Bug ID: 1128208
Summary: docker io not using proper DNS
QA Contact: extras-qa(a)fedoraproject.org
CC: admiller(a)redhat.com, dgoodwin(a)redhat.com,
rbriggs(a)redhat.com, s(a)shk.io, vbatts(a)redhat.com
Depends On: 1119849
The resolution for Bug #1119849 introduced a new problem.
I have a dockerfile that uses the command:
git clone http://gitolite.corp.redhat.com/cgit/it-sales/sfjavasuite.git/
Up until the most recent update the dockerfile worked expected. Now it fails
with a hostname not found.
It seems part of the update is docker will now try and use fixed DNS values of
220.127.116.11 and 18.104.22.168. Which is of course in appropriate for anyone inside a
private network. In some cases it is even considered a security risk to have
DNS lookups leak to a public DNS server, as it gives outside user information
about the private network.
It is possible to update the docker options to work around the problem. But
of course the DNS servers obtained by DHCP, so it would require restarting
docker-io with new settings everytime a new network connection is
Likewise another workaround is a set if iptable rules to override all DNS
lookups but again this introduces it's own set of problems.
And of course, I don't want to assume everyone who will use my Dockerfile has
updated their workstations and servers with whatever hack solution I use...
1. docker run fedora cat /etc/resolv.conf
The DNS settings equivalent to the host, which in my case are:
$ cat /etc/resolv.conf
# Generated by NetworkManager
# NOTE: the libc resolver may not support more than 3 nameservers.
# The nameservers listed below may not be recognized.
$ docker run fedora cat /etc/resolv.conf
Note: I'm not sure how the previous docker-io version got the 127.0.0.1
correct. But somehow it figured out that was an instruction to use the dnsmasq
instance on my laptop.
[Bug 1119849] su - postgres Results in System Error inside Fedora
You are receiving this mail because:
You are on the CC list for the bug.