使用主机DNS服务器的Docker-compose容器 [英] Docker-compose container using host DNS server

问题描述

我正在 Ubuntu 16.10服务器的自定义网桥网络中运行多个容器，其中包含2.9（在yml版本2.1中）。我的大多数容器在内部都使用相同的端口，因此我无法使用主机网络驱动程序。
我的容器都是使用专用的 links 属性链接在一起的。

I'm running several containers on my "Ubuntu 16.10 Server" in a "custom" bridge network with compose 2.9 (in a yml version 2.1). Most of my containers are internally using the same ports, so there is no way for me to use the "host" network driver. My containers are all links together, using the dedicated links attribute.

但是，我还需要访问我的容器之外的服务。这些服务具有专用URL，其名称已在我公司的DNS服务器中注册。
虽然我可以使用公共DNS并从容器内访问任何公共服务没有问题，但我却无法访问私有DNS。

But, I also need to access services exposed outside of my containers. These services have dedicated URL with names registered in my company's DNS server. While I have no problem to use public DNS and reach any public service from within my containers, I just can't reach my private DNS.

知道从容器使用私有DNS的可行解决方案吗？甚至更好，使用主机的网络DNS配置？

Do you know a working solution to use private DNS from a container? Or even better, use host's network DNS configuration?

PS：当然，我可以使用 extra_hosts 属性。但这绝对不是拥有DNS的目标。我不想在我的YML文件中注册我的所有服务，也不想每次在公司中更新服务的IP时都进行更新。

PS: Of course, I can link to my company's services using the extra_hosts attribute in my services in my docker-compose.yml file. But... that's definitively not the goal of having a DNS. I don't want to register all my services in my YML file, and I don't want to update it each time services' IP are updated in my company.

上下文：

• 主机：Ubuntu 16.10服务器


• Docker引擎： 1.12.6


• Docker编写：1.9.0


• docker-compose.yml：2.1


• 网络：自己的网桥。

• Host: Ubuntu 16.10 server
• Docker Engine: 1.12.6
• Docker Compose: 1.9.0
• docker-compose.yml: 2.1
• Network: Own bridge.

docker-compose.yml文件（提取）：

version: '2.1'
  services:
    nexus:
    image: sonatype/nexus3:$NEXUS_VERSION
    container_name: nexus
    restart: always
    hostname: nexus.$URL
    ports:
      - "$NEXUS_81:8081"
      - "$NEXUS_443:8443"
    extra_hosts:
      - "repos.private.network:192.168.200.200"
    dns:
      - 192.168.3.7
      - 192.168.111.1
      - 192.168.10.5
      - 192.168.10.15
    volumes_from:
      - nexus-data
    networks:
      - pic

  networks:
    pic:
      driver: bridge
      ipam:
        driver: default
        config:
          - subnet: 172.18.0.0/16
            gateway: 172.18.0.1

我尝试在 pic 网络的有和没有 ipam 配置的情况下使用，但没有任何运气。

I tried with and without the ipam configuration for the pic network, without any luck.

测试和；结果：
docker exec -ti nexus curl repos.private.network
正确返回此服务提供的HTML页面

Tests & Results: docker exec -ti nexus curl repos.private.network returns properly the HTML page served by this service

docker exec -ti nexus curl another-service.private.network
返回 curl ：（6）无法解析主机：another-service.private.network;名称或服务未知
而主机中的 curl another-service.private.network 会返回相应的HTML页面。

docker exec -ti nexus curl another-service.private.network Returns curl: (6) Could not resolve host: another-service.private.network; Name or service not known While curl another-service.private.network from the host returns the appropriate HTML page.

当然 other-service.private.network 在我的4个DNS服务器中都是已知的（192.168.3.7，192.168 .111.1、192.168.10.5、192.168.10.15）。

And "of course" another-service.private.network is known in my 4 DNS servers (192.168.3.7, 192.168.111.1, 192.168.10.5, 192.168.10.15).

推荐答案

您没有指定要在哪个环境下运行docker-可以在Mac，Windows或Unix等操作系统中进行编写，因此它在某种程度上取决于需要进行哪些更改。您也未指定是否在用户创建的网桥网络上的docker中使用默认网桥网络。

You don't specify which environment you're running docker-compose in e.g Mac, Windows or Unix, so it will depend a little bit on what changes are needed. You also don't specify if you're using the default bridge network in docker on a user created bridge network.

在任何一种情况下，默认情况下，Docker应尝试将Docker主机的DNS解析映射到您的容器中。因此，如果您的Docker主机可以解析私有DNS地址，那么从理论上讲您的容器也应该可以。

In either case, by default, Docker should try and map DNS resolution from the Docker Host into your containers. So if your Docker Host can resolve the private DNS addresses, then in theory your containers should be able to as well.

我建议阅读以下官方Docker DNS文档：这是很合理的。 此处用于默认Docker桥接网络，此处用于用户创建的桥接网络。

I'd recommend reading this official Docker DNS documentation as it is pretty reasonable. Here for the default Docker bridge network, here for user created bridge networks.

一个小问题是，如果您正在使用Mac的Docker，Docker机器或Windows的Docker运行，则需要记住，您的Docker主机实际上是在计算机上运行的VM，而不是物理设备本身，因此您需要以确保VM设置了正确的DNS解析选项。您需要重新启动容器，以便DNS解析更改可以被容器接受。

A slight gotcha is if you're running using Docker for Mac, Docker Machine or Docker for Windows you need to remember that your Docker Host is actually the VM running on your machine and not the physical box itself, so you need to ensure that the VM has the correct DNS resolution options set. You will need to restart your containers for changes to DNS resolution to be picked up by them.

您当然可以使用覆盖所有默认设置。 docker-compose 。它具有用于显式设置DNS服务器，DNS搜索选项等的完整选项。例如：

You can of course override all the default settings using docker-compose. It has full options for explicitly setting DNS servers, DNS search options etc. As an example:

version: 2
services:
 application:
  dns:
   - 8.8.8.8
   - 4.4.4.4
   - 192.168.9.45

您将找到这些功能的文档此处。

You'll find the documentation for those features here.

这篇关于使用主机DNS服务器的Docker-compose容器的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！