DNS in Docker containers: What is it and how does it work?
Have you ever wondered how Docker containers communicate with the outside world? How does that internal DNS system work, and how can you use it to your advantage? Here’s everything you need to know about Docker container DNS, from defining the term to explaining how it works and when you can use it to your advantage.
WHAT IS A DOMAIN NAME SYSTEM (DNS)?
A Domain Name System (DNS) is a hierarchical decentralized naming system for computers, services, or other resources connected to the Internet or a private network. It associates various information with domain names assigned to each of the participating entities. The most common uses of DNS are translating human-friendly computer hostnames into IP addresses so that they can be located by computer programs, providing translation for mail routing both within and outside organizational boundaries, and storing information about resource records on an Internet server’s local file system.
In large networks, DNS allows administrators to control the assignment of the domain name space among local domains. Domains are portions of the DNS namespace partitioned according to administrative autonomy. Administrators specify registrars who maintain authoritative databases which point to the authoritative servers for different parts of the domain hierarchy.
For example, in Figure 1 below, example has been delegated as a subdomain of com, such that any time we see a website ending in .example we know it belongs to this organization rather than another organization like comcast. com. We’ll talk more about what these top level domains represent later in this post. The data associated with a particular domain is stored in one or more zone files, where each zone file defines an individual domain.
WHY DO I NEED A DNS IN THE FIRST PLACE?
Without a DNS, your computer would have to store the IP addresses of all the websites you visit. This would be incredibly inefficient, not to mention difficult to keep track of. A DNS allows your computer to store domain names instead of IP addresses, which are much easier to remember. When your browser requests a website’s IP address from the server, it first asks the local DNS if that website has an assigned name.
If there is no match for that name, then your computer will send out an Internet request asking for the site’s IP address. The reply comes back with either the domain’s IP address or a message saying No such host. In this way, even though computers don’t use DNS on their own, they’re still dependent on this service because without it they wouldn’t know where to find any sites online.
To implement this system, one usually sets up a Dynamic Host Configuration Protocol (DHCP) so each device gets its IP address automatically from the DHCP server. Each time your laptop connects to the internet, it contacts the DHCP server and receives an IPv4 address along with other information like subnet mask and default gateway. The DHCP then sends these values back to your laptop as well as configuring routers to let data flow through between networks.
The only difference when running a docker container is that docker assigns IP addresses dynamically using an internal DHCP server. To do this, add -e DOCKER_OPTS=–dns 184.108.40.206 at the end of the docker run command line. Alternatively, set it by editing your machine’s settings manually through Network Connections > Properties > TCP/IPv4 > Obtain DNS Server Address Automatically (if not already selected).
HOW DOES THE CONTAINERIZED DNS WORK?
Containerized DNS, or cDNS, is a system that allows containers to communicate with each other using DNS. cDNS uses a different set of root servers than traditional DNS, which makes it more efficient and scalable. When a container wants to communicate with another container, it sends a request to the cDNS server. The cDNS server then looks up the IP address of the other container and returns it to the first container.
The communication between the two containers continues as normal. In this way, every container can be reached by all other containers without any need for specific configuration. If a container doesn’t know where to find an IP address for another container, it will ask the cDNS server. The cDNS server will contact all its other clients to find out where the desired address is located and eventually return an answer back to the requesting client.