Docker overrides my /etc/resolv.conf file inside containers
Clash Royale CLAN TAG#URR8PPP
up vote
7
down vote
favorite
I want to set my container's /etc/resolv.conf to:
nameserver 208.67.222.222
nameserver 208.67.220.220
My Dockerfile has the following line:
ADD resolv.conf /etc/resolv.conf
This added file contains the correct nameservers.
My Docker host's /etc/resolv.conf contains the correct information.
I'm running the container like this:
docker run -itd --cap-add=NET_ADMIN --device /dev/net/tun
-v /home/pi/share/ovpn:/ovpn
--privileged --network=internet_disabled --name vpn-client
--dns=208.67.222.222
openvpn-client_nat-gateway /bin/bash
Despite all of this, the container gives this output:
root@642b0f4716ba:/# cat /etc/resolv.conf
nameserver 127.0.0.11
options ndots:0
It's only after I change the resolv.conf manually from within the container (or with docker exec) that it looks right.
I'd rather avoid having to fix it with an exec command. Anybody have an idea what's going on here?
docker
asked Feb 27 '17 at 17:19
Duncan Marshall
5614
 |Â
show 1 more comment
up vote
7
down vote
favorite
I want to set my container's /etc/resolv.conf to:
nameserver 208.67.222.222
nameserver 208.67.220.220
My Dockerfile has the following line:
ADD resolv.conf /etc/resolv.conf
This added file contains the correct nameservers.
My Docker host's /etc/resolv.conf contains the correct information.
I'm running the container like this:
docker run -itd --cap-add=NET_ADMIN --device /dev/net/tun
-v /home/pi/share/ovpn:/ovpn
--privileged --network=internet_disabled --name vpn-client
--dns=208.67.222.222
openvpn-client_nat-gateway /bin/bash
Despite all of this, the container gives this output:
root@642b0f4716ba:/# cat /etc/resolv.conf
nameserver 127.0.0.11
options ndots:0
It's only after I change the resolv.conf manually from within the container (or with docker exec) that it looks right.
I'd rather avoid having to fix it with an exec command. Anybody have an idea what's going on here?
docker
asked Feb 27 '17 at 17:19
Duncan Marshall
5614
1
Considering you don't even mention the distribution running inside the container, I would easily assume you're looking/blaming the wrong thing.
– Julie Pelletier
Feb 27 '17 at 17:35
@JuliePelletier are you asking me what distribution is running in the container?
– Duncan Marshall
Feb 27 '17 at 19:38
1
Yes!!! What distribution is running inside the container? Is it Ubuntu based by any chance?
– Julie Pelletier
Feb 27 '17 at 20:29
It's resin/rpi-raspbian:jessie which is Debian based but not Ubuntu based as far as I know.
– Duncan Marshall
Feb 27 '17 at 23:12
There are a few cases described on their wiki which could explain your situation.
– Julie Pelletier
Feb 28 '17 at 0:08
 |Â
show 1 more comment
up vote
7
down vote
favorite
up vote
7
down vote
favorite
I want to set my container's /etc/resolv.conf to:
nameserver 208.67.222.222
nameserver 208.67.220.220
My Dockerfile has the following line:
ADD resolv.conf /etc/resolv.conf
This added file contains the correct nameservers.
My Docker host's /etc/resolv.conf contains the correct information.
I'm running the container like this:
docker run -itd --cap-add=NET_ADMIN --device /dev/net/tun
-v /home/pi/share/ovpn:/ovpn
--privileged --network=internet_disabled --name vpn-client
--dns=208.67.222.222
openvpn-client_nat-gateway /bin/bash
Despite all of this, the container gives this output:
root@642b0f4716ba:/# cat /etc/resolv.conf
nameserver 127.0.0.11
options ndots:0
It's only after I change the resolv.conf manually from within the container (or with docker exec) that it looks right.
I'd rather avoid having to fix it with an exec command. Anybody have an idea what's going on here?
docker
asked Feb 27 '17 at 17:19
Duncan Marshall
5614
I want to set my container's /etc/resolv.conf to:
nameserver 208.67.222.222
nameserver 208.67.220.220
My Dockerfile has the following line:
ADD resolv.conf /etc/resolv.conf
This added file contains the correct nameservers.
My Docker host's /etc/resolv.conf contains the correct information.
I'm running the container like this:
docker run -itd --cap-add=NET_ADMIN --device /dev/net/tun
-v /home/pi/share/ovpn:/ovpn
--privileged --network=internet_disabled --name vpn-client
--dns=208.67.222.222
openvpn-client_nat-gateway /bin/bash
Despite all of this, the container gives this output:
root@642b0f4716ba:/# cat /etc/resolv.conf
nameserver 127.0.0.11
options ndots:0
It's only after I change the resolv.conf manually from within the container (or with docker exec) that it looks right.
I'd rather avoid having to fix it with an exec command. Anybody have an idea what's going on here?
docker
docker
asked Feb 27 '17 at 17:19
Duncan Marshall
5614
asked Feb 27 '17 at 17:19
Duncan Marshall
5614
asked Feb 27 '17 at 17:19
Duncan Marshall
5614
asked Feb 27 '17 at 17:19
Duncan Marshall
5614
asked Feb 27 '17 at 17:19
Duncan Marshall
5614
5614
1
Considering you don't even mention the distribution running inside the container, I would easily assume you're looking/blaming the wrong thing.
– Julie Pelletier
Feb 27 '17 at 17:35
@JuliePelletier are you asking me what distribution is running in the container?
– Duncan Marshall
Feb 27 '17 at 19:38
1
Yes!!! What distribution is running inside the container? Is it Ubuntu based by any chance?
– Julie Pelletier
Feb 27 '17 at 20:29
It's resin/rpi-raspbian:jessie which is Debian based but not Ubuntu based as far as I know.
– Duncan Marshall
Feb 27 '17 at 23:12
There are a few cases described on their wiki which could explain your situation.
– Julie Pelletier
Feb 28 '17 at 0:08
 |Â
show 1 more comment
1
Considering you don't even mention the distribution running inside the container, I would easily assume you're looking/blaming the wrong thing.
– Julie Pelletier
Feb 27 '17 at 17:35
@JuliePelletier are you asking me what distribution is running in the container?
– Duncan Marshall
Feb 27 '17 at 19:38
1
Yes!!! What distribution is running inside the container? Is it Ubuntu based by any chance?
– Julie Pelletier
Feb 27 '17 at 20:29
It's resin/rpi-raspbian:jessie which is Debian based but not Ubuntu based as far as I know.
– Duncan Marshall
Feb 27 '17 at 23:12
There are a few cases described on their wiki which could explain your situation.
– Julie Pelletier
Feb 28 '17 at 0:08
1
1
Considering you don't even mention the distribution running inside the container, I would easily assume you're looking/blaming the wrong thing.
– Julie Pelletier
Feb 27 '17 at 17:35
Considering you don't even mention the distribution running inside the container, I would easily assume you're looking/blaming the wrong thing.
– Julie Pelletier
Feb 27 '17 at 17:35
@JuliePelletier are you asking me what distribution is running in the container?
– Duncan Marshall
Feb 27 '17 at 19:38
@JuliePelletier are you asking me what distribution is running in the container?
– Duncan Marshall
Feb 27 '17 at 19:38
1
1
Yes!!! What distribution is running inside the container? Is it Ubuntu based by any chance?
– Julie Pelletier
Feb 27 '17 at 20:29
Yes!!! What distribution is running inside the container? Is it Ubuntu based by any chance?
– Julie Pelletier
Feb 27 '17 at 20:29
It's resin/rpi-raspbian:jessie which is Debian based but not Ubuntu based as far as I know.
– Duncan Marshall
Feb 27 '17 at 23:12
It's resin/rpi-raspbian:jessie which is Debian based but not Ubuntu based as far as I know.
– Duncan Marshall
Feb 27 '17 at 23:12
There are a few cases described on their wiki which could explain your situation.
– Julie Pelletier
Feb 28 '17 at 0:08
There are a few cases described on their wiki which could explain your situation.
– Julie Pelletier
Feb 28 '17 at 0:08
 |Â
show 1 more comment
3 Answers
3
active
oldest
votes
up vote
3
down vote
As I can see you are using user-defined networks and Docker Engine version >= 1.10.
So from the official docker engine documentation about Embedded DNS server in user-defined networks:
These --dns IP addresses are managed by the embedded DNS server and will not be updated in the container's /etc/resolv.conf file.
Your dns has to work, but you will not see in any configuration file.
References.
edited Mar 7 '17 at 15:04
GAD3R
22.9k164895
answered Mar 7 '17 at 14:38
Thiago Almeida
515
add a comment |Â
up vote
2
down vote
AFAIK, docker overrides some files in an image when it's started, even if they were ADDed in Dockerfile. This for sure includes /etc/hosts, and most probably the same happens for /etc/resolv.conf too. This is apparently used to properly build the default "internal" network of Docker (so that images see each other, but not host, etc.) If you are really sure you want to override/modify some of those files, I believe you must do that as part of the runtime actions, that is as part of the CMD line. For example:
...
ADD resolv.conf /etc/resolv.conf.override
CMD cp /etc/resolv.conf.override /etc/resolv.conf &&
your_old_commands...
answered Mar 1 '17 at 14:45
akavel
1485
This is correct./etc/resolv.confis copied from the host when a container is started.
– wisbucky
Jun 27 at 21:40
add a comment |Â
up vote
0
down vote
I have solved the issue if it is the web app for containers in Azure.
There are 2 containers mate.
Kudu and the host
Steps
1.Install the ssh from your docker file ( also include a sshd config )
2.create a containerstart.sh ( which updates the resolv.conf)
3.Set the entry point inside there
Now the host resolv.conf gets updated and you can use any dns you desire
PS: If you can't pick up the custom DNS in the network do not worry. We could not either. Might need to resetup if you are using an ASE environment
answered Aug 31 at 10:45
Rıfat Erdem Sahin
1012
add a comment |Â
3 Answers
3
active
oldest
votes
3 Answers
3
active
oldest
votes
active
oldest
votes
active
oldest
votes
up vote
3
down vote
As I can see you are using user-defined networks and Docker Engine version >= 1.10.
So from the official docker engine documentation about Embedded DNS server in user-defined networks:
These --dns IP addresses are managed by the embedded DNS server and will not be updated in the container's /etc/resolv.conf file.
Your dns has to work, but you will not see in any configuration file.
References.
edited Mar 7 '17 at 15:04
GAD3R
22.9k164895
answered Mar 7 '17 at 14:38
Thiago Almeida
515
add a comment |Â
up vote
3
down vote
As I can see you are using user-defined networks and Docker Engine version >= 1.10.
So from the official docker engine documentation about Embedded DNS server in user-defined networks:
These --dns IP addresses are managed by the embedded DNS server and will not be updated in the container's /etc/resolv.conf file.
Your dns has to work, but you will not see in any configuration file.
References.
edited Mar 7 '17 at 15:04
GAD3R
22.9k164895
answered Mar 7 '17 at 14:38
Thiago Almeida
515
add a comment |Â
up vote
3
down vote
up vote
3
down vote
As I can see you are using user-defined networks and Docker Engine version >= 1.10.
So from the official docker engine documentation about Embedded DNS server in user-defined networks:
These --dns IP addresses are managed by the embedded DNS server and will not be updated in the container's /etc/resolv.conf file.
Your dns has to work, but you will not see in any configuration file.
References.
edited Mar 7 '17 at 15:04
GAD3R
22.9k164895
answered Mar 7 '17 at 14:38
Thiago Almeida
515
As I can see you are using user-defined networks and Docker Engine version >= 1.10.
So from the official docker engine documentation about Embedded DNS server in user-defined networks:
These --dns IP addresses are managed by the embedded DNS server and will not be updated in the container's /etc/resolv.conf file.
Your dns has to work, but you will not see in any configuration file.
References.
edited Mar 7 '17 at 15:04
GAD3R
22.9k164895
answered Mar 7 '17 at 14:38
Thiago Almeida
515
edited Mar 7 '17 at 15:04
GAD3R
22.9k164895
edited Mar 7 '17 at 15:04
GAD3R
22.9k164895
edited Mar 7 '17 at 15:04
GAD3R
22.9k164895
22.9k164895
answered Mar 7 '17 at 14:38
Thiago Almeida
515
answered Mar 7 '17 at 14:38
Thiago Almeida
515
answered Mar 7 '17 at 14:38
Thiago Almeida
515
515
add a comment |Â
add a comment |Â
up vote
2
down vote
AFAIK, docker overrides some files in an image when it's started, even if they were ADDed in Dockerfile. This for sure includes /etc/hosts, and most probably the same happens for /etc/resolv.conf too. This is apparently used to properly build the default "internal" network of Docker (so that images see each other, but not host, etc.) If you are really sure you want to override/modify some of those files, I believe you must do that as part of the runtime actions, that is as part of the CMD line. For example:
...
ADD resolv.conf /etc/resolv.conf.override
CMD cp /etc/resolv.conf.override /etc/resolv.conf &&
your_old_commands...
answered Mar 1 '17 at 14:45
akavel
1485
This is correct./etc/resolv.confis copied from the host when a container is started.
– wisbucky
Jun 27 at 21:40
add a comment |Â
up vote
2
down vote
AFAIK, docker overrides some files in an image when it's started, even if they were ADDed in Dockerfile. This for sure includes /etc/hosts, and most probably the same happens for /etc/resolv.conf too. This is apparently used to properly build the default "internal" network of Docker (so that images see each other, but not host, etc.) If you are really sure you want to override/modify some of those files, I believe you must do that as part of the runtime actions, that is as part of the CMD line. For example:
...
ADD resolv.conf /etc/resolv.conf.override
CMD cp /etc/resolv.conf.override /etc/resolv.conf &&
your_old_commands...
answered Mar 1 '17 at 14:45
akavel
1485
This is correct./etc/resolv.confis copied from the host when a container is started.
– wisbucky
Jun 27 at 21:40
add a comment |Â
up vote
2
down vote
up vote
2
down vote
AFAIK, docker overrides some files in an image when it's started, even if they were ADDed in Dockerfile. This for sure includes /etc/hosts, and most probably the same happens for /etc/resolv.conf too. This is apparently used to properly build the default "internal" network of Docker (so that images see each other, but not host, etc.) If you are really sure you want to override/modify some of those files, I believe you must do that as part of the runtime actions, that is as part of the CMD line. For example:
...
ADD resolv.conf /etc/resolv.conf.override
CMD cp /etc/resolv.conf.override /etc/resolv.conf &&
your_old_commands...
answered Mar 1 '17 at 14:45
akavel
1485
AFAIK, docker overrides some files in an image when it's started, even if they were ADDed in Dockerfile. This for sure includes /etc/hosts, and most probably the same happens for /etc/resolv.conf too. This is apparently used to properly build the default "internal" network of Docker (so that images see each other, but not host, etc.) If you are really sure you want to override/modify some of those files, I believe you must do that as part of the runtime actions, that is as part of the CMD line. For example:
...
ADD resolv.conf /etc/resolv.conf.override
CMD cp /etc/resolv.conf.override /etc/resolv.conf &&
your_old_commands...
answered Mar 1 '17 at 14:45
akavel
1485
answered Mar 1 '17 at 14:45
akavel
1485
answered Mar 1 '17 at 14:45
akavel
1485
answered Mar 1 '17 at 14:45
akavel
1485
1485
This is correct./etc/resolv.confis copied from the host when a container is started.
– wisbucky
Jun 27 at 21:40
add a comment |Â
This is correct./etc/resolv.confis copied from the host when a container is started.
– wisbucky
Jun 27 at 21:40
This is correct.
/etc/resolv.conf is copied from the host when a container is started.– wisbucky
Jun 27 at 21:40
This is correct.
/etc/resolv.conf is copied from the host when a container is started.– wisbucky
Jun 27 at 21:40
add a comment |Â
up vote
0
down vote
I have solved the issue if it is the web app for containers in Azure.
There are 2 containers mate.
Kudu and the host
Steps
1.Install the ssh from your docker file ( also include a sshd config )
2.create a containerstart.sh ( which updates the resolv.conf)
3.Set the entry point inside there
Now the host resolv.conf gets updated and you can use any dns you desire
PS: If you can't pick up the custom DNS in the network do not worry. We could not either. Might need to resetup if you are using an ASE environment
answered Aug 31 at 10:45
Rıfat Erdem Sahin
1012
add a comment |Â
up vote
0
down vote
I have solved the issue if it is the web app for containers in Azure.
There are 2 containers mate.
Kudu and the host
Steps
1.Install the ssh from your docker file ( also include a sshd config )
2.create a containerstart.sh ( which updates the resolv.conf)
3.Set the entry point inside there
Now the host resolv.conf gets updated and you can use any dns you desire
PS: If you can't pick up the custom DNS in the network do not worry. We could not either. Might need to resetup if you are using an ASE environment
answered Aug 31 at 10:45
Rıfat Erdem Sahin
1012
add a comment |Â
up vote
0
down vote
up vote
0
down vote
I have solved the issue if it is the web app for containers in Azure.
There are 2 containers mate.
Kudu and the host
Steps
1.Install the ssh from your docker file ( also include a sshd config )
2.create a containerstart.sh ( which updates the resolv.conf)
3.Set the entry point inside there
Now the host resolv.conf gets updated and you can use any dns you desire
PS: If you can't pick up the custom DNS in the network do not worry. We could not either. Might need to resetup if you are using an ASE environment
answered Aug 31 at 10:45
Rıfat Erdem Sahin
1012
I have solved the issue if it is the web app for containers in Azure.
There are 2 containers mate.
Kudu and the host
Steps
1.Install the ssh from your docker file ( also include a sshd config )
2.create a containerstart.sh ( which updates the resolv.conf)
3.Set the entry point inside there
Now the host resolv.conf gets updated and you can use any dns you desire
PS: If you can't pick up the custom DNS in the network do not worry. We could not either. Might need to resetup if you are using an ASE environment
answered Aug 31 at 10:45
Rıfat Erdem Sahin
1012
answered Aug 31 at 10:45
Rıfat Erdem Sahin
1012
answered Aug 31 at 10:45
Rıfat Erdem Sahin
1012
answered Aug 31 at 10:45
Rıfat Erdem Sahin
1012
1012
add a comment |Â
add a comment |Â
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
StackExchange.ready(
function ()
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f347939%2fdocker-overrides-my-etc-resolv-conf-file-inside-containers%23new-answer', 'question_page');
);
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Sign up or log in
StackExchange.ready(function ()
StackExchange.helpers.onClickDraftSave('#login-link');
);
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
1
Considering you don't even mention the distribution running inside the container, I would easily assume you're looking/blaming the wrong thing.
– Julie Pelletier
Feb 27 '17 at 17:35
@JuliePelletier are you asking me what distribution is running in the container?
– Duncan Marshall
Feb 27 '17 at 19:38
1
Yes!!! What distribution is running inside the container? Is it Ubuntu based by any chance?
– Julie Pelletier
Feb 27 '17 at 20:29
It's resin/rpi-raspbian:jessie which is Debian based but not Ubuntu based as far as I know.
– Duncan Marshall
Feb 27 '17 at 23:12
There are a few cases described on their wiki which could explain your situation.
– Julie Pelletier
Feb 28 '17 at 0:08