Skip to content
This repository has been archived by the owner on Oct 13, 2023. It is now read-only.

[18.09 backport] Fix: network=host using wrong resolv.conf with systemd-resolved #180

Conversation

thaJeztah
Copy link
Member

backport of moby#38579 for 18.09

When running a container in the host's network namespace, the container
gets a copy of the host's resolv.conf (copied to /etc/resolv.conf inside
the container).

The current code always used the default (/etc/resolv.conf) path on the
host, irregardless if systemd-resolved was used or not.

This patch uses the correct file if systemd-resolved was detected
to be running.

When running a container in the host's network namespace, the container
gets a copy of the host's resolv.conf (copied to `/etc/resolv.conf` inside
the container).

The current code always used the default (`/etc/resolv.conf`) path on the
host, irregardless if `systemd-resolved` was used or not.

This patch uses the correct file if `systemd-resolved` was detected
to be running.

Signed-off-by: Sebastiaan van Stijn <[email protected]>
(cherry picked from commit 8364d1c)
Signed-off-by: Sebastiaan van Stijn <[email protected]>
@thaJeztah thaJeztah added this to the 18.09.4 milestone Mar 26, 2019
@thaJeztah
Copy link
Member Author

ping @tiborvass @euanh PTAL

@prfcttone2
Copy link

prfcttone2 commented Mar 26, 2019 via email

@thaJeztah thaJeztah modified the milestones: 18.09.4, 18.09.5 Mar 28, 2019
@thaJeztah
Copy link
Member Author

relates to moby#37485

@andrewhsu andrewhsu merged commit 80e1031 into docker-archive:18.09 Mar 28, 2019
@thaJeztah thaJeztah deleted the 18.09_backport_fix_net_host_systemd_resolved branch March 28, 2019 20:52
@marcotuna
Copy link

marcotuna commented Apr 11, 2019

This fix did break my configuration.
/etc/docker/daemon.json

{
    "dns": ["172.17.0.1"]
}

Usually inside the container it would write on /etc/resolv.conf
172.17.0.1

Now it overwrites and writes 127.0.0.11 after the update to docker 18.09.5

I am running on Debian 9 Stretch without systemd-resolved

Edit: I should note that this happened because on the affected containers they aren't using the default bridge network, if I check a container using the bridge network it is working fine.

@thaJeztah
Copy link
Member Author

That's the expected behavior; 127.0.0.11 is the embedded DNS, which is used for resolving other containers on the network; other requests will be forwarded to the DNS that you specified

@zmrfzn
Copy link

zmrfzn commented May 9, 2019

is this also available on windows platform now?

@thaJeztah
Copy link
Member Author

Windows doesn't use systemd-resolvd, so this doesn't really apply there

@zmrfzn
Copy link

zmrfzn commented May 9, 2019

Is there windows equivalent for network=host ?

docker ee engine :18.06
windows server 2016 standard

@thaJeztah
Copy link
Member Author

No full equivalent afaik

@mcneiljt
Copy link

mcneiljt commented Jun 26, 2019

nevermind, my bad!

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

8 participants