are connected to a network commands issued inside of a container like apt-get might fail with an error

Could not resolve 'archive.ubuntu.com'

Matters might further be complicated if you use a laptop, and switch between different networks like home and work. Here’s how you can make sure the right DNS servers are passed on to your containers.

On Linux

On Linux, edit the file /etc/default/docker and update the line below

DOCKER_OPTS="--dns <dns_server_1> --dns <dns_server_2>"

After this run

sudo service docker restart

If you are inside on a corporate network, set the DNS servers to your corporate DNS servers. For anywhere outside you can set them to the Google DNS servers which are 8.8.8.8 and 8.8.4.4. If you carry a laptop between office and home then you will have to switch between both the configurations depending on your site.

On Mac OS X

If you run Docker on Mac OS X, as I do, the first setup is a bit more involved. However once the setup is done the switching back and forth becomes a bit more easier. Since Docker needs Linux to run, it installs VirtualBox on OS X and a VM image on it called default. All the Docker containers run inside of this VM, referred  to as the docker machine(it used to be called boot2docker)  and is manipulated by the command docker-machine. Here is how I have set it up. Login to the default machine with the command

docker-machine ssh default
cd /usr/lib/boot2docker
vi profile

The file profile will look something like below. Add the lines for DNS to it. Again the Google DNS should suffice because you will be using the default machine when you are outside the office.

EXTRA_ARGS='
--label provider=virtualbox
--dns 8.8.8.8
--dns 8.8.4.4

'
CACERT=/var/lib/boot2docker/ca.pem
DOCKER_HOST='-H tcp://0.0.0.0:2376'
DOCKER_STORAGE=aufs
DOCKER_TLS=auto
SERVERKEY=/var/lib/boot2docker/server-key.pem
SERVERCERT=/var/lib/boot2docker/server.pem

After you save the file, exit from the machine and stop and start the default machine. The restart command does not work.

docker-machine stop default
docker-machine start default

 

Now for when you are working on your corporate network and you don’t have access to Google DNS, create a brand new machine called office. Make sure to shut down the default machine first.

docker-machine stop default
docker-machine create --driver virtualbox office
docker-machine start office
docker-machine ssh office
cd /var/lib/boot2docker
vi profile

Now edit the DNS entry for the office machine to match the DNS servers for your corporate network.

EXTRA_ARGS='
--label provider=virtualbox
--dns 10.10.1.1
--dns 10.10.2.2

'
CACERT=/var/lib/boot2docker/ca.pem
DOCKER_HOST='-H tcp://0.0.0.0:2376'
DOCKER_STORAGE=aufs
DOCKER_TLS=auto
SERVERKEY=/var/lib/boot2docker/server-key.pem
SERVERCERT=/var/lib/boot2docker/server.pem

Replace 10.10.1.1 and 10.10.2.2 with your corporate DNS servers. Remember to exit out of the office VM and stop and start it. One warning of this process is any containers that were download in the default machine will be downloaded in office machine again. Also remember every time you stop default and start office and vice-versa they might get assigned a different IP address. In which case you will have to run the command below

eval "$(docker-machine env default)" # for default
eval "$(docker-machine env office)" # for office

Do you have any other method you use ? Leave a comment below and let me know.

2 Comments

  1. I might be missing the point, but on Virtual Box when I change network from home to office, a simple `docker-machine restart ` works fine to reset things and get DNS working again. I’ve also been told VMWare doesn’t have this network switching issue.

  2. A Nice tip I found on the internet concerning virtualbox and DNS problems when switching networks (with different DNS servers).
    You can ‘enable DNS proxy in NAT mode’ this delegates DNS to Virtualbox.
    “`
    $ VBoxManage modifyvm “default” –natdnsproxy1 on
    “`

    `default` is the name of your docker VM.
    This works even better than restarting your VM

Comments are closed.