After researching this problem for a long time, still struggling to get a solution. Any pointers in the right direction would be much appreciated.
Host machine OS - CentOS 8. Using VMWare Fusion Pro, VM is behind NAT. To keep it simple, there is no worker node, just this one manager node.
swarm service is created on my CentOS 8 VM as follows -
docker service create -d -p 80:80 nginx
The service is successfully created and I can see nginx home page.
However, I cannot do curl google.com from inside the container.
Here are some of the facts and my failed attempts -
I have already changed /etc/docker/daemon.json to include following and then restarted docker service -
{
"dns": ["8.8.8.8"]
}
If I create individual docker container (docker container run ..) that resolves dns properly and I have no problem there. See following snippet -
root@e180d56ab94a:/# cat /etc/resolv.conf
search localdomain
nameserver 8.8.8.8
root@e180d56ab94a:/# curl google.com
<HTML><HEAD><meta http-equiv="content-type" content="text/html;charset=utf-8">
<TITLE>301 Moved</TITLE></HEAD><BODY>
<H1>301 Moved</H1>
The document has moved
<A HREF="http://www.google.com/">here</A>.
</BODY></HTML>
But container created from docker service doesn't do dns resolution.
My host machine IP is 192.168.112.135, my host machine's resolv.conf says nameserver is 192.168.112.2 and my container's ip is 10.0.0.14. So I guess there's no IP overlapping here and hence the possibility of problem discovered in this thread https://github.com/moby/moby/issues/27399 can be ruled out.
My host machine's resolv.conf looks like this -
$ cat /etc/resolv.conf
# Generated by NetworkManager
search localdomain
nameserver 192.168.112.2
Based upon What is overlay network and how does DNS resolution work?, I tried the following too but no avail -
docker service create --dns 192.168.112.2 -d -p 80:80 nginx
docker inspect container shows following snippet
:
:
"DNSConfig": {
"Nameservers": [
"192.168.112.2"
]
},
:
:
But that didn't work too. Neither did this work
docker service create --dns 8.8.8.8 -d -p 80:80 nginx
I have allowed docker0 through firewall -
$ sudo firewall-cmd --permanent --zone=trusted --add-interface=docker0
$ sudo firewall-cmd --reload
If I run the same command on my EC2 instance in AWS, the containers can resolve dns with no problem.
The problem can be reproduced on my VMs. Also tried different installations - CentOS 8 minimal installation as well as full installation.
Have already done following many times - restarted docker service, networking, host machine, made the node leave swarm and did swarm init back.
What am I missing?
