kotovalexarian-likes-github
/
moby--moby
mirror of https://github.com/moby/moby.git
1
0
Fork 0
Code Releases Activity
moby--moby/daemon
History
Sebastiaan van Stijn a5324d6950
Better selection of DNS server 
Commit e353e7e3f0 updated selection of the
`resolv.conf` file to use in situations where systemd-resolvd is used as
a resolver.

If a host uses `systemd-resolvd`, the system's `/etc/resolv.conf` file is
updated to set `127.0.0.53` as DNS, which is the local IP address for
systemd-resolvd. The DNS servers that are configured by the user will now
be stored in `/run/systemd/resolve/resolv.conf`, and systemd-resolvd acts
as a forwarding DNS for those.

Originally, Docker copied the DNS servers as configured in `/etc/resolv.conf`
as default DNS servers in containers, which failed to work if systemd-resolvd
is used (as `127.0.0.53` is not available inside the container's networking
namespace). To resolve this, e353e7e3f0 instead
detected if systemd-resolvd is in use, and in that case copied the "upstream"
DNS servers from the `/run/systemd/resolve/resolv.conf` configuration.

While this worked for most situations, it had some downsides, among which:

- we're skipping systemd-resolvd altogether, which means that we cannot take
  advantage of addition functionality provided by it (such as per-interface
  DNS servers)
- when updating DNS servers in the system's configuration, those changes were
  not reflected in the container configuration, which could be problematic in
  "developer" scenarios, when switching between networks.

This patch changes the way we select which resolv.conf to use as template
for the container's resolv.conf;

- in situations where a custom network is attached to the container, and the
  embedded DNS is available, we use `/etc/resolv.conf` unconditionally. If
  systemd-resolvd is used, the embedded DNS forwards external DNS lookups to
  systemd-resolvd, which in turn is responsible for forwarding requests to
  the external DNS servers configured by the user.
- if the container is running in "host mode" networking, we also use the
  DNS server that's configured in `/etc/resolv.conf`. In this situation, no
  embedded DNS server is available, but the container runs in the host's
  networking namespace, and can use the same DNS servers as the host (which
  could be systemd-resolvd or DNSMasq
- if the container uses the default (bridge) network, no embedded DNS is
  available, and the container has its own networking namespace. In this
  situation we check if systemd-resolvd is used, in which case we skip
  systemd-resolvd, and configure the upstream DNS servers as DNS for the
  container. This situation is the same as is used currently, which means
  that dynamically switching DNS servers won't be supported for these
  containers.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
 		2020-05-25 18:20:56 +02:00
..
cluster Replace errors.Cause() with errors.Is() / errors.As() 2020-04-29 00:28:41 +02:00
config API: deprecate /info "ClusterStore" and "ClusterAdvertise" fields 2020-03-03 18:10:47 +01:00
discovery bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
events daemon: normalize comment formatting 2019-11-27 15:43:53 +01:00
exec Handle blocked I/O of exec'd processes 2019-06-21 12:02:15 -04:00
graphdriver Replace errors.Cause() with errors.Is() / errors.As() 2020-04-29 00:28:41 +02:00
images Replace errors.Cause() with errors.Is() / errors.As() 2020-04-29 00:28:41 +02:00
initlayer Add ADD/COPY --chown flag support to Windows 2018-08-13 21:59:11 -07:00
links daemon: normalize comment formatting 2019-11-27 15:43:53 +01:00
listeners vendor containerd, BuildKit, protobuf, grpc, and golang.org/x 2020-03-03 10:25:20 +09:00
logger Fix flakey test for log file rotate. 2020-05-18 10:27:53 -07:00
names
network Merge pull request #40007 from arkodg/add-host-docker-internal 2020-01-27 13:42:26 +01:00
stats Use condition variable to wake stats collector. 2020-02-08 11:06:34 -08:00
testdata
apparmor_default.go daemon: fix capitalization of some functions 2020-04-14 17:22:19 +02:00
apparmor_default_unsupported.go
archive.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
archive_tarcopyoptions.go Add ADD/COPY --chown flag support to Windows 2018-08-13 21:59:11 -07:00
archive_tarcopyoptions_unix.go Add ADD/COPY --chown flag support to Windows 2018-08-13 21:59:11 -07:00
archive_tarcopyoptions_windows.go
archive_unix.go
archive_windows.go
attach.go Replace errors.Cause() with errors.Is() / errors.As() 2020-04-29 00:28:41 +02:00
auth.go
changes.go daemon: add "isWindows" const 2019-10-17 23:49:43 +02:00
checkpoint.go daemon/checkpoint: rm extra checks 2019-09-18 12:57:22 +02:00
cluster.go
commit.go daemon: add "isWindows" const 2019-10-17 23:49:43 +02:00
configs.go
configs_linux.go
configs_unsupported.go
configs_windows.go
container.go vendor: opencontainers/selinux v1.5.1 2020-05-05 20:33:06 +02:00
container_linux.go daemon: fix capitalization of some functions 2020-04-14 17:22:19 +02:00
container_operations.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
container_operations_unix.go Better selection of DNS server 2020-05-25 18:20:56 +02:00
container_operations_windows.go container.ConfigFilePath: use same signature on Windows 2019-09-03 10:51:43 +02:00
container_unix_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
container_windows.go daemon: fix capitalization of some functions 2020-04-14 17:22:19 +02:00
create.go vendor: opencontainers/selinux v1.5.1 2020-05-05 20:33:06 +02:00
create_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
create_unix.go Check tmpfs mounts before create anon volume 2020-02-04 10:12:05 -08:00
create_windows.go Entropy cannot be saved 2019-06-07 11:54:45 +01:00
daemon.go registry: fix mtls config dir passing 2020-05-14 12:02:09 -07:00
daemon_linux.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
daemon_linux_test.go Really switch to moby/sys/mount* 2020-03-20 09:46:25 -07:00
daemon_test.go Replace errors.Cause() with errors.Is() / errors.As() 2020-04-29 00:28:41 +02:00
daemon_unix.go Merge pull request #40845 from AkihiroSuda/allow-privileged-cgroupns-private-on-cgroup-v1 2020-05-07 21:11:42 +02:00
daemon_unix_test.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
daemon_unsupported.go cgroup2: implement `docker info` 2020-04-17 07:20:01 +09:00
daemon_windows.go cgroup2: implement `docker info` 2020-04-17 07:20:01 +09:00
daemon_windows_test.go
debugtrap_unix.go daemon: rename all receivers to "daemon" 2020-04-14 17:22:21 +02:00
debugtrap_unsupported.go daemon: rename all receivers to "daemon" 2020-04-14 17:22:21 +02:00
debugtrap_windows.go daemon: rename all receivers to "daemon" 2020-04-14 17:22:21 +02:00
delete.go Updates daemon's remove link method to use more verbose error output. 2019-04-25 13:08:08 -04:00
delete_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
dependency.go
devices_linux.go Add DeviceRequests to HostConfig to support NVIDIA GPUs 2019-03-18 17:19:45 +00:00
disk_usage.go
errors.go Merge pull request #38541 from Microsoft/jjh/containerd 2019-03-19 21:09:19 -07:00
events.go Remove `SystemInfo()` error handling. 2019-08-29 07:44:39 +08:00
events_test.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
exec.go remove uses of deprecated pkg/term 2020-04-21 16:29:27 +02:00
exec_linux.go daemon: fix capitalization of some functions 2020-04-14 17:22:19 +02:00
exec_linux_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
exec_windows.go Windows: (WCOW) Generate OCI spec that remote runtime can escape 2019-03-12 18:41:55 -07:00
export.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
health.go daemon: rename all receivers to "daemon" 2020-04-14 17:22:21 +02:00
health_test.go daemon: suppress logs in unit tests 2019-10-18 00:57:56 +02:00
info.go cgroup2: implement `docker info` 2020-04-17 07:20:01 +09:00
info_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
info_unix.go cgroup2: implement `docker info` 2020-04-17 07:20:01 +09:00
info_unix_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
info_windows.go Make cgroup namespaces configurable 2019-05-07 10:22:16 -07:00
inspect.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
inspect_linux.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
inspect_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
inspect_windows.go
keys.go
keys_unsupported.go
kill.go do not stop health check before sending signal 2019-07-14 11:53:13 +02:00
licensing.go Expose license status in Info (#37612) 2018-08-17 17:05:21 -07:00
licensing_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
links.go
list.go Fix filter on expose and publish 2020-05-15 11:12:03 +02:00
list_test.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
list_unix.go
list_windows.go
logdrivers_linux.go Support configuration of log cacher. 2020-02-19 17:02:34 -05:00
logdrivers_windows.go Support configuration of log cacher. 2020-02-19 17:02:34 -05:00
logs.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
logs_test.go
metrics.go daemon: rename all receivers to "daemon" 2020-04-14 17:22:21 +02:00
metrics_unix.go Do not require "experimental" for metrics API 2020-04-20 22:19:00 +02:00
metrics_unsupported.go
monitor.go daemon: add "isWindows" const 2019-10-17 23:49:43 +02:00
mounts.go
names.go Entropy cannot be saved 2019-06-07 11:54:45 +01:00
network.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
network_windows.go daemon.getEndpointInNetwork() is only used on Windows 2019-09-18 12:55:46 +02:00
nvidia_linux.go goimports: fix imports 2019-09-18 12:56:54 +02:00
oci_linux.go support `--privileged --cgroupns=private` on cgroup v1 2020-04-21 23:11:32 +09:00
oci_linux_test.go daemon: address some minor linting issues and nits 2020-04-14 17:22:17 +02:00
oci_utils.go goimports: fix imports 2019-09-18 12:56:54 +02:00
oci_windows.go Move DefaultCapabilities() to caps package 2019-11-14 21:13:16 +02:00
oci_windows_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
pause.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
prune.go
reload.go Adding ability to change max download attempts 2019-09-19 13:51:40 +02:00
reload_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
reload_unix.go Make cgroup namespaces configurable 2019-05-07 10:22:16 -07:00
reload_windows.go
rename.go docker rename enhancement 2018-09-21 09:43:06 +08:00
resize.go Merge pull request #38522 from cpuguy83/fix_timers 2019-06-07 13:16:46 +02:00
resize_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
restart.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
seccomp_disabled.go daemon: make supportsSeccomp a const 2019-10-13 19:16:31 +02:00
seccomp_linux.go daemon: make supportsSeccomp a const 2019-10-13 19:16:31 +02:00
seccomp_unsupported.go daemon: make supportsSeccomp a const 2019-10-13 19:16:31 +02:00
secrets.go
secrets_linux.go
secrets_unsupported.go
secrets_windows.go
selinux_linux.go goimports: fix imports 2019-09-18 12:56:54 +02:00
selinux_unsupported.go
start.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
start_unix.go cgroup2: use shim V2 2020-01-01 02:58:40 +09:00
start_windows.go Remove refs to jhowardmsft from .go code 2019-09-25 10:51:18 -07:00
stats.go Merge pull request #40478 from cpuguy83/dont-prime-the-stats 2020-04-16 20:57:06 +02:00
stats_collector.go
stats_unix.go
stats_windows.go
stop.go
top_unix.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
top_unix_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
top_windows.go goimports: fix imports 2019-09-18 12:56:54 +02:00
trustkey.go Allow system.MkDirAll() to be used as drop-in for os.MkDirAll() 2019-08-08 15:05:49 +02:00
trustkey_test.go bump gotest.tools v3.0.1 for compatibility with Go 1.14 2020-02-11 00:06:42 +01:00
unpause.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
update.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
update_linux.go goimports: fix imports 2019-09-18 12:56:54 +02:00
update_windows.go Windows: Experimental: Allow containerd for runtime 2019-03-12 18:41:55 -07:00
util_test.go add NewContainerOpts to libcontainerd.Create 2019-10-03 11:45:41 -04:00
volumes.go Fix relabeling local volume source dir 2018-08-30 15:58:49 -07:00
volumes_linux.go Fix the several typos detected by github.com/client9/misspell 2018-08-09 00:45:00 +09:00
volumes_linux_test.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
volumes_unit_test.go
volumes_unix.go daemon: rename variables that collide with imported package names 2020-04-14 17:22:23 +02:00
volumes_unix_test.go
volumes_windows.go Add ADD/COPY --chown flag support to Windows 2018-08-13 21:59:11 -07:00
wait.go
workdir.go Add ADD/COPY --chown flag support to Windows 2018-08-13 21:59:11 -07:00