Join Log in
Score:0
avatar Server

Using dnsmasq in a Docker container for the host and for Docker internal DNS resolution

re flag
Bram

I'm working on a web project that consists of multiple services. Every service has it's own docker-compose.yml file that declares it's "app" and it's possible dependencies (databases etc). To have them all play nicely together, I have built a local dev env that ties them together with an nginx proxy that has server blocks with proper servernames and then proxy_pass'es the requests to the actual containers using Docker's networking.

I've also added dnsmasq in a container as well to aid with DNS, to use the domain names locally instead of localhost:port combo's (by adding a resolver for the test tld to 127.0.0.1).

Proxy docker-compose:

services:
    local-proxy:
        build: ./nginx
        ports:
            - 80:80
            - 443:443

    local-proxy-dnsmasq:
        build: ./dnsmasq # builds on top of 4km3/dnsmasq
        ports:
            - "53:53/tcp"
            - "53:53/udp"
        cap_add:
            - NET_ADMIN
networks:
    default:
        external:
            name: domain-local

dnsmasq.conf:

listen-address=0.0.0.0
interface=eth0
user=root

address=/.test/0.0.0.0

example proxy nginx server:

server {
    server_name login.domain.test;
    location / {
        # headers...
        proxy_pass http://domain-login:8080;
    }
}

example docker-compose of one of the services:

services:
    domain-login:
        build: # ...
        networks:
            - default
            - domain-local

All of this works perfectly fine in the browser, I can go to tenant.domain.test , get redirected to login.domain.test...

However, when the container running tenant.domain.test has to make a curl request from it's container to one of the others (e.g. login.domain.test to complete the oauth flow), it borks as it's trying to resolve login.domain.test by going to itself:

root@6d25c2f5daf1:/var/www/app# nslookup login.domain.test
Server:     127.0.0.11
Address:    127.0.0.11#53

Non-authoritative answer:
Name:   login.domain.test
Address: 0.0.0.0
;; connection timed out; no servers could be reached

If I change the dnsmasq.conf from address=/.test/0.0.0.0 to address=/.test/10.0.1.102 (the currently assigned IP of my computer), everything works. However this is of course not a working solution for coworkers for example. Can anyone set me on the correct Google path potentially or have a fix?

1765
0 + 0
Score:1
avatar Server
jp flag
AlexD

The line address=/.test/0.0.0.0 tells dnsmasq to resolve domain name test to IP address 0.0.0.0. The address 0.0.0.0 is not a valid IP address. It is handled by some browsers (e.g. chrome) as 127.0.0.1 but it is non-standard behaviour.

0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.