moby: Containers name resolution timed out with embedded DNS
I have two docker containers started and linked via docker-compose.yml file:
version: '2'
services:
srv1:
image: test-net
expose:
- 8000
command: python -m SimpleHTTPServer
working_dir: /tmp
srv2:
image: test-net
links:
- srv1
command: tail -f /var/log/dpkg.log
networks:
default:
driver: bridge
driver_opts:
'com.docker.network.enable_ipv6': 'true'
test-net is a simple Ubuntu image with some additional stuff preinstalled.
After I run docker-compose up, I can attach to srv2 container (testdockercompose_srv2_1 in my example) and it looks like everything is set properly:
# cat /etc/resolv.conf
search haze.yandex.net yandex.net yandex.ru
nameserver 127.0.0.11
nameserver <my:host:system:ipv6:dns::1>
options ndots:0
# ping -w 5 127.0.0.11
PING 127.0.0.11 (127.0.0.11) 56(84) bytes of data.
64 bytes from 127.0.0.11: icmp_seq=1 ttl=64 time=0.090 ms
64 bytes from 127.0.0.11: icmp_seq=2 ttl=64 time=0.086 ms
--- 127.0.0.11 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 3999ms
rtt min/avg/max/mdev = 0.065/0.081/0.090/0.011 ms
# ping -w 2 srv1
PING srv1 (172.19.0.2) 56(84) bytes of data.
64 bytes from testdockercompose_srv1_1.testdockercompose_default (172.19.0.2): icmp_seq=1 ttl=64 time=0.132 ms
64 bytes from testdockercompose_srv1_1.testdockercompose_default (172.19.0.2): icmp_seq=2 ttl=64 time=0.114 ms
--- srv1 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.114/0.123/0.132/0.009 ms
But if I try to call name resolution for srv1 directly via host of nslookup I get “connection timed out”:
# host srv1
;; connection timed out; no servers could be reached
# nslookup srv1
;; Got recursion not available from 127.0.0.11, trying next server
;; connection timed out; no servers could be reached
At the same time name resolution works fine if I specify DNS server explicitly:
# nslookup srv1 127.0.0.11
Server: 127.0.0.11
Address: 127.0.0.11#53
Non-authoritative answer:
Name: srv1
Address: 172.19.0.2
This leads to HTTP timeouts during calls to linked containers. A simple curl call to http://srv1:8000 takes 15 secs, while call to http://172.19.0.2:8000 is instant.
My host system is IPv6-only Linux with docker 1.10.1 installed.
› docker version
Client:
Version: 1.10.1
API version: 1.22
Go version: go1.5.3
Git commit: 9e83765
Built: Thu Feb 11 19:27:08 2016
OS/Arch: linux/amd64
Server:
Version: 1.10.1
API version: 1.22
Go version: go1.5.3
Git commit: 9e83765
Built: Thu Feb 11 19:27:08 2016
OS/Arch: linux/amd64
› sudo docker info
Containers: 9
Running: 2
Paused: 0
Stopped: 7
Images: 88
Server Version: 1.10.1
Storage Driver: aufs
Root Dir: /var/lib/docker/aufs
Backing Filesystem: extfs
Dirs: 93
Dirperm1 Supported: true
Execution Driver: native-0.2
Logging Driver: json-file
Plugins:
Volume: local
Network: host bridge null
Kernel Version: 3.19.0-42-lowlatency
Operating System: Ubuntu 14.04.1 LTS
OSType: linux
Architecture: x86_64
CPUs: 1
Total Memory: 1.954 GiB
Name: var01f.vsfront.yandex.net
ID: YYOZ:TMTI:UE6N:6DUW:S2GP:KGNN:TN3G:CEQO:F2CA:ODQE:FRQH:Q356
Debug mode (server): true
File Descriptors: 33
Goroutines: 54
System Time: 2016-02-15T23:48:08.593476359+03:00
EventsListeners: 0
Init SHA1: e1042dbb0bcf49bb9da188176d9a5063cdb92a01
Init Path: /usr/lib/docker/dockerinit
Docker Root Dir: /var/lib/docker
WARNING: No swap limit support
Labels:
provider=generic
About this issue
- Original URL
- State: closed
- Created 8 years ago
- Comments: 24 (9 by maintainers)
Sadly the 8.8.8.8 dns server is blocked by China’s Great Firewall, so when I develop in local machine the communication speed between docker projects become slow.