New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Template-less DNS auto-configuration #4
Comments
+1 for bind-mount |
Is it technically possible for the host to receive traffic to 127.0.0.1 UDP/53 originating from a container? If so, it could elegantly resolve DNS for all containers, making /etc/resolv.conf optional. |
ghost
assigned aluzzardi
Feb 25, 2013
bind-mount has been implemented; closing this ticket. For other DNS-related issues, see #541. |
creack
added a commit
that referenced
this issue
Jan 31, 2014
…6-and-arm-clients Update/fix build tags, Dockerfile, and release.sh for proper building and releasing of linux/386 and linux/arm cross-compiled client binaries
tianon
referenced
this issue
in tianon/docker
Feb 10, 2014
Update NetworkChangeName to be more similar to my original
vieux
added a commit
that referenced
this issue
May 7, 2014
update the docs for the new \n rendering
jakedt
pushed a commit
to DevTable/docker
that referenced
this issue
Jun 5, 2014
proppy
pushed a commit
to proppy/docker
that referenced
this issue
Jul 24, 2014
Move Dns and VolumesFrom to host config
rmccooey27
pushed a commit
to rmccooey27/docker
that referenced
this issue
Apr 13, 2015
Update init.pp
mavenugo
pushed a commit
to mavenugo/docker
that referenced
this issue
May 8, 2015
tucksaun
pushed a commit
to tucksaun/docker
that referenced
this issue
Nov 16, 2015
Hide unmount failures from user and to Debug.
thaJeztah
pushed a commit
to thaJeztah/docker
that referenced
this issue
Jul 5, 2018
…mediatypes [18.06] Register OCI image media types
This was referenced Jul 26, 2018
Merged
tussennet
pushed a commit
to tussennet/moby
that referenced
this issue
Sep 4, 2020
Continue FreeBSD WIP
thaJeztah
added a commit
that referenced
this issue
Oct 4, 2021
[20.10] chrootarchive: don't create parent dirs outside of chroot
ndeloof
pushed a commit
to ndeloof/docker
that referenced
this issue
Jul 6, 2022
Introduce containerd-snapshotter feature flag
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The containers system currently in production at dotCloud relies on a templating mechanism to setup a bunch of files before containers are actually started; namely:
Almost all this templating magic can be waived a way or another (e.g., network configuration can be done "from outside" by Docker itself, instead of relying on inside-the-container distro scripts).
However, one item remains: /etc/resolv.conf. If we want the container to be able to do any kind of DNS resolution (and we probably do!) we need a valid /etc/resolv.conf.
Here are a few facts:
Its' safe that >99% of the systems out there are setup to use /etc/resolv.conf (with <1% with LDAP etc.), so the overwhelming majority of systems will work if we override /etc/resolv.conf. This can be done in multiple ways:
Generally speaking, the issue might arise with other configuration files. However, this should be fairly limited. There is a vast amount of knowledge out there about operation of disk-less UNIX systems, using e.g. read-only NFS root filesystems. Such methods exist since the 90s and all decent distros even have hooks to support read-only rootfs operation. I expect that exceptions would stem from brain-dead vendor binaries assuming some configuration file to be located in a hard-coded location (e.g. /etc/foo.conf or /opt/foo-1.0.42/etc/foo.conf).
For now, I tend to favor the bind-mount option, since:
The text was updated successfully, but these errors were encountered: