Local DNSSEC resolver and Docker(containers)
P J P
pjp at fedoraproject.org
Thu Jan 15 13:57:59 UTC 2015
This is an upcoming F22 feature; it proposes to install a local DNSSEC
validating DNS resolver running at 127.0.0.1:53 on Fedora systems. This
feature is already available in F21. One can easily run the local DNSSEC
enabled resolver by
$ sudo yum install dnssec-trigger
$ sudo systemctl enable dnssec-triggerd.service
$ # disable and stop any existing DNS service, e.g., dnsmasq
$ sudo systemctl start dnssec-triggerd.service
Though it works for most of the use-cases. Docker(or container) applications
seem to face problems in accessing the host's DNS resolver at 127.0.0.1:53.
I'm no expert on Docker(or container) applications. I was wondering if someone
could help in testing Docker(or container) applications with the local DNSSEC
validating resolver on F21.
Any results from this exercise would be immensely helpful in fixing bugs and
sorting out edge cases, thus making the solution robust and ready for F22 release.
I'm willing to help in any way I could. As always, your comments and suggestions
are most welcome!
More information about the cloud