发表新帖
发表新帖

Query docker embedded dns from host

后端 未结
关注
3 804
太阳男子
太阳男子 2021-02-05 18:14

Does anybody know a way to query the embedded dns server that the docker daemon uses. I\'m experimenting with packetbeats and it would be useful if I could replace docker ip add

相关标签:
3条回答
  • 执笔经年
    2021-02-05 18:52

    You can use socat to expose the Docker network's resolver at 127.0.0.11:53 like cirocosta/expose-edns image does, which is essentially:

    socat UDP4-RECVFROM:53,fork,bind="0.0.0.0" UDP4-SENDTO:127.0.0.11:53

    Then use it like:

    host container_name_to_resolve `docker inspect --format \
  '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' socat_container_name`

    Also note that the socat container must be in the same Docker network as target containers.

    Update

    To overcome the limitation of the same Docker network, phensley/docker-dns can be used (which uses Docker API). On an OS with NetworkManager and Dnsmasq enabled (otherwise can be enabled like described in this answer) you can run:

    docker run -d --name docker-dns -v /var/run/docker.sock:/docker.sock \
  phensley/docker-dns --domain docker --no-recursion

    Then inspect its IP address with:

    docker inspect --format \
   '{{range .NetworkSettings.Networks}}{{.IPAddress}}{{end}}' docker-dns

    And put it into /etc/NetworkManager/dnsmasq.d/docker.conf like:

    server=/docker/1.2.3.4

    After systemctl restart NetworkManager you should be able to address your Docker containers from host like ping CONTAINER_NAME.docker which is quite handy for dockerised development environments.

    0 讨论(0)
  • 花落未央
    2021-02-05 19:06

    Consul

    I like using Hashicorp's Consul for this. It can run as an installed client or container, and provides a DNS Interface that you can query external of Docker. It also has features like service discovery & monitoring, and is open source.

    https://www.consul.io/docs/agent/dns.html

    One of the primary query interfaces for Consul is DNS. The DNS interface allows applications to make use of service discovery without any high-touch integration with Consul.

    For example, instead of making HTTP API requests to Consul, a host can use the DNS server directly via name lookups like "redis.service.east-aws.consul". This query automatically translates to a lookup of nodes that provide the redis service, are located in the "east-aws" datacenter, and have no failing health checks. It's that simple!

    It might be overkill for what you're looking for, but should do the job.

    DNSMasq

    A simpler alternative might be DNSMasq. I'm not as familiar with it, but for a really small scale setting it would allow your host to be DNS aware of running containers.

    http://www.thekelleys.org.uk/dnsmasq/doc.html

    https://hub.docker.com/r/andyshinn/dnsmasq/

    0 讨论(0)
  • 南笙
    2021-02-05 19:12

    Another way would be to use docker-dns. It's a docker container that exposes a dns server that resolves the docker containers.

    Running it is as simple as

    docker run -d --name dns -v /var/run/docker.sock:/docker.sock phensley/docker-dns
    0 讨论(0)
 看不清?
提交回复
热议问题