containers cannot use local dnsmasq

Bug #1387805 reported by Horst Schirmeier on 2014-10-30
This bug affects 2 people
Affects Status Importance Assigned to Milestone (Ubuntu)

Bug Description (1.0.1~dfsg1-0ubuntu1~ubuntu0.14.04.1 from trusty-updates) containers fail to resolve host names if dnsmasq is used in the host system:

$ docker build -t some-image
Sending build context to Docker daemon 4.096 kB
Sending build context to Docker daemon
Step 0 : FROM ubuntu:utopic
Pulling repository ubuntu
277eb4304907: Download complete
511136ea3c5a: Download complete
e12c576ad8a1: Download complete
102eb2a101b8: Download complete
530dbbae98a0: Download complete
37dde56c3a42: Download complete
8f118367086c: Download complete
 ---> 277eb4304907
Step 1 : MAINTAINER [...]
 ---> Running in 0d7110f3c6b3
 ---> 6ad364dded22
Removing intermediate container 0d7110f3c6b3
Step 2 : RUN apt-get update
 ---> Running in 38995d975211
Err utopic InRelease
Err utopic-updates InRelease
Err utopic-security InRelease
Err utopic Release.gpg
  Could not resolve ''
Err utopic-updates Release.gpg
  Could not resolve ''
Err utopic-security Release.gpg
  Could not resolve ''

$ grep nameserver /etc/resolv.conf

Workaround: Disable dnsmasq by commenting it out the "dns=dnsmasq" line in /etc/NetworkManager/NetworkManager.conf and restarting the network-manager and services (sudo service network-manager restart && sudo service restart). Alternatively enable the commented out DOCKER_OPTS="--dns --dns" line in /etc/default/ (and also restart the service). The latter workaround of course requires the / servers to be reachable from your network.

See also:

Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in (Ubuntu):
status: New → Confirmed
Paul Annekov (paul.annekov) wrote :

Second solution does not work for me. First solution (with NetworkManager.conf) perfectly solves my problem.

OS: Xubuntu 15.04
Docker: 1.7.0-dev, build 5e06332 (from ppa)

Paul Tagliamonte (paultag) wrote : inside the container isn't the same as inside the container.

I'm OK calling this a container misconfiguration.

I've not tried, but try setting dnsmasq to bind to the docker0 interface (likely bind to and hit that IP.

Otherwise you're hitting in the container, which isn't what you want (or where dnsmasq is bound)

This is part of network namespacing.

Closing the ticket, thanks!

Changed in (Ubuntu):
status: Confirmed → Invalid
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers