New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Docker doesn't configure UTS namespace or /etc/hostname correctly #14282
Comments
The current behavior is the correct behavior. The value you pass to docker in
What I think you are looking for is the
|
I am aware of This is strongly implied by
This would yield the following:
I believe this would give you the correct behaviour in terms of field length limits: unqualified hostname limited to 64 characters by the kernel, and the domain part limited by the resolver implementation. (Incidentally, this interpretation lends strength to your argument about |
I'm really confused then. If you don't want a fully qualified hostname, then don't pass a fully qualified hostname. |
I do want a fully qualified hostname. My argument is that the way a Linux system is properly configured with such is to put the unqualified part into |
For further clarification; the original use of
So for most things it's a non issue - everything you're likely to deploy inside the container can cope with things being configured either way. What is not the same though is the artificial limit on FQDN imposed by storing the entire qualified name in a kernel field which is applying a limit intended for the unqualified hostname. |
I see what you're wanting now. But I argue the behavior of the docker Also, using a fully qualified host name is not an uncommon practice. There are 2 different schools of thought about the hostname. The redhat school of thought, and the debian school of thought. By changing the behavior of I also personally find it rather annoying when a tool I'm using assumes it knows better than me, tries to be smart, and doesn't do what I told it to do. If I want to shoot myself in the foot, that's my problem. |
To add to @phemmer's comments, the way it works today is because we fixed an issue just under a year ago to support both Fedora/Redhat "view of the world" for hostnames as well as Ubuntu. I'm curious if something has changed in the overall code path because when I fixed that issue, |
Ahhh, the joys of fragmentation 😄 I appreciate that you have a difficult balancing act to do here - I wasn't aware that Redhat has standardised on storing the FQDN in |
Seems like there is no issue here...Can we close this? |
I would suggest if you do nothing else you should change the field validation so that you get a sensible error message when you pass an FQDN > |
@estesp There definitely seems to be a regression on Ubuntu: # docker --version
Docker version 1.8.2, build 0a8c2e3
# docker run --rm -it -h foo.bar.org ubuntu:vivid /bin/bash
root@foo:/# hostname
foo.bar.org
root@foo:/# hostname -f
foo.bar.org
root@foo:/# more /etc/hostname
foo.bar.org
root@foo:/# dnsdomainname
bar.org I see similar behavior with Debian images. |
@garyp What's the issue? that's what I would expect to see. |
@phemmer
|
|
Agreed on the root@foo:/# hostname
foo
root@foo:/# hostname -f
foo.bar.org The standard way to get the above results on Debian-based systems is for
|
Yes, that i'll agree with. That is what I was referring to with the comment:
I'm not opposed to something which would allow the desired behavior, just that it should be a new feature. The The best solution I can think of for this would be a But I think it would be best to track such a feature request in a new issue, so it has a clean history, and is clear that it is a feature request, and not a bug report. Edit: |
To add to this debate, from #20180. Linux has a limit of 64 characters for the in-kernel hostname (syscall.Sethostname), but the limit for DNS domains is 253 characters (a set of tokens <= 63 characters each). Smooshing the domainname into the hostname means my whole host+domain has to be less than 64. As far as I can tell there is no real workaround for this - it is just not possible to use longer domainnames. Standard tools like hostname and dnsdomainname already operate correctly on docker, which populates the /etc/hosts file properly for the hostname. There's not actually any reason to smoosh them together, except to act more like (broken) RedHat systems with the FQDN in /etc/hostname. The root of the problem is that the API has 2 fields (hostname and domainname) but the CLI only has hostname, but docker wants to offer both the shortest one-token name AND the FQDN as /etc/hosts aliases. I'm sort of asserting that this is semantically wrong, though the horse has already left the barn. CLI --hostname=foo.bar.com becomes:
API hostname=foo domainname=""
API hostname=foo domainname=bar.com
I'm assuming that any solution here has to retain the CLI's set of behaviors - as broken as it is semantically, it is useful and likely to cause pain. I am also assuming that we do not want to add new CLI flags (CLI will just be "wrong" but compatible, for now). Conversely, I am assuming that we can fix the two-part API case without causing too much anguish. Do I interpret correctly? |
The PR attached here adds a new flag to the API which says whether to make hostname be the FQDN or not. A simpler approach might be to make the CLI not split the |
#20200 implements the 2nd approach, which I think is a much better option. I'm happy to polish it off if someone ACKs the fix. |
Edit: My assertion about setting
domainname
may be suspect; see phemmer's comment and discussion below. The issue of erroneously passing the FQDN tosyscall.Sethostname
remains however.Environment
Problem
Docker accepts a fully qualified domain name as the argument to
--hostname
, and models separateHostname
andDomainname
fields inrunconfig.Config
; however once inside libcontainer onlyHostname
is modelled, and this erroneously includes the domain name which is then fed intosyscall.Sethostname
with the following results:This is not correct; the value passed to
syscall.Sethostname
should be the unqualified hostname, and the remainder tosyscall.Setdomainname
. This would yield the expected output:Currently, libcontainer does not invoke
syscall.Setdomainname
at all, leaving the domain name parameter of the UTS namespace uninitialised.Docker is also incorrectly generating an
/etc/hostname
file with the fully qualified name - again this should be the unqualified name, and the FQDN set by aliasing in/etc/hosts
.It could also be argued that
--hostname
should be renamed to--fqdn
, or changed so that it admits only an unqualified name and companioned by a new--domainname
option to set the remainder.Finally, the error message is uninformative:
Consequences
sethostname
system call limits the hostname to 64 characters. Because Docker is calling it with the fully qualified name, the entire FQDN is limited to 64 characters (long container name cause breakage when deriving hostname weaveworks/weave#1006)The text was updated successfully, but these errors were encountered: