5

I am attempting to write Dockerfile instructions to use yum and install a few packages. When I run my build command, I will always get an error...

(28, 'Resolving timed out after 5000 milliseconds')

... due to the lack of network access. I have compared my host and container /etc/resolv.conf, and noticed they were different.

Example (Host)

# Generated by expressvpn
search expressvpn
nameserver 10.53.0.1

Example (Container)

search expressvpn
nameserver 10.1.2.3
nameserver 8.8.8.8

I attempted copying the host /etc/resolv.conf and overwriting the container /etc/resolv.conf as follows

$ echo "# Generated by expressvpn
> search expressvpn
> nameserver 10.53.0.1" > "/etc/resolv.conf"

Then immediately gained network access again and was able to use yum. However, if I try reading the Dockerfile with a build command, it does not seem to work anymore. How do I make docker use the host resolv.conf on build or resolve this issue correctly? It seemed to not have an issue with my VPN before. Is that the issue now?

Improve this question
4
  • Have you tried restarting the docker engine after connecting the VPN? Commented Feb 24, 2022 at 0:14
  • The VPN connection command is built into the host startup sequence. Then I run the command to start the docker engine manually. Commented Feb 24, 2022 at 0:19
  • Have you configured DNS settings on the docker engine. Either in /etc/docker/daemon.json or with CLI flags? Commented Feb 24, 2022 at 0:37
  • You pointed me in the right direction. I will have to manually configure my /etc/docker/daemon.json when I restart my host or change any VPN settings, but I am back in business with at least testing! Commented Feb 24, 2022 at 21:29

2 Answers 2

Reset to default
3

I was able to at least get my docker to build the containers by taking the same naming conventions used in the Docker Daemon CLI options and applying them to a /etc/docker/daemon.json manually, then restarting the Docker Daemon.

  1. Read the host /etc/resolv.config (Yours will likely be different)
$ cat /etc/resolv.config
# Generated by expressvpn
search expressvpn
nameserver 10.53.0.1
  1. Make a new, or use the /etc/docker/daemon.json (I had to use Super User to write the file)
$ sudo touch /etc/docker/daemon.json
  1. Use the Daemon file to manually set the Virtual Network to the host /etc/resolv.conf output as described in #1 (Again yours is likely to be different). You can find the different options here just use the CLI options as keys and arrays with strings as values.
{
    "dns": [
        "10.53.0.1"
    ],
    "dns-search": [
        "expressvpn"
    ]
}
  1. Hard stop all docker processing
$ sudo ps axf | grep docker | grep -v grep | awk '{print "kill -9 " $1}' | sudo sh
  1. Restart Docker Daemon
$ sudo dockerd

This is not the most elegant solution, but I was able to at least get my Docker to build the Container and continue on with my work.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

2

Docker overrides the resolve.conf file so it matches the virtual network it is setting up. You may have an atypical network setup for your container that is screwing up Docker. There are two ways to automate the fix you came up with above:

  1. The --dns option in the command line should tell Docker how to properly create the resolve file how you want it.
  2. You can overwrite the resolve file at start.

You can also try to figure out why Docker is getting screwed up, but that is a potentially much more complicated problem.

Improve this answer

2 Comments

I configured the --dns when I start dockerd with a /etc/docker/daemon.json, you helped quite a lot! Thank you!
@VolksRat71 no problem, click the checkmark next to this answer to mark it as correct.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.