[Bug 1184710] New: dnsmasq needs to be restarted after reboot for dns to work in a Docker container
https://bugzilla.redhat.com/show_bug.cgi?id=1184710
Bug ID: 1184710 Summary: dnsmasq needs to be restarted after reboot for dns to work in a Docker container Product: Fedora Version: 21 Component: docker-io Assignee: lsm5@redhat.com Reporter: jshepherd@redhat.com QA Contact: extras-qa@fedoraproject.org CC: adimania@gmail.com, admiller@redhat.com, golang@lists.fedoraproject.org, hushan.jia@gmail.com, jchaloup@redhat.com, jperrin@centos.org, lsm5@redhat.com, mattdm@redhat.com, mgoldman@redhat.com, miminar@redhat.com, s@shk.io, thrcka@redhat.com, vbatts@redhat.com External Bug ID: Red Hat Bugzilla 1128208 External Bug ID: Red Hat Bugzilla 1128208
Description of problem:
Docker replies on dnsmasq to have 'listen-address' set to the docker bridge, and have bind-interfaces option turned on. However in this configuration dnsmasq has to start after docker in order for DNS to work in a docker container.
Version-Release number of selected component (if applicable):
docker-io 1.4.0 dnsmasq 2.72
How reproducible:
Reboot the system with docker, and dnsmasq enabled.
Steps to Reproduce: 1. Ensure docker is using the default dns option of 172.17.42.1 2. Use the attached dnsmasq.conf 3. Reboot the system 4. Launch a docker container:
`docker run -i -t centos /usr/bin/ping www.redhat.com`
Actual results:
Cannot resolve hostname
Expected results:
Response from 'akamai' or similar
Additional info:
See related issue #1128208 I tried added a systemd 'After' for dnsmasq on docker.service, but it doesn't seem to be honoured by systemd.
https://bugzilla.redhat.com/show_bug.cgi?id=1184710
Lokesh Mandvekar lsm5@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED
--- Comment #1 from Lokesh Mandvekar lsm5@redhat.com --- (In reply to Jason Shepherd from comment #0)
Version-Release number of selected component (if applicable):
docker-io 1.4.0
Could you try this with the latest stable rpm? (1.4.1-8.fc21)
dnsmasq 2.72
How reproducible:
Reboot the system with docker, and dnsmasq enabled.
Steps to Reproduce:
- Ensure docker is using the default dns option of 172.17.42.1
- Use the attached dnsmasq.conf
Hmm, don't see anything attached. I'll try reproducing this once I have your dnsmasq.conf
Reboot the system
Launch a docker container:
`docker run -i -t centos /usr/bin/ping www.redhat.com`
This works fine on my system, but then again, I'm not using dnsmasq:
$ rpm -q docker-io docker-io-1.4.1-8.fc21.x86_64
$ sudo docker run -it centos /usr/bin/ping www.redhat.com PING e1890.b.akamaiedge.net (23.193.135.214) 56(84) bytes of data. 64 bytes from a23-193-135-214.deploy.static.akamaitechnologies.com (23.193.135.214): icmp_seq=1 ttl=51 time=14.4 ms
https://bugzilla.redhat.com/show_bug.cgi?id=1184710
--- Comment #2 from Jason Shepherd jshepherd@redhat.com --- Created attachment 989895 --> https://bugzilla.redhat.com/attachment.cgi?id=989895&action=edit DNSMASQ configuration
https://bugzilla.redhat.com/show_bug.cgi?id=1184710
--- Comment #3 from Jason Shepherd jshepherd@redhat.com --- Hi Lokesh,
Thanks for looking into this. On further investigation I think the problem could be related to use an LVM partition mounted at /var/lib/docker. However I haven't been able to verify that, it's just been reported by others.
[jshepher@jshepher Documents]$ sudo lvdisplay /dev/vg_dhcp-1-52/lv_docker --- Logical volume --- LV Path /dev/vg_dhcp-1-52/lv_docker LV Name lv_docker VG Name vg_dhcp-1-52 LV UUID 4vFfQI-4Axe-cWza-tzAZ-QcuJ-e1cQ-UNVPV5 LV Write Access read/write LV Creation host, time jshepher.usersys.redhat.com, 2014-04-03 13:17:18 +1000 LV Status available # open 1 LV Size 125.00 GiB Current LE 4000 Segments 2 Allocation inherit Read ahead sectors auto - currently set to 256 Block device 253:4
cat /etc/fstab:
/dev/mapper/vg_dhcp--1--52-lv_docker /var/lib/docker ext4 defaults 1 2
https://bugzilla.redhat.com/show_bug.cgi?id=1184710
--- Comment #5 from Jason Shepherd jshepherd@redhat.com --- I tried with the latest version, 1.4.1-8.fc21, but it didn't make any difference.
I need to restart dnsmasq on the host for dns name resolution to work inside the container.
sudo systemctl restart dnsmasq
https://bugzilla.redhat.com/show_bug.cgi?id=1184710
Daniel Walsh dwalsh@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |dwalsh@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1184710
Fedora Admin XMLRPC Client fedora-admin-xmlrpc@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Assignee|lsm5@redhat.com |ichavero@redhat.com
--- Comment #7 from Fedora Admin XMLRPC Client fedora-admin-xmlrpc@redhat.com --- This package has changed ownership in the Fedora Package Database. Reassigning to the new owner of this component.
https://bugzilla.redhat.com/show_bug.cgi?id=1184710
Daniel Walsh dwalsh@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Priority|unspecified |medium Assignee|ichavero@redhat.com |lsm5@redhat.com
https://bugzilla.redhat.com/show_bug.cgi?id=1184710
Daniel Walsh dwalsh@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Assignee|lsm5@redhat.com |somalley@redhat.com
--- Comment #8 from Daniel Walsh dwalsh@redhat.com --- Sally could you confirm if this is still a problem.
https://bugzilla.redhat.com/show_bug.cgi?id=1184710
--- Comment #9 from Sally somalley@redhat.com --- $ rpm -q docker-io docker-io-1.6.0-4.git350a636.fc21.x86_64
$ docker run -i -t centos /usr/bin/ping www.redhat.com PING e1890.b.akamaiedge.net (23.196.44.61) 56(84) bytes of data. 64 bytes from a23-196-44-61.deploy.static.akamaitechnologies.com (23.196.44.61): icmp_seq=1 ttl=48 time=33.6 ms 64 bytes from a23-196-44-61.deploy.static.akamaitechnologies.com (23.196.44.61): icmp_seq=2 ttl=48 time=39.8 ms
No errors. I followed steps outlined in Description.
https://bugzilla.redhat.com/show_bug.cgi?id=1184710
Jason Shepherd jshepherd@redhat.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |CLOSED Resolution|--- |CURRENTRELEASE Last Closed| |2015-07-08 19:07:11
--- Comment #10 from Jason Shepherd jshepherd@redhat.com --- Also seems to be fixed for me.
golang@lists.fedoraproject.org
-
Red Hat Bugzilla