New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow customization of /etc/hosts, /etc/resolv.conf, etc. in containers #2267

Closed
jpetazzo opened this Issue Oct 17, 2013 · 130 comments

Comments

Projects
None yet
@jpetazzo
Contributor

jpetazzo commented Oct 17, 2013

(Sorry if this is a duplicate; but I remember that I had a very extensive conversation with @creack a while ago about this topic, and I thought that we had written our conclusions to a GitHub issue; but I cannot find said issue; so it looks like we hadn't, after all.)

Some people need to customize /etc/hosts, /etc/resolv.conf, or even /.dockerinit.
(See for instance #1951 and #2068, as well as this message on docker-user).
#1959 provides a naive implementation, making the bind-mounted files read-write. It works, but changes are lost since those files are regenerated.

The idea discussed with @creack was the following (as far as I can remember):

  • instead of using a AUFS-specific mechanism to inject those files (top-level ro layer) and then a bind-mount on top of that, just inject the files before starting the container, unless those files are present (and non-empty) in the image: in that case, use whatever is in the image;
  • when executing a docker commit or docker diff, check if the files have been changed (i.e. if they are different from what they were when the container was started), and include them only if they were changed (which means that dynamically generated files won't be included if they haven't been changed).

Those files are already listed in graph.go:203, and this comment in image.go:407 might indicate that the device mapper branch already implements part of what's needed.

The main outstanding issue is to decide whether to require a special flag to commit those special files, to avoid unwanted modifications (e.g. "Something changed the hostname or DNS configuration in my container, and all images derived from that container are broken!").

Requiring a special flag for docker commit makes sense (-f, like force?); however, for docker build, it's a bit more complex. Maybe the Dockerfile could include a special directive saying explicitly "this Dockerfile generates an image with a modified resolv.conf", e.g. CUSTOM /etc/resolv.conf /etc/hosts.

/cc @creack @metalivedev @shykes for feedback.

@metalivedev

This comment has been minimized.

Show comment
Hide comment
@metalivedev

metalivedev Oct 17, 2013

Contributor

I think we need a name for the list of files in graph.go:203 so that we can refer to the list as a whole. I'm going to call them the DockerInitLayer Files until someone tells me different. Its descriptive and greppable in the code.

I agree that a simple flag on a commit is an ok way to override the default behavior (i.e. if the default behavior is to ignore the DockerInitLayer files when committing, then the flag would indicate that the committer wants them preserved, or if the default is to always include them, the the flag would indicate they should be excluded from the image).

But what happens on docker run? Do I get warned that the image contains non-default settings for the DockerInitLayer files in /etc (or other places)? Do I have a way to override them and use the defaults or my own preferences? Can I inspect them before starting the image?

I like how your proposed CUSTOM Dockerfile command explicitly lists the files which would be committed.

Is there a way to unify this with the way we handle data volumes and bind mounts? That is "here are some special files that we want to be (readable | read-writable) within the container and we (do | do not) want to be included in the container's changes when committing to an image or diffing. The data for the file actually lives ( on this mount point for the host | in another container | etc). Initialize the file with ( an empty file | this file | etc)." It seems like a unified approach could be easier to learn and make defaults easier to document and override.

Contributor

metalivedev commented Oct 17, 2013

I think we need a name for the list of files in graph.go:203 so that we can refer to the list as a whole. I'm going to call them the DockerInitLayer Files until someone tells me different. Its descriptive and greppable in the code.

I agree that a simple flag on a commit is an ok way to override the default behavior (i.e. if the default behavior is to ignore the DockerInitLayer files when committing, then the flag would indicate that the committer wants them preserved, or if the default is to always include them, the the flag would indicate they should be excluded from the image).

But what happens on docker run? Do I get warned that the image contains non-default settings for the DockerInitLayer files in /etc (or other places)? Do I have a way to override them and use the defaults or my own preferences? Can I inspect them before starting the image?

I like how your proposed CUSTOM Dockerfile command explicitly lists the files which would be committed.

Is there a way to unify this with the way we handle data volumes and bind mounts? That is "here are some special files that we want to be (readable | read-writable) within the container and we (do | do not) want to be included in the container's changes when committing to an image or diffing. The data for the file actually lives ( on this mount point for the host | in another container | etc). Initialize the file with ( an empty file | this file | etc)." It seems like a unified approach could be easier to learn and make defaults easier to document and override.

@abilashks

This comment has been minimized.

Show comment
Hide comment
@abilashks

abilashks Nov 6, 2013

@unclejack we can set the dns server names as suggested by you. but it will be better to edit the resolv.conf file because we need to add search option in resolv.conf since we dont use fully qualified domains names for internally used links.

@unclejack we can set the dns server names as suggested by you. but it will be better to edit the resolv.conf file because we need to add search option in resolv.conf since we dont use fully qualified domains names for internally used links.

@danielnorberg

This comment has been minimized.

Show comment
Hide comment
@danielnorberg

danielnorberg Nov 23, 2013

Contributor

Second that, we also need to be able to configure the resolv.conf search option.

Contributor

danielnorberg commented Nov 23, 2013

Second that, we also need to be able to configure the resolv.conf search option.

@jrydberg

This comment has been minimized.

Show comment
Hide comment
@jrydberg

jrydberg Nov 28, 2013

Contributor

Now that 0.7 is out, maybe this can get some priority?

Contributor

jrydberg commented Nov 28, 2013

Now that 0.7 is out, maybe this can get some priority?

@thijsterlouw

This comment has been minimized.

Show comment
Hide comment
@thijsterlouw

thijsterlouw Dec 4, 2013

Contributor

I also really need to set search option in resolv.conf ; now I am working with internal services that return urls that rely on the correct search settings.

Contributor

thijsterlouw commented Dec 4, 2013

I also really need to set search option in resolv.conf ; now I am working with internal services that return urls that rely on the correct search settings.

@jacksoncage

This comment has been minimized.

Show comment
Hide comment
@jacksoncage

jacksoncage Dec 4, 2013

I would also really like to see this get fixed.

I would also really like to see this get fixed.

@sundbp

This comment has been minimized.

Show comment
Hide comment

sundbp commented Dec 9, 2013

+1

@Krijger

This comment has been minimized.

Show comment
Hide comment

Krijger commented Dec 10, 2013

+1

@tpires

This comment has been minimized.

Show comment
Hide comment

tpires commented Dec 10, 2013

+1

@jeffbaier

This comment has been minimized.

Show comment
Hide comment
@jeffbaier

jeffbaier Dec 10, 2013

This issue is very important to me right now as well.

This issue is very important to me right now as well.

@shykes

This comment has been minimized.

Show comment
Hide comment
@shykes

shykes Dec 11, 2013

Collaborator

Ok I think we're in good shape to fix this now. Every container in 0.7 has a writeable init layer which can be changed before starting, for customizations like this.

On Tue, Dec 10, 2013 at 3:16 PM, Jeff Baier notifications@github.com
wrote:

This issue is very important to me right now as well.

Reply to this email directly or view it on GitHub:
#2267 (comment)

Collaborator

shykes commented Dec 11, 2013

Ok I think we're in good shape to fix this now. Every container in 0.7 has a writeable init layer which can be changed before starting, for customizations like this.

On Tue, Dec 10, 2013 at 3:16 PM, Jeff Baier notifications@github.com
wrote:

This issue is very important to me right now as well.

Reply to this email directly or view it on GitHub:
#2267 (comment)

@shykes

This comment has been minimized.

Show comment
Hide comment
@shykes

shykes Dec 11, 2013

Collaborator

Tentatively scheduling for 0.8

Collaborator

shykes commented Dec 11, 2013

Tentatively scheduling for 0.8

@paulosuzart

This comment has been minimized.

Show comment
Hide comment

+1

@kiorky

This comment has been minimized.

Show comment
Hide comment
@kiorky

kiorky Dec 11, 2013

Contributor

I would want to configure not only at creation time but at any time of the container living, and i am voting for it to just be a normal writable file in the filesystem as it would already have been for years and not mounted r-o on a special layer :) (related to #2276)

Contributor

kiorky commented Dec 11, 2013

I would want to configure not only at creation time but at any time of the container living, and i am voting for it to just be a normal writable file in the filesystem as it would already have been for years and not mounted r-o on a special layer :) (related to #2276)

@tiagoboldt

This comment has been minimized.

Show comment
Hide comment

+1

@hftechops

This comment has been minimized.

Show comment
Hide comment
@hftechops

hftechops Dec 12, 2013

+1 , agree with kiorky need be able to modify hosts file at any time not just during creation. Not having that is a show stopper for me.

+1 , agree with kiorky need be able to modify hosts file at any time not just during creation. Not having that is a show stopper for me.

@kiorky

This comment has been minimized.

Show comment
Hide comment
@kiorky

kiorky Dec 12, 2013

Contributor

I would just explicitly note that i want to be able to edit any file, not only /etc/hosts.

Contributor

kiorky commented Dec 12, 2013

I would just explicitly note that i want to be able to edit any file, not only /etc/hosts.

@PierreR

This comment has been minimized.

Show comment
Hide comment

PierreR commented Dec 24, 2013

+1

@skyrocknroll

This comment has been minimized.

Show comment
Hide comment

+1

@shykes

This comment has been minimized.

Show comment
Hide comment
@shykes

shykes Dec 24, 2013

Collaborator

The only bottleneck for this is development time. If somebody wants to contribute it, we can help you. Otherwise, it will be done eventually :)

On Tue, Dec 24, 2013 at 8:51 AM, Yuvaraj notifications@github.com wrote:

+1

Reply to this email directly or view it on GitHub:
#2267 (comment)

Collaborator

shykes commented Dec 24, 2013

The only bottleneck for this is development time. If somebody wants to contribute it, we can help you. Otherwise, it will be done eventually :)

On Tue, Dec 24, 2013 at 8:51 AM, Yuvaraj notifications@github.com wrote:

+1

Reply to this email directly or view it on GitHub:
#2267 (comment)

@iambowen

This comment has been minimized.

Show comment
Hide comment
@iambowen

iambowen Dec 26, 2013

hi, I am trying to put several services into different docker containers. And I want them to have property hostname before the service start. But in the dockerfile, I can't write the hostname info into /etc/hosts, can we have this function? Thanks a lot.
+1

hi, I am trying to put several services into different docker containers. And I want them to have property hostname before the service start. But in the dockerfile, I can't write the hostname info into /etc/hosts, can we have this function? Thanks a lot.
+1

@davidvossel

This comment has been minimized.

Show comment
Hide comment

+1

@soupdiver

This comment has been minimized.

Show comment
Hide comment

👍

@urquilla

This comment has been minimized.

Show comment
Hide comment

+1

@dangarthwaite

This comment has been minimized.

Show comment
Hide comment
@dangarthwaite

dangarthwaite Jan 25, 2014

I was psyched to be wholesale testing saltstack in docker until this hit me. I have hundreds of /etc/hosts dependencies.

I was psyched to be wholesale testing saltstack in docker until this hit me. I have hundreds of /etc/hosts dependencies.

@danielnorberg

This comment has been minimized.

Show comment
Hide comment
@danielnorberg

danielnorberg Jan 26, 2014

Contributor

Just submitted a PR that allows specifying dns search domains.

#3774

Contributor

danielnorberg commented Jan 26, 2014

Just submitted a PR that allows specifying dns search domains.

#3774

@kiorky

This comment has been minimized.

Show comment
Hide comment
@kiorky

kiorky Jan 26, 2014

Contributor

This is just a workaround for a non features, just removing the readonly mounts and inject the crafted copies at first container boot would be sufficient and convenient for everyone.

Contributor

kiorky commented Jan 26, 2014

This is just a workaround for a non features, just removing the readonly mounts and inject the crafted copies at first container boot would be sufficient and convenient for everyone.

@danielnorberg

This comment has been minimized.

Show comment
Hide comment
@danielnorberg

danielnorberg Jan 27, 2014

Contributor

Our use case is to be able to specify nameservers and search domains at container start time depending on the environment/datacenter/etc that we're running it in. Being able to do that with -dns and -dns-search flags is quite convenient.

As I see it, the alternative would be to either (1) have some script in the container that modifies /etc/resolv.conf or (2) derive a new image with the necessary /etc/resolv.conf contents based on the container image that we intend to run. Both seem clunky to me.

Regardless, #3774 is somewhat orthogonal to making /etc/hosts and /etc/resolv.conf writable. We can easily have both.

Contributor

danielnorberg commented Jan 27, 2014

Our use case is to be able to specify nameservers and search domains at container start time depending on the environment/datacenter/etc that we're running it in. Being able to do that with -dns and -dns-search flags is quite convenient.

As I see it, the alternative would be to either (1) have some script in the container that modifies /etc/resolv.conf or (2) derive a new image with the necessary /etc/resolv.conf contents based on the container image that we intend to run. Both seem clunky to me.

Regardless, #3774 is somewhat orthogonal to making /etc/hosts and /etc/resolv.conf writable. We can easily have both.

@changwuf31

This comment has been minimized.

Show comment
Hide comment
@changwuf31

changwuf31 Feb 12, 2014

Another use case from us would be. We're using vpnc to connect to a cisco vpn. And we could not use the dns server supplied by the cisco vpn.

Another use case from us would be. We're using vpnc to connect to a cisco vpn. And we could not use the dns server supplied by the cisco vpn.

@tpires

This comment has been minimized.

Show comment
Hide comment
@tpires

tpires Feb 12, 2014

@changwuf31 are you trying to connect to ciscovpn through the host or inside docker container?

tpires commented Feb 12, 2014

@changwuf31 are you trying to connect to ciscovpn through the host or inside docker container?

@changwuf31

This comment has been minimized.

Show comment
Hide comment
@changwuf31

changwuf31 Feb 12, 2014

@tpires I'm trying to connect to ciscovpn inside the docker container. vpnc complain about /etc/resolv.conf not being a symlink.

I'm hardcoding the dns using docker run -dns, but like this, things will break if the dns address chagned.

@tpires I'm trying to connect to ciscovpn inside the docker container. vpnc complain about /etc/resolv.conf not being a symlink.

I'm hardcoding the dns using docker run -dns, but like this, things will break if the dns address chagned.

@davidvossel

This comment has been minimized.

Show comment
Hide comment
@davidvossel

davidvossel Jul 18, 2014

Is this ever going to be fixed? Can we get an update on this please

Is this ever going to be fixed? Can we get an update on this please

@unclejack

This comment has been minimized.

Show comment
Hide comment
@unclejack

unclejack Jul 18, 2014

Contributor

#5129 is going to fix this.

Contributor

unclejack commented Jul 18, 2014

#5129 is going to fix this.

@parf

This comment has been minimized.

Show comment
Hide comment
@parf

parf Jul 18, 2014

great news

On Fri, Jul 18, 2014 at 3:48 PM, unclejack notifications@github.com wrote:

#5129 #5129 is going to fix this.


Reply to this email directly or view it on GitHub
#2267 (comment).

parf commented Jul 18, 2014

great news

On Fri, Jul 18, 2014 at 3:48 PM, unclejack notifications@github.com wrote:

#5129 #5129 is going to fix this.


Reply to this email directly or view it on GitHub
#2267 (comment).

@FooBarWidget

This comment has been minimized.

Show comment
Hide comment
@FooBarWidget

FooBarWidget Jul 19, 2014

Until #5129 is fixed, I've introduced a workaround for this in baseimage-docker: https://github.com/phusion/baseimage-docker#workaroud_modifying_etc_hosts
The implementation is very simple, so even people who do not use baseimage-docker can copy-paste my solution and apply it into into their own container.

Until #5129 is fixed, I've introduced a workaround for this in baseimage-docker: https://github.com/phusion/baseimage-docker#workaroud_modifying_etc_hosts
The implementation is very simple, so even people who do not use baseimage-docker can copy-paste my solution and apply it into into their own container.

@michaelneale

This comment has been minimized.

Show comment
Hide comment
@michaelneale

michaelneale Jul 21, 2014

Contributor

@FooBarWidget can resolv.conf also be worked around in a similar fashion?

Contributor

michaelneale commented Jul 21, 2014

@FooBarWidget can resolv.conf also be worked around in a similar fashion?

@FooBarWidget

This comment has been minimized.

Show comment
Hide comment
@FooBarWidget

FooBarWidget Jul 21, 2014

Yes. Feel free to submit a pull request if you like to have the feature in baseimage-docker.

Yes. Feel free to submit a pull request if you like to have the feature in baseimage-docker.

@Xoib

This comment has been minimized.

Show comment
Hide comment
@Xoib

Xoib Jul 22, 2014

There is no workaround-docker-2267 within my container.

Xoib commented Jul 22, 2014

There is no workaround-docker-2267 within my container.

@FooBarWidget

This comment has been minimized.

Show comment
Hide comment
@FooBarWidget

FooBarWidget Jul 22, 2014

@Xoib You need baseimage-docker >= 0.9.12 for this feature. See the changelog.

@Xoib You need baseimage-docker >= 0.9.12 for this feature. See the changelog.

@unclejack

This comment has been minimized.

Show comment
Hide comment
@unclejack

unclejack Jul 22, 2014

Contributor

@FooBarWidget This isn't the issue tracker for baseimage-docker, nor its support forum.

#5129 will be merged ASAP.

Contributor

unclejack commented Jul 22, 2014

@FooBarWidget This isn't the issue tracker for baseimage-docker, nor its support forum.

#5129 will be merged ASAP.

@FooBarWidget

This comment has been minimized.

Show comment
Hide comment
@FooBarWidget

FooBarWidget Jul 22, 2014

@unclejack I know, but someone else asked me a question here.

@unclejack I know, but someone else asked me a question here.

@netroby

This comment has been minimized.

Show comment
Hide comment
@netroby

netroby Aug 19, 2014

still can not modify /etc/resolv.conf inside container.

Need this feature

netroby commented Aug 19, 2014

still can not modify /etc/resolv.conf inside container.

Need this feature

@netroby

This comment has been minimized.

Show comment
Hide comment
@netroby

netroby Aug 19, 2014

If docker do not resolve this problem, it's useless for real world production enviorment.
For develop and for production.

Change hosts and resolv is the basic operation in daily working.

netroby commented Aug 19, 2014

If docker do not resolve this problem, it's useless for real world production enviorment.
For develop and for production.

Change hosts and resolv is the basic operation in daily working.

@cpuguy83

This comment has been minimized.

Show comment
Hide comment
@cpuguy83

cpuguy83 Aug 19, 2014

Contributor

@netroby define "real world" prod environment
I have not once had to manipulate these files.

That said, you can add resolvers using the --dns flag when creating the container.
And if you really must edit them you can do so now from the host. Each container has it's own /etc/hosts and /etc/resolve.conf and they are bind-mounted in from /var/lib/docker/containers/<id>

If you are having some specific problem I'd be happy to discuss a solution on IRC.
There are more ways than one to do anything/everything.

Contributor

cpuguy83 commented Aug 19, 2014

@netroby define "real world" prod environment
I have not once had to manipulate these files.

That said, you can add resolvers using the --dns flag when creating the container.
And if you really must edit them you can do so now from the host. Each container has it's own /etc/hosts and /etc/resolve.conf and they are bind-mounted in from /var/lib/docker/containers/<id>

If you are having some specific problem I'd be happy to discuss a solution on IRC.
There are more ways than one to do anything/everything.

@netroby

This comment has been minimized.

Show comment
Hide comment
@netroby

netroby Aug 19, 2014

Ok, i got another problem, how to modify the flags with exists container? I creat the container before, and now i want change some config, such as port bind and dns options.

netroby commented Aug 19, 2014

Ok, i got another problem, how to modify the flags with exists container? I creat the container before, and now i want change some config, such as port bind and dns options.

@cpuguy83

This comment has been minimized.

Show comment
Hide comment
@cpuguy83

cpuguy83 Aug 19, 2014

Contributor

@netroby This is not the place to discuss this.
Please use either the mailing list or #docker on freenode.

Contributor

cpuguy83 commented Aug 19, 2014

@netroby This is not the place to discuss this.
Please use either the mailing list or #docker on freenode.

@vieux vieux closed this in #5129 Aug 20, 2014

@jablo

This comment has been minimized.

Show comment
Hide comment
@jablo

jablo Oct 21, 2014

Just started on docker, what an amazing thing to have. But I hit this problem even before I have my first non-playaround image up and running.

--dns works fine on docker run

But I need it to be present on docker build, so I can reach internal repositories and whatnot to build my image. Bang, I'm dead because the image seems to be hard coded to using dns 8.8.8.8 during docker build. How to work around that, I wonder...

jablo commented Oct 21, 2014

Just started on docker, what an amazing thing to have. But I hit this problem even before I have my first non-playaround image up and running.

--dns works fine on docker run

But I need it to be present on docker build, so I can reach internal repositories and whatnot to build my image. Bang, I'm dead because the image seems to be hard coded to using dns 8.8.8.8 during docker build. How to work around that, I wonder...

@PierreR

This comment has been minimized.

Show comment
Hide comment
@PierreR

PierreR Oct 21, 2014

I have been using dnsmask ever since this issue was created. It works nicely for me.

PierreR commented Oct 21, 2014

I have been using dnsmask ever since this issue was created. It works nicely for me.

@gdm85

This comment has been minimized.

Show comment
Hide comment
@gdm85

gdm85 Oct 21, 2014

Contributor

@jablo @PierreR see also #5779

Contributor

gdm85 commented Oct 21, 2014

@jablo @PierreR see also #5779

@addhewarman

This comment has been minimized.

Show comment
Hide comment
@addhewarman

addhewarman Jan 14, 2015

This is done actually, i am using docker

Docker version 1.4.1

you can add entry into your docker with option --add-host=""

sample
~#$ sudo docker run --add-host="<name_host>:<ip_host>" image_id

~#$ sudo docker run -i -t -p 80:80 --add-host='logserver:127.0.0.1' ubuntu/14.04 /bin/bash

sample with multiple entry

~#$ sudo docker run -i -t -p 80:80 --add-host='javacronserver:127.0.0.1' --add-host='dbserver:127.0.0.1' --add-host='logserver:127.0.0.1' ubuntu/14.04 /bin/bash

This is done actually, i am using docker

Docker version 1.4.1

you can add entry into your docker with option --add-host=""

sample
~#$ sudo docker run --add-host="<name_host>:<ip_host>" image_id

~#$ sudo docker run -i -t -p 80:80 --add-host='logserver:127.0.0.1' ubuntu/14.04 /bin/bash

sample with multiple entry

~#$ sudo docker run -i -t -p 80:80 --add-host='javacronserver:127.0.0.1' --add-host='dbserver:127.0.0.1' --add-host='logserver:127.0.0.1' ubuntu/14.04 /bin/bash

@justinwhite

This comment has been minimized.

Show comment
Hide comment
@justinwhite

justinwhite Feb 4, 2015

Thanks @addhewarman. The --add-hosts flag worked like a charm.

Thanks @addhewarman. The --add-hosts flag worked like a charm.

@lakshmi-kannan lakshmi-kannan referenced this issue Mar 18, 2015

Closed

WIP: Docker compose #1273

2 of 5 tasks complete
@harsh86

This comment has been minimized.

Show comment
Hide comment
@harsh86

harsh86 Mar 18, 2015

Thanks @addhewarman. The --add-hosts flag worked like a charm.

harsh86 commented Mar 18, 2015

Thanks @addhewarman. The --add-hosts flag worked like a charm.

@hridyeshpant

This comment has been minimized.

Show comment
Hide comment
@hridyeshpant

hridyeshpant Feb 2, 2016

@addhewarman
i need to append new name server in /etc/resolv.conf in container, could you please help me what is the best way ?
i used --dns-search option but it is overriding the host /etc/resolv.conf default value . i want to append the new entry with the default value?

@addhewarman
i need to append new name server in /etc/resolv.conf in container, could you please help me what is the best way ?
i used --dns-search option but it is overriding the host /etc/resolv.conf default value . i want to append the new entry with the default value?

@addhewarman

This comment has been minimized.

Show comment
Hide comment
@addhewarman

addhewarman Feb 14, 2016

to be honest what you face is exactly like mine but in my case i am not using container so how i update my resolv.conf is simply using ansible to update my /etc/resolv.conf. and what we're doing is simply wrong and it's not the best way how to do it, if you are always change information in /etc/resolv.conf then you will face what i face when i am creating my 'disaster recovery' implementing chaos monkey state of immutable infra. something in-between your infra will break and stop working.

so here's i recommend you 👍

  1. Upgrade your Docker to 1.5.0 and above
  2. Try this dns docker https://github.com/phensley/docker-dns (credit to phensley)

just note to everyone that using docker, docker is container and you should remember the docker philosophy ( one concern per container ) this will make your life easier using it.

Note: For containers which were created prior to the implementation of the /etc/resolv.conf update feature in Docker 1.5.0: those containers will not receive updates when the host resolv.conf file changes. Only containers created with Docker 1.5.0 and above will utilize this auto-update feature.

to be honest what you face is exactly like mine but in my case i am not using container so how i update my resolv.conf is simply using ansible to update my /etc/resolv.conf. and what we're doing is simply wrong and it's not the best way how to do it, if you are always change information in /etc/resolv.conf then you will face what i face when i am creating my 'disaster recovery' implementing chaos monkey state of immutable infra. something in-between your infra will break and stop working.

so here's i recommend you 👍

  1. Upgrade your Docker to 1.5.0 and above
  2. Try this dns docker https://github.com/phensley/docker-dns (credit to phensley)

just note to everyone that using docker, docker is container and you should remember the docker philosophy ( one concern per container ) this will make your life easier using it.

Note: For containers which were created prior to the implementation of the /etc/resolv.conf update feature in Docker 1.5.0: those containers will not receive updates when the host resolv.conf file changes. Only containers created with Docker 1.5.0 and above will utilize this auto-update feature.

@WuYuntaoTheGreat

This comment has been minimized.

Show comment
Hide comment
@WuYuntaoTheGreat

WuYuntaoTheGreat Dec 10, 2017

My solution:
--privilege
umount /etc/resolv.conf

My solution:
--privilege
umount /etc/resolv.conf

@cpuguy83

This comment has been minimized.

Show comment
Hide comment
@cpuguy83

cpuguy83 Dec 10, 2017

Contributor

It's customizable for a long time...

Contributor

cpuguy83 commented Dec 10, 2017

It's customizable for a long time...

@aries1980

This comment has been minimized.

Show comment
Hide comment
@aries1980

aries1980 Dec 10, 2017

@cpuguy83 : can you point me to the documentation that describes how?

@cpuguy83 : can you point me to the documentation that describes how?

@cpuguy83

This comment has been minimized.

Show comment
Hide comment
@cpuguy83

cpuguy83 Dec 10, 2017

Contributor

@aries1980 you can just write to it like normal or use "--add-host" (or both)

Contributor

cpuguy83 commented Dec 10, 2017

@aries1980 you can just write to it like normal or use "--add-host" (or both)

dokmic added a commit to dokmic/baseimage that referenced this issue May 27, 2018

dokmic added a commit to dokmic/baseimage that referenced this issue May 27, 2018

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment