Adding unbound as dns resolver Pt. 2 [WIP] #640
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Don't upgrade the docker-compose file. (Not in the scope of this feature) - No need to use aliases. Docker already resolves to service names - Use a fixed IP range, which stays clear of the network ranges used by Docker. (172.xx.0.0/16)
|
Closing. We will integrate this in setup as an optional. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is subsequent work on PR #385, originally submitted by @obi12341. Mainly some cleanup, merge to latest master and DNS testing. This is still a work in progress and this PR should facilitate discussion.
Docker compose
In a regular docker-compose setup, we cannot avoid using static IP. I don't know if this will break anything? Users will not be able to use
docker-compose up -d --scale unbound=x. (Don't know if other Mailu components are capable of doing that, never tried).Docker swarm
It is not (yet) possible in Docker swarm to use a static VIP for a service. (moby/moby#24170) Replicated services rely on the service name to be resolved, which will not work as a DNS entry. This means also that
unboundcannot be replicated, unless multiple serve entries are made.I've tried exposing the DNS server to the host network and set the DNS entry to the host IP, but docker does not allow this kind of connections between containers, it has to by bridge or overlay network.
Testing
The following things are tested:
No mail testing has been conducted as of yet. First I want to discuss this approach.