New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SkyDNS can't listen on in CoreOS 1151.0.0 #1545

steveeJ opened this Issue Aug 29, 2016 · 3 comments



steveeJ commented Aug 29, 2016

CoreOS Version


$ cat /etc/os-release


I have a SkyDNS container that uses --net=host and attempts to listen on

Expected Behavior

SkyDNS works.

Actual Behavior

SkyDNS doesn't work, because systemd-resolved is listening on, causing SkyDNS to fail.

Reproduction Steps

  1. Boot CoreOS 1151.0.0
  2. etcdctl set /skydns/config {"dns_addr":""}
  3. sudo /usr/bin/rkt run --debug --net=host docker://skynetservices/skydns --insecure-options=image

Other Information

This has worked in the past without any configuration change.

Feature Request

Disable systemd-resolved by default, or revert whatever caused it to claim that socket.

@steveeJ steveeJ changed the title from SkyDNS can't listen on since CoreOS 1151.0.0 to SkyDNS can't listen on in CoreOS 1151.0.0 Aug 29, 2016

@crawford crawford added this to the CoreOS Alpha 1165.0.0 milestone Aug 30, 2016

@dm0- dm0- self-assigned this Aug 30, 2016


This comment has been minimized.


dm0- commented Aug 30, 2016

We discussed this, and I will send a PR upstream shortly to make enabling the stub resolver configurable. I'll leave it enabled by default for upstream consistency, but we will disable it on CoreOS.


This comment has been minimized.


philips commented Aug 30, 2016

And as a workaround doing systemctl mask systemd-resolved works if you are running your own full resolver. However, if you rely on /etc/resolv.conf entries from DHCP it will break.

Also, this issue will be fixed before Beta and we will default this behavior to off.


This comment has been minimized.


dm0- commented Sep 6, 2016

We are unconditionally disabling the DNS stub resolver's listening ports on the next alpha and beta, until upstream agrees on a configurable option.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment