You are not logged in.

Pages: 1

#1 2020-02-28 16:35:03

archdom
Member
Registered: 2018-09-12
Posts: 96

[SOLVED]Dns docker

Hello guys,
i have a container with ip address 172.17.0.2. From the host machine If I ping this ip address it works, but if I ping the host name it doesn't work.
From the container I can ping the ip and the name of the host machine.
The host machine cannot resolve the hostname of the container.
I have read the documentation that says to put an entry in the /etc/resolv.conf file. In this file I cannot write because it says that it is automatically generated by the NetworkManager service so it is overwritten.
For this reason I added an entry in the file /etc/resolvconf.conf the following line:

nameserver 172.17.0.1

The ip 172.17.0.1 is the getaway docker which should have an embedded dns.
Does not work.
How can I solve it?
Regards

Last edited by archdom (2020-02-29 11:11:28)

Offline

#2 2020-02-28 17:09:40

aeris
Member
From: Internet
Registered: 2020-02-28
Posts: 5
Website

Re: [SOLVED]Dns docker

I guess you try to do something not really wanted with Docker.
Host and guest networks are strictly separated, Docker isolate them.

If you want to access the host from a guest, you have to wait this commit to be released and to add `"--add-host=host.docker.internal:host-gateway"` to your container start option to be able to access the host with `host.docker.internal` hostname.
Currently this commit is nor released nor available on Arch and we need to wait also for this commit to be able to use the option from the CLI (without it, only API supports the option, through `docker-compose` for example).

And in all cases, you can't (or wan't) access a guest from the host by it hostname. Use port redirection or a reverse proxy like Traefik to expose your internal guest service on localhost on the host.

Last edited by aeris (2020-02-28 17:13:02)

Individual crypto-terrorist group self-radicalized on the digital darknet

Offline

#3 2020-02-28 17:23:33

archdom
Member
Registered: 2018-09-12
Posts: 96

Re: [SOLVED]Dns docker

aeris wrote:

I guess you try to do something not really wanted with Docker.
Host and guest networks are strictly separated, Docker isolate them.

If you want to access the host from a guest, you have to wait this commit to be released and to add `"--add-host=host.docker.internal:host-gateway"` to your container start option to be able to access the host with `host.docker.internal` hostname.
Currently this commit is nor released nor available on Arch and we need to wait also for this commit to be able to use the option from the CLI (without it, only API supports the option, through `docker-compose` for example).

And in all cases, you can't (or wan't) access a guest from the host by it hostname. Use port redirection or a reverse proxy like Traefik to expose your internal guest service on localhost on the host.

Hi Aeris,
Thanks for the reply.
I use google translator and maybe I wrote wrong.
Now let me explain better:

Host
ip address 192.168.0.2
name ArchMachine

Guest (Docker container)
ip 172.17.0.2
name Mariadb

Guest side (172.17.0.2)
ping 192.168.0.2 OK
ping ArchMachine OK

Host side (192.168.0.2)
ping 172.17.0.2 OK
ping Mariadb -----> KO

The host machine does not resolve the container name.
On the host machine I tried to configure the dns but it doesn't work.

Offline

#4 2020-02-28 17:28:10

armoredkitten
Member
Registered: 2019-10-31
Posts: 15

Re: [SOLVED]Dns docker

If I understand correctly what you're trying to do, you should be able to add an entry in /etc/hostname to name your Mariadb container.

Offline

#5 2020-02-28 17:39:18

archdom
Member
Registered: 2018-09-12
Posts: 96

Re: [SOLVED]Dns docker

armoredkitten wrote:

If I understand correctly what you're trying to do, you should be able to add an entry in /etc/hostname to name your Mariadb container.

The host name on the container is correctly set
If I run

cat / etc / hostname

output

Mariadb

I run the container with this string

docker run -it \
        --rm \
        --name archlinux-mariadb-10.3.12-cont \
        -v mariadb-10.3.12-vol: / home / admin \
        -h "Mariadb" \
        archlinux-mariadb-10.3.12-img \
        /bin/bash

the -h option sets the host name

Offline

#6 2020-02-28 19:30:46

aeris
Member
From: Internet
Registered: 2020-02-28
Posts: 5
Website

Re: [SOLVED]Dns docker

archdom wrote:

The host machine does not resolve the container name.
On the host machine I tried to configure the dns but it doesn't work.

This is normal and a wanted behavior.
Docker isolate each network from each other, and hostname are only valid inside a container because related to a docker network (you can have multiple docker network on the same host).

You never ever want to (or can) access guest from the host, nor by IP (they are not stable) nor by hostname (no uniq hostname guaranted and related to docker network).

If you want to access a guest service from your host, you have to expose the corresponding guest port to your host (-p host-port:guest-port) or to proxify the service with a reverse proxy like traefik for HTTP/HTTPS service.

Individual crypto-terrorist group self-radicalized on the digital darknet

Offline

#7 2020-02-28 19:40:18

aeris
Member
From: Internet
Registered: 2020-02-28
Posts: 5
Website

Re: [SOLVED]Dns docker

To be complete, the real FQDN of your container is not Mariadb but Mariadb.<your default docker network>, and so Mariadb will never ever be able to resolv on your host until you configure also your host to be on the same domain (domain & search parameters of resolve.conf). This docker network name is not always fixed, depending of how you configure your docker, if you use host network or not (--net=host option), or others parameters.
This is why you can't expect to be able to ping a guest by name from the host in a reliable way. Don't try to do that and instead expose your service on your host through internal port forwarding (-p options) or via dockerised reverse proxy for HTTP service.

For example, for mariadb

docker run -it \
        --rm \
        -p 3306:3306
        --name archlinux-mariadb-10.3.12-cont \
        -v mariadb-10.3.12-vol: /home/admin \
        archlinux-mariadb-10.3.12-img \
        /bin/bash

And connect directly to localhost instead of mariabd.

Last edited by aeris (2020-02-28 19:43:44)

Individual crypto-terrorist group self-radicalized on the digital darknet

Offline

#8 2020-02-28 22:49:45

archdom
Member
Registered: 2018-09-12
Posts: 96

Re: [SOLVED]Dns docker

thanks for replies.
Now I understand well.
I'd like to ask you another question.

I created a network via the command

docker network create mynet

This is the output of the network inspect command

docker inspect mynet 
[
    {
        "Name": "mynet",
        "Id": "7ab437655a2fcd46f5cc5371310741f3fc674e3428c608349f921ad078f1a150",
        "Created": "2020-02-28T19:08:59.062644596+01:00",
        "Scope": "local",
        "Driver": "bridge",
        "EnableIPv6": false,
        "IPAM": {
            "Driver": "default",
            "Options": {},
            "Config": [
                {
                    "Subnet": "172.18.0.0/16",
                    "Gateway": "172.18.0.1"
                }
            ]
        },
        "Internal": false,
        "Attachable": false,
        "Ingress": false,
        "ConfigFrom": {
            "Network": ""
        },
        "ConfigOnly": false,
        "Containers": {},
        "Options": {},
        "Labels": {}
    }
]

I created two containers that run on this network.

The first
ip address 172.18.0.2
name Mariadb

The second
ip address 172.18.0.3
name Plasma

Both if I ping their ip address it works.
If I try to ping their names it doesn't work.
Both run on the same mynet network
Why doesn't it work?
Thanks again

Offline

#9 2020-02-28 23:06:38

aeris
Member
From: Internet
Registered: 2020-02-28
Posts: 5
Website

Re: [SOLVED]Dns docker

You try to ping from witch side? A guest or the host?

Last edited by aeris (2020-02-28 23:07:16)

Individual crypto-terrorist group self-radicalized on the digital darknet

Offline

#10 2020-02-29 01:19:06

archdom
Member
Registered: 2018-09-12
Posts: 96

Re: [SOLVED]Dns docker

On the first container (172.18.0.2) name (Mariadb)

ping 172.18.0.3 ok
ping Plasma -----> ko

On the second container (172.18.0.3) name (Plasma)

ping 172.18.0.2 ok
ping Mariadb -----> ko

It cannot resolve names

Offline

#11 2020-02-29 01:30:09

archdom
Member
Registered: 2018-09-12
Posts: 96

Re: [SOLVED]Dns docker

From the docker network documentation
https://docs.docker.com/network/bridge/

Containers on the default bridge network can only access each other by IP addresses, unless you use the --link option, which is considered legacy. 
On a user-defined bridge network, containers can resolve each other by name or alias.

As you can see I have defined a bridge network but containers don't resolve their names

Offline

#12 2020-02-29 09:39:37

aeris
Member
From: Internet
Registered: 2020-02-28
Posts: 5
Website

Re: [SOLVED]Dns docker

No problem on my side

$ docker run --rm -it --net=mynet -h alpine1 alpine /bin/sh
/ # ping -c 1 alpine2
PING alpine2 (172.19.0.3): 56 data bytes
64 bytes from 172.19.0.3: seq=0 ttl=64 time=0.114 ms

$ docker run --rm -it --net=mynet -h alpine2 alpine /bin/sh
/ # ping -c 1 alpine1
PING alpine1 (172.19.0.2): 56 data bytes
64 bytes from 172.19.0.2: seq=0 ttl=64 time=0.072 ms

Individual crypto-terrorist group self-radicalized on the digital darknet

Offline

#13 2020-02-29 10:27:10

archdom
Member
Registered: 2018-09-12
Posts: 96

Re: [SOLVED]Dns docker

aeris wrote:

No problem on my side

$ docker run --rm -it --net=mynet -h alpine1 alpine /bin/sh
/ # ping -c 1 alpine2
PING alpine2 (172.19.0.3): 56 data bytes
64 bytes from 172.19.0.3: seq=0 ttl=64 time=0.114 ms

$ docker run --rm -it --net=mynet -h alpine2 alpine /bin/sh
/ # ping -c 1 alpine1
PING alpine1 (172.19.0.2): 56 data bytes
64 bytes from 172.19.0.2: seq=0 ttl=64 time=0.072 ms

I am following this tutorial step by step.
https://docs.docker.com/network/network … tandalone/
This also uses alpine smile
I'll tell you later wink

Offline

#14 2020-02-29 11:10:41

archdom
Member
Registered: 2018-09-12
Posts: 96

Re: [SOLVED]Dns docker

I can't believe it ....:( I pinged the hostname of the container .... it's wrong
I have to ping the container name
A stupid mistake.
Usually on a network, I ping its ip address or host name (/ etc / hostname), but in the case of dockers, the container name must be used.
Thanks aeris so much for replies.
Mark as solved

Offline

#15 2020-02-29 11:14:32

progandy
Member
Registered: 2012-05-17
Posts: 5,307

Re: [SOLVED]Dns docker

Do you use docker compose? Or has docker silently changed this?
https://github.com/docker/compose/issue … -452154980

Last edited by progandy (2020-02-29 11:15:11)

| alias CUTF='LANG=en_XX.UTF-8@POSIX ' | alias ENGLISH='LANG=C.UTF-8 ' |

Offline

#16 2020-02-29 13:06:30

archdom
Member
Registered: 2018-09-12
Posts: 96

Re: [SOLVED]Dns docker

progandy wrote:

Do you use docker compose? Or has docker silently changed this?
https://github.com/docker/compose/issue … -452154980

I currently don't use docker compose. I'll do it soon. 

I also believe it is wrong to resolve the container name instead of the container host name.

I agree with what pauldraper wrote:

Side note: These are two different concepts: 
container names are meant for container management and scoped to a Docker instance, 
hostnames are meant for network management and scoped to a network.

The thread for me is closed but if you want to investigate the problem, go ahead smile

Offline

Pages: 1

Board footer

Powered by FluxBB