Docker：容器在专用网络上找不到域 [英] Docker: container can't find domain on private network

问题描述

我试图找出在不同主机上运行的相同的docker容器的问题，其中一个容器可以在私有网络上找到/ ping / nslookup一个域，另一个容器不能。一个主机是OSX 10.11，另一个是Ubuntu 16.04。两者都在运行码头1.12。我正在使用 docker-compose 来提出我的应用程序，我希望了解发生了什么，以及如何解决它，或者我可以进行一些配置更改在不使用硬编码域或IP地址的情况下，将容器在两台主机上的行为相同。

在我的OSX框中，我有以下dns名称服务器自动设置我的域：

  osx：$ cat /etc/resolv.conf 
 domain redacted.lan 
 nameserver 172.16.20.19 
 nameserver 10.43.0.11 
  

我知道<$大多数OSX工具不使用c $ c> resolv.conf ，但系统偏好设置>网络显示相同的设置。

我的Ubuntu 16框也有类似的设置（命令从 https://askubuntu.com/questions/152593/command-line-to-list-dns-servers-used-by-my-system ）：

  ubu：$ cat /etc/resolv.conf 
 nameserver 127.0.1.1 
 search redacted.lan 
 
 ubu： $ nmcli device show eno1 | grep IP4.DNS 
 IP4.DNS [1]：172.16.20.19 
 IP4.DNS [2]：10.43.0.11 
  

然后，在OSX和Ubuntu上，我开始使用这个容器：

  $ docker run -it redacted_web bash 
  

然后我运行这些命令来诊断我的问题：

  $ apt-get update 
 $ apt-get install -y dnsutils 
 $ cat /etc/resolv.conf 
 $ nslookup redacted.lan 
  

在OSX上，最后2个命令的输出是：

  root @ d19f49322fda：/ app＃cat /etc/resolv.conf 
 search local 
 nameserver 192.168 .65.1 
 root @ d19f49322fda：/ app＃nslookup redacted.lan 
服务器：192.168.65.1 
地址：192.168.65.1＃53 
 
名称：redacted.lan 
地址：172.18.0.23 
  

在Ubuntu上，输出为：

  root @ 91e82d652e07：/ app＃cat / e tc / resolv.conf 
＃由resolvconf（8）生成的glibc resolver（3）的动态resolv.conf（5）文件
＃不要手动编辑这个文件 - 你的更改将被忽略
搜索redacted.lan 
 
 nameserver 8.8.8.8 
 nameserver 8.8.4.4 
 root @ 91e82d652e07：/ app＃nslookup redacted.lan 
服务器：8.8。 8.8 
地址：8.8.8.8＃53 
 
 **服务器找不到redacted.lan：NXDOMAIN 
  

可能的区别我可以想到：

• 在OSX上有一个vm运行的docker，在Ubuntu上，它是原生的


• 在Ubuntu上，docker使用 sudo 运行，可能会收到不同的配置设置

解决方案

问题是主机正在使用dnsmasq来解析私有IP，而Docker在主机上不使用dnsmasq

简单的修复是在主机上关闭dnsmasq 。

1. 运行 sudo vi /etc/NetworkManager/NetworkManager.conf


2. 注释掉这一行：＃dns = dnsmasq


3. 运行 sudo服务网络管理器重启

现在，您应该可以使用docker容器，它将正确解析您的私有DNS。

I'm trying to figure out a problem with identical docker containers being run on different hosts, where one container can find/ping/nslookup a domain on a private network, and another can't. One host is OSX 10.11, the other is Ubuntu 16.04. Both are running docker 1.12. I'm using docker-compose to bring up my application, and I'm hoping to figure out what is going on and how to fix it, or some configuration changes I could make without resorting to hardcoding domains or ip addresses that would make the container behave the same on both hosts.

On my OSX box, I have the following dns nameservers set automatically by my domain:

osx:$ cat /etc/resolv.conf
domain redacted.lan
nameserver 172.16.20.19
nameserver 10.43.0.11

I'm aware that resolv.conf isn't used by most OSX tools, but System Preferences > Network shows the same settings.

I have similar settings on my Ubuntu 16 box as well (command from https://askubuntu.com/questions/152593/command-line-to-list-dns-servers-used-by-my-system):

ubu:$ cat /etc/resolv.conf 
nameserver 127.0.1.1
search redacted.lan

ubu:$ nmcli device show eno1 | grep IP4.DNS
IP4.DNS[1]:                             172.16.20.19
IP4.DNS[2]:                             10.43.0.11

Then, on both OSX and Ubuntu, I start my container with this:

$ docker run -it redacted_web bash

And then I run these commands to diagnose my problem:

$ apt-get update
$ apt-get install -y dnsutils
$ cat /etc/resolv.conf
$ nslookup redacted.lan

On OSX, the output from the last 2 commands is:

root@d19f49322fda:/app# cat /etc/resolv.conf
search local
nameserver 192.168.65.1
root@d19f49322fda:/app# nslookup redacted.lan
Server:     192.168.65.1
Address:    192.168.65.1#53

Name:   redacted.lan
Address: 172.18.0.23

On Ubuntu, the output is:

root@91e82d652e07:/app# cat /etc/resolv.conf
# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
search redacted.lan

nameserver 8.8.8.8
nameserver 8.8.4.4
root@91e82d652e07:/app# nslookup redacted.lan 
Server:     8.8.8.8
Address:    8.8.8.8#53

** server can't find redacted.lan: NXDOMAIN

Possible differences I can think of:

• On OSX there is a vm running docker, where as on ubuntu it's native
• On Ubuntu, docker is run with sudo, possibly picking up different configuration settings

解决方案

The problem is that the host is using dnsmasq to resolve the private IP and Docker is not using dnsmasq on the host.

The simple fix is to turn off dnsmasq on the host machine.

1. Run sudo vi /etc/NetworkManager/NetworkManager.conf
2. Comment out this line: #dns=dnsmasq
3. Run sudo service network-manager restart

Now, you should be able to use the docker container and it will resolve your private DNS correctly.

这篇关于Docker：容器在专用网络上找不到域的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！