Local DNSSEC resolver and Docker(containers)
P J P
pjp at fedoraproject.org
Mon Jan 19 09:36:33 UTC 2015
> On Monday, 19 January 2015 11:01 AM, Lokesh Mandvekar wrote:
> RE: docker, I could probably patch it out at build time to use 127.0.0.1 instead
> of google DNS.
> Sound good?
I doubt if that would suffice. IIUC, the issue is that currently containerised applications have no way to reach 127.0.0.1:53 on the host. We might need a dedicated network interface on the host with a consistent IP plus few iptables(8) rules to direct traffic through.
More information about the cloud