3.3. Set up Dnsmasq¶
3.3.1. Install And Configure Dnsmasq¶
Dnsmasq can be used as a lightweight DNS server. We will use dnsmasq to store the address of each Docker container we will set up later.
To install dnsmasq:
sudo yum install dnsmasq
We then need to configure dnsmasq. Edit the configuration file /etc/dnsmasq.conf:
sudo $EDITOR /etc/dnsmasq.conf
Search for the option interface in the file, uncomment the line, and change it to the following:
interface=docker0
Search for the option domain-needed and uncomment it, since we have all Docker container names without dots.
Save the file and exit.
We can now start dnsmasq:
sudo systemctl enable dnsmasq
sudo systemctl start dnsmasq
If the firewall is enabled (you can check it by executing systemctl status firewalld), we need to make docker0 a
trusted network:
sudo firewall-cmd --permanent --zone=trusted --change-interface=docker0
sudo firewall-cmd --reload
To test whether dnsmasq is accessible from a Docker container, run the following command to run a shell in Docker container:
docker run -t -i --rm debian /bin/bash
In this shell:
apt-get update && apt-get install -y --no-install-recommends dnsutils
dig @<echo $HOST_ADDR> www.blober.org
where <echo $HOST_ADDR> is the output of echo $HOST_ADDR on the bash shell on the host system. If the DNS record
of www.blober.org is shown, then dnsmasq is correctly set up. Exit the shell in the container by press
Ctrl-D.
3.3.2. Auto Update DNS Record of Docker Containers¶
We need to automatically update Docker container DNS records when a container changes its IP address.
We have prepared a script update-dnsmasq.sh to do auto updating, and a systemd unit file to run the script as a
daemon (can be viewed in Dnsmasq Auto Update Script). The script checks the IP addresses of all running
containers every period of time (10s by default). If the change of an IP address is detected, it will update the
configuration files in /etc/dnsmasq.d and restart dnsmasq. To download the relevant files and run this script:
sudo wget -O /usr/local/bin/update-dnsmasq.sh \
http://docs.blober.org/_downloads/update-dnsmasq.sh
sudo chmod +x /usr/local/bin/update-dnsmasq.sh
sudo wget -O /usr/lib/systemd/system/update-dnsmasq.service \
http://docs.blober.org/_downloads/update-dnsmasq.service
sudo systemctl enable update-dnsmasq && sudo systemctl start update-dnsmasq