-
Notifications
You must be signed in to change notification settings - Fork 2.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Impossible to override container's DNS with network #17499
Comments
podman 4.4 changed how --dns works on network with dns anabled, it will instead set the dns servers correctly in aardvark-dns which will allow inter container name resolution to work as well as using your custom dns server. see #16297 |
Yeah the aardvark resolver (172.18.0.65 in the example) works correctly. But due to there being Google dns entries resolving generally doesn't work (in 66% of cases...). In the past Google DNS entries were added when resolv.conf was pointing to a localhost resolver (e.g. systemd-resolved like in this case) and |
Also hit by this breaking change, pods no longer hit local consul for DNS lookups so their nodes are effectively dead. Is the fix just to recreate the network with |
If you do not use internal dns names then yes --disable-dns is recommended. |
Since commit 0624107 we use the aardvark per container dns functionality. This means we should only have the aardvark ip in resolv.conf otherwise the client resolver could skip aardvark, thus ignoring the special dns option for this container. Fixes containers#17499 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Since commit 0624107 we use the aardvark per container dns functionality. This means we should only have the aardvark ip in resolv.conf otherwise the client resolver could skip aardvark, thus ignoring the special dns option for this container. Fixes containers#17499 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Issue Description
Since podman 4.4.0 it's no longer possible to override DNS entries in resolv.conf for a container if it's connected to a specific network. It leads to connectivity issues due to google dns entries being there.
Steps to reproduce the issue
Steps to reproduce the issue
podman network create test
podman run --rm -ti --net test --dns 10.0.2.3 fedora cat /etc/resolv.conf
Describe the results you received
Describe the results you expected
podman info output
Podman in a container
No
Privileged Or Rootless
Rootless
Upstream Latest Release
Yes
Additional environment details
Fedora 37 with systemd-resolved enabled.
Additional information
When DNS is configured to the same value in /etc/containers.conf then for 4.3.1 reproduction steps end with:
For 4.4.1 it doesn't change anything.
Network created with
--dns 10.0.2.3
doesn't change anything, resolv.conf is the same.Podman is the only package I've found affecting results, downgrading netavark or aardvark doesn't change anything.
The text was updated successfully, but these errors were encountered: