This repository has been archived by the owner on Mar 28, 2018. It is now read-only.
docker swarm: dns resolution fails #854
Assignees
Labels
Comments
|
@devimc We need to add this to our release notes. |
|
great! thanks @mcastelino and nice description |
|
This issue was moved to clearcontainers/runtime#121 |
|
Reopen to have a documented limitation of this issue |
jcvenegas
added a commit
to jcvenegas/cc-oci-runtime
that referenced
this issue
Jun 22, 2017
** Changes - Devicemapper storage - version: Update container image to 16020 - obs: Update packaging to include kernel config changes for xfs - cc-oci-runtime.sh: Enable debug by default - configure: Add warning when kernel or image is not found - proxy: Better error message for too long socket path - tests: metrics: formalise the metrics reporting methods - build: Adds option to install kernel and image ** Shortlog 271223a tests: Skip docker cp integration test for devicemapper storage 9b91166 tests: Fix functional tests to include workload directory 66cbd66 tests: Fix state tests and add check for workload_dir. b8ffdb1 tests: Fix mounts test for unmounting volume. 97922b5 storage: Pass drive name to hyperstart with the newcontainer command dd13e32 storage: Pass block device to qemu if found. b95748f state: Store the block storage device file system type and index 2d783ae storage: Add function to check the storage for container rootfs e05e368 mount: Add function to return the device name and file system type b1768e8 mount: Add function to get the mount point given a path f9c0d36 storage: Add function to check if device is a devicemapper device 2c8374d mount: Add function to get underlying device for a path. 69abef6 state: Update the rootfs and workload dir config from state f202ba4 namespace: Do not join mount namespace while unmounting. 9d8a083 mounts: Unmount the container rootfs 61b8b8b proxy: Pass hyperstart fsmap array with newcontainer command. 27f25fc proxy: Pass shared directory to hyperstart. 0af8583 state: Store the workload dir and rootfs mount to state. 53dc5ff state: Add the host_path and mnt_dir field to state. 4bb2d17 mounts: Bind mount container rootfs to workload directory 65d5eb4 config: Add a new field "workload_dir" to config for the worload path fb9f94e mounts: Factorise the pod function for bind-mouting rootfs 5249cb4 9pfs: Dynamically add 9pfs options to qemu. 0ef2f8c version: Update container image to version 16020 b1fcd2a obs: Update packaging to include kernel config changes for xfs 567127f cc-oci-runtime.sh: Enable debug by default 053ea8e tests: Fix make discheck running proxy d10dc46 configure: Add warning when kernel or image is not found c543dcb proxy: Better error message for too long socket path 5b83071 tests: metrics: density: Use the new metrics reporting function 35de59e tests: metrics: Update README with details of new infra 9a4daf9 tests: metrics: Add script to save results into csv 827347d tests: common: Add new method for saving results 68c2673 build: Adds option to install kernel and image ** Compatibility with Docker Clear Containers 2.2.0 is compatible with Docker v17.05.0-ce ** OCI Runtime Specification Clear Containers 2.2.0 support the OCI Runtime Specification [1.0.0-rc5][ocispec] ** Clear Linux Containers image Clear Containers 2.2.0 requires at least Clear Linux containers image [16020][clearlinuximage] ** Clear Linux Containers Kernel Clear Containers 2.2.0 requires at least Clear Linux Containers kernel 4.9.33-74 * Installation - [Centos][centos] - [Ubuntu][ubuntu] - [Fedora][fedora] - [Clear Linux][clearlinux] * Issues & limitations - Qemu segfault (free(): invalid pointer) running dnf install intel#669 - DNS Resolution in Swarm intel#854 - docker rm -f reports 'Driver devicemapper failed to remove root filesystem' intel#795 [centos]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Centos-7.md [ubuntu]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Ubuntu.md [fedora]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Fedora.md [clearlinux]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-ClearLinux.md [clearlinuximage]: https://download.clearlinux.org/releases/16020/clear/clear-16020-containers.img.xz [ocispec]: https://github.com/opencontainers/runtime-spec/releases/tag/v1.0.0-rc5 Fixes: intel#1003 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Merged
jcvenegas
added a commit
to jcvenegas/cc-oci-runtime
that referenced
this issue
Jun 29, 2017
* Release 2.2.0 ** Changes - versions: update kernel to linux-container-4.9.34-75 - shim: Add command line option to show version information - storage: Perform sync operation before vm is shutdown - tests: Use nginx:1.13.0 for swarm tests - proxy: Lift the numbers of opened file descriptors limit - CI: Enforce checkcommits. - Fix unnecessary bash-isms in installation script ** Shortlog 3eeda89 versions: update kernel to linux-container-4.9.34-75 4e8f155 version: Add command line option to show version information 21b874a storage: Perform sync operation before vm is shutdown 191e9f8 tests: Use nginx:1.13.0 for swarm tests 2f22de2 proxy: Lift the numbers of opened file descriptors limit 55eba02 CI: Enforce checkcommits. 6566262 Fix unnecessary bash-isms in installation script ** Compatibility with Docker Clear Containers 2.2.0 is compatible with Docker v17.05.0-ce ** OCI Runtime Specification Clear Containers 2.2.0 support the OCI Runtime Specification [1.0.0-rc5][ocispec] ** Clear Linux Containers image Clear Containers 2.2.0 requires at least Clear Linux containers image [16160][clearlinuximage] ** Clear Linux Containers Kernel Clear Containers 2.2.0 requires at least Clear Linux Containers kernel 4.9.34-75 * Installation - [Centos][centos] - [Ubuntu][ubuntu] - [Fedora][fedora] - [Clear Linux][clearlinux] * Issues & limitations - Qemu segfault (free(): invalid pointer) running dnf install intel#669 - DNS Resolution in Swarm intel#854 - docker rm -f reports 'Driver devicemapper failed to remove root filesystem' intel#795 [centos]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Centos-7.md [ubuntu]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Ubuntu.md [fedora]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Fedora.md [clearlinux]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-ClearLinux.md [clearlinuximage]: https://download.clearlinux.org/releases/16160/clear/clear-16160-containers.img.xz [ocispec]: https://github.com/opencontainers/runtime-spec/releases/tag/v1.0.0-rc5 Fixes: intel#1022 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Merged
jcvenegas
added a commit
to jcvenegas/cc-oci-runtime
that referenced
this issue
Jun 29, 2017
* Release 2.2.2 ** Changes - versions: update kernel to linux-container-4.9.34-75 - shim: Add command line option to show version information - storage: Perform sync operation before vm is shutdown - tests: Use nginx:1.13.0 for swarm tests - proxy: Lift the numbers of opened file descriptors limit - CI: Enforce checkcommits. - Fix unnecessary bash-isms in installation script ** Shortlog 3eeda89 versions: update kernel to linux-container-4.9.34-75 4e8f155 version: Add command line option to show version information 21b874a storage: Perform sync operation before vm is shutdown 191e9f8 tests: Use nginx:1.13.0 for swarm tests 2f22de2 proxy: Lift the numbers of opened file descriptors limit 55eba02 CI: Enforce checkcommits. 6566262 Fix unnecessary bash-isms in installation script ** Compatibility with Docker Clear Containers 2.2.1 is compatible with Docker v17.05.0-ce ** OCI Runtime Specification Clear Containers 2.2.1 support the OCI Runtime Specification [1.0.0-rc5][ocispec] ** Clear Linux Containers image Clear Containers 2.2.1 requires at least Clear Linux containers image [16160][clearlinuximage] ** Clear Linux Containers Kernel Clear Containers 2.2.1 requires at least Clear Linux Containers kernel 4.9.34-75 * Installation - [Centos][centos] - [Ubuntu][ubuntu] - [Fedora][fedora] - [Clear Linux][clearlinux] * Issues & limitations - Qemu segfault (free(): invalid pointer) running dnf install intel#669 - DNS Resolution in Swarm intel#854 - docker rm -f reports 'Driver devicemapper failed to remove root filesystem' intel#795 [centos]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Centos-7.md [ubuntu]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Ubuntu.md [fedora]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Fedora.md [clearlinux]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-ClearLinux.md [clearlinuximage]: https://download.clearlinux.org/releases/16160/clear/clear-16160-containers.img.xz [ocispec]: https://github.com/opencontainers/runtime-spec/releases/tag/v1.0.0-rc5 Fixes: intel#1022 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
jcvenegas
added a commit
to jcvenegas/cc-oci-runtime
that referenced
this issue
Jul 6, 2017
* Release 2.2.2 ** Changes - artifacts: Remove OBS common artifacsts between 2.x and 3.x - versions: Update kernel and image versions - Tests: Change nginx image for swarm tests - install: Extract autoconf-archive install to separate script ** Shortlog ef8144e artifacts: Remove OBS common artifacsts between 2.x and 3.x 73e28fe versions: Update kernel and image versions 3a9e3d7 Tests: Change nginx image for swarm tests 82cfb1f install: Extract autoconf-archive install to separate script ** Compatibility with Docker Clear Containers 2.2.2 is compatible with Docker v17.05.0-ce ** OCI Runtime Specification Clear Containers 2.2.2 support the OCI Runtime Specification [1.0.0-rc5][ocispec] ** Clear Linux Containers image Clear Containers 2.2.2 requires at least Clear Linux containers image [16180][clearlinuximage] ** Clear Linux Containers Kernel Clear Containers 2.2.2 requires at least Clear Linux Containers kernel 4.9.35-76 * Installation - [Centos][centos] - [Ubuntu][ubuntu] - [Fedora][fedora] - [Clear Linux][clearlinux] * Issues & limitations - Qemu segfault (free(): invalid pointer) running dnf install intel#669 - DNS Resolution in Swarm intel#854 - docker rm -f reports 'Driver devicemapper failed to remove root filesystem' intel#795 [centos]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Centos-7.md [ubuntu]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Ubuntu.md [fedora]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Fedora.md [clearlinux]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-ClearLinux.md [clearlinuximage]: https://download.clearlinux.org/releases/16180/clear/clear-16180-containers.img.xz [ocispec]: https://github.com/opencontainers/runtime-spec/releases/tag/v1.0.0-rc5 Fixes: intel#1033 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Merged
jcvenegas
added a commit
to jcvenegas/cc-oci-runtime
that referenced
this issue
Jul 13, 2017
* Release 2.2.3 ** Changes - tests: Dockerfile for Nginx for swarm tests - delete: Fail if try to delete a non-stopped container. ** Shortlog 91aacdf tests: Dockerfile for Nginx for swarm tests 5121969 delete: allow destroy_pod fail if vm die 29f8aa2 tests: functional: check delete fails without kill a51537c delete: Delete container only if state is STOPPED ** Compatibility with Docker Clear Containers 2.2.3 is compatible with Docker v17.05.0-ce ** OCI Runtime Specification Clear Containers 2.2.3 support the OCI Runtime Specification [1.0.0-rc5][ocispec] ** Clear Linux Containers image Clear Containers 2.2.3 requires at least Clear Linux containers image [16180][clearlinuximage] ** Clear Linux Containers Kernel Clear Containers 2.2.3 requires at least Clear Linux Containers kernel 4.9.35-76 * Installation - [Centos][centos] - [Ubuntu][ubuntu] - [Fedora][fedora] - [Clear Linux][clearlinux] * Issues & limitations - Qemu segfault (free(): invalid pointer) running dnf install intel#669 - DNS Resolution in Swarm intel#854 - docker rm -f reports 'Driver devicemapper failed to remove root filesystem' intel#795 [centos]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Centos-7.md [ubuntu]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Ubuntu.md [fedora]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Fedora.md [clearlinux]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-ClearLinux.md [clearlinuximage]: https://download.clearlinux.org/releases/16180/clear/clear-16180-containers.img.xz [ocispec]: https://github.com/opencontainers/runtime-spec/releases/tag/v1.0.0-rc5 Fixes: intel#1040 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Merged
jcvenegas
added a commit
to jcvenegas/cc-oci-runtime
that referenced
this issue
Jul 13, 2017
* Release 2.2.3 ** Changes - tests: Dockerfile for Nginx for swarm tests - delete: Fail if try to delete a non-stopped container. ** Shortlog 91aacdf tests: Dockerfile for Nginx for swarm tests 5121969 delete: allow destroy_pod fail if vm die 29f8aa2 tests: functional: check delete fails without kill a51537c delete: Delete container only if state is STOPPED ** Compatibility with Docker Clear Containers 2.2.3 is compatible with Docker v17.05.0-ce ** OCI Runtime Specification Clear Containers 2.2.3 support the OCI Runtime Specification [1.0.0-rc5][ocispec] ** Clear Linux Containers image Clear Containers 2.2.3 requires at least Clear Linux containers image [16180][clearlinuximage] ** Clear Linux Containers Kernel Clear Containers 2.2.3 requires at least Clear Linux Containers kernel 4.9.35-76 * Installation - [Centos][centos] - [Ubuntu][ubuntu] - [Fedora][fedora] - [Clear Linux][clearlinux] * Issues & limitations - Qemu segfault (free(): invalid pointer) running dnf install intel#669 - DNS Resolution in Swarm intel#854 - docker rm -f reports 'Driver devicemapper failed to remove root filesystem' intel#795 [centos]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Centos-7.md [ubuntu]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Ubuntu.md [fedora]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Fedora.md [clearlinux]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-ClearLinux.md [clearlinuximage]: https://download.clearlinux.org/releases/16180/clear/clear-16180-containers.img.xz [ocispec]: https://github.com/opencontainers/runtime-spec/releases/tag/v1.0.0-rc5 Fixes: intel#1040 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
jcvenegas
added a commit
to jcvenegas/cc-oci-runtime
that referenced
this issue
Jul 13, 2017
** Changes - tests: Dockerfile for Nginx for swarm tests - delete: Fail if try to delete a non-stopped container. ** Shortlog 91aacdf tests: Dockerfile for Nginx for swarm tests 5121969 delete: allow destroy_pod fail if vm die 29f8aa2 tests: functional: check delete fails without kill a51537c delete: Delete container only if state is STOPPED ** Compatibility with Docker Clear Containers 2.2.3 is compatible with Docker v17.05.0-ce ** OCI Runtime Specification Clear Containers 2.2.3 support the OCI Runtime Specification [1.0.0-rc5][ocispec] ** Clear Linux Containers image Clear Containers 2.2.3 requires at least Clear Linux containers image [16180][clearlinuximage] ** Clear Linux Containers Kernel Clear Containers 2.2.3 requires at least Clear Linux Containers kernel 4.9.35-76 * Installation - [Centos][centos] - [Ubuntu][ubuntu] - [Fedora][fedora] - [Clear Linux][clearlinux] * Issues & limitations - Qemu segfault (free(): invalid pointer) running dnf install intel#669 - DNS Resolution in Swarm intel#854 - docker rm -f reports 'Driver devicemapper failed to remove root filesystem' intel#795 [centos]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Centos-7.md [ubuntu]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Ubuntu.md [fedora]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Fedora.md [clearlinux]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-ClearLinux.md [clearlinuximage]: https://download.clearlinux.org/releases/16180/clear/clear-16180-containers.img.xz [ocispec]: https://github.com/opencontainers/runtime-spec/releases/tag/v1.0.0-rc5 Fixes: intel#1040 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Merged
jcvenegas
added a commit
to jcvenegas/cc-oci-runtime
that referenced
this issue
Jul 28, 2017
** Changes - versions: Update image to version 16670 - OBS: add dependencies' versions - documentation: ciao-down prepare is now ciao-down create ** Shortlog cbdfd1d versions: Update image to version 16670 2c13fb1 OBS: add dependencies' versions 68d00dc documentation: Add the -u flag when go getting ciao-down 0c9d6bb documentation: ciao-down prepare is now ciao-down create ** Compatibility with Docker Clear Containers 2.2.4 is compatible with Docker v17.05.0-ce ** OCI Runtime Specification Clear Containers 2.2.4 support the OCI Runtime Specification [1.0.0-rc5][ocispec] ** Clear Linux Containers image Clear Containers 2.2.4 requires at least Clear Linux containers image [16670][clearlinuximage] ** Clear Linux Containers Kernel Clear Containers 2.2.4 requires at least Clear Linux Containers kernel 4.9.35-76 * Installation - [Centos][centos] - [Ubuntu][ubuntu] - [Fedora][fedora] - [Clear Linux][clearlinux] * Issues & limitations - Qemu segfault (free(): invalid pointer) running dnf install intel#669 - DNS Resolution in Swarm intel#854 - docker rm -f reports 'Driver devicemapper failed to remove root filesystem' intel#795 compatibility with docker 17.06 intel#1021 [centos]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Centos-7.md [ubuntu]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Ubuntu.md [fedora]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Fedora.md [clearlinux]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-ClearLinux.md [clearlinuximage]: https://download.clearlinux.org/releases/16670/clear/clear-16670-containers.img.xz [ocispec]: https://github.com/opencontainers/runtime-spec/releases/tag/v1.0.0-rc5 Fixes: intel#1050 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
jcvenegas
added a commit
to jcvenegas/cc-oci-runtime
that referenced
this issue
Jul 28, 2017
** Changes - versions: Update image to version 16670 - OBS: add dependencies' versions - documentation: ciao-down prepare is now ciao-down create ** Shortlog cbdfd1d versions: Update image to version 16670 2c13fb1 OBS: add dependencies' versions 68d00dc documentation: Add the -u flag when go getting ciao-down 0c9d6bb documentation: ciao-down prepare is now ciao-down create ** Compatibility with Docker Clear Containers 2.2.4 is compatible with Docker v17.05.0-ce ** OCI Runtime Specification Clear Containers 2.2.4 support the OCI Runtime Specification [1.0.0-rc5][ocispec] ** Clear Linux Containers image Clear Containers 2.2.4 requires at least Clear Linux containers image [16670][clearlinuximage] ** Clear Linux Containers Kernel Clear Containers 2.2.4 requires at least Clear Linux Containers kernel 4.9.35-76 * Installation - [Centos][centos] - [Ubuntu][ubuntu] - [Fedora][fedora] - [Clear Linux][clearlinux] * Issues & limitations - Qemu segfault (free(): invalid pointer) running dnf install intel#669 - DNS Resolution in Swarm intel#854 - docker rm -f reports 'Driver devicemapper failed to remove root filesystem' intel#795 compatibility with docker 17.06 intel#1021 [centos]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Centos-7.md [ubuntu]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Ubuntu.md [fedora]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-Fedora.md [clearlinux]: https://github.com/01org/cc-oci-runtime/blob/master/documentation/Installing-Clear-Containers-on-ClearLinux.md [clearlinuximage]: https://download.clearlinux.org/releases/16670/clear/clear-16670-containers.img.xz [ocispec]: https://github.com/opencontainers/runtime-spec/releases/tag/v1.0.0-rc5 Fixes: intel#1050 Signed-off-by: Jose Carlos Venegas Munoz <jose.carlos.venegas.munoz@intel.com>
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
When running Clear Container based containers in a docker swarm, DNS resolution does not work both for internal and external DNS when the DNS resolution is performed from within the Clear Container.
This is due to the way the DNS resolution is implemented within docker swarm.
DNS Resolution in Swarm
All docker swarm containers have the DNS resolver set to 127.0.0.11:53
Docker swarm has an internal DNS based load balancer that RRs the DNS requests to spread load.
That runs on the localhost on the host bound to a host port specific to the container.
https://github.com/docker/libnetwork/blob/5ac04367ae7b0b12c33bed5f5b395bd4c104fff9/sandbox.go#L815
There is a iptables rule injected into the container namespace which is used to implement the docker DNS load balancer/resolver. That way 127.0.0.11:53 maps to a specific port on which the corresponding resolver is running.
Here the DNS request is NATed to a container specific TCP and UDP port.
The resolver in this case is dockerd
In the case of clear containers there is currently no way for the DNS request from within the VM to talk to the dockerd running on the host side. The only host connectivity that the VM has is via the docker_gwbridge. However the DNS resolver running within the network namespace is not reachable via the VM.
Network setup with Clear Containers
Internal DNS Resolution
Internal DNS resolution is handled completely by dockerd. So dockerd directly responds to the DNS request from the container process for any cluster local resource.
External DNS Resolution
External DNS resolution is not handled by dockerd. When dockerd is unable to resolve the name to a cluster local resource it will then perform a DNS resolution using the host's resolv.conf.
Hence the DNS resolution process for external name is
Here you will notice, dockerd sends packets out from within the namespace to the host via the interface bound to the docker_gwbridge.
In the case of clear containers as there is network connectivity between the container network namespace and the host, this request can never be fulfilled.
Work around for External DNS
For external DNS resolution, the resolv.conf can be updated to point to a external DNS resolver. This will ensure that the external DNS resolution works
Fixing this issue in Clear Containers
The long term plan is to proxy the internal DNS requests from within the VM to dockerd. On failure of the DNS resolution the resolution has to be performed from within the VM to the host resolver. However assuming that the host resolver is the right resolver to use in the case of dockerd resolution failure may not be a correct assumption. Also this results in longer resolution times as dockerd takes a significant amount of time to fail the external DNS request.
The text was updated successfully, but these errors were encountered: