From 8b6f3d7085af830559648b5bbbc64d3ffe6cd647 Mon Sep 17 00:00:00 2001 From: Dan Kelleher Date: Fri, 3 Feb 2017 16:32:55 -0500 Subject: [PATCH] Force cgo for golang DNS resolver The default behavior of the golang net package is to use the pure go implementation which sends DNS requests directly to the servers listed in resolv.conf. This breaks when running the docker client inside a docker container that's 'linked' with other containers given that those links utilize teh /etc/hosts to function. This change forces golang's netdns to use cgo which uses the system c libraries and respects nsswitch. Before this change any short name conflict will result in the DNS query resolving to a remote host instead of the linked container. For example, docker will resolve to docker.rc.fas.harvard.edu instead of the linked container due to the search domain in /etc/resolv.conf. --- 1.12/docker-entrypoint.sh | 3 +++ 1.13/docker-entrypoint.sh | 3 +++ 2 files changed, 6 insertions(+) diff --git a/1.12/docker-entrypoint.sh b/1.12/docker-entrypoint.sh index fe790b143..aaac31921 100755 --- a/1.12/docker-entrypoint.sh +++ b/1.12/docker-entrypoint.sh @@ -12,6 +12,9 @@ if docker help "$1" > /dev/null 2>&1; then set -- docker "$@" fi +# force cgo resolver +export GODEBUG=netdns=cgo + # if we have "--link some-docker:docker" and not DOCKER_HOST, let's set DOCKER_HOST automatically if [ -z "$DOCKER_HOST" -a "$DOCKER_PORT_2375_TCP" ]; then export DOCKER_HOST='tcp://docker:2375' diff --git a/1.13/docker-entrypoint.sh b/1.13/docker-entrypoint.sh index fe790b143..aaac31921 100755 --- a/1.13/docker-entrypoint.sh +++ b/1.13/docker-entrypoint.sh @@ -12,6 +12,9 @@ if docker help "$1" > /dev/null 2>&1; then set -- docker "$@" fi +# force cgo resolver +export GODEBUG=netdns=cgo + # if we have "--link some-docker:docker" and not DOCKER_HOST, let's set DOCKER_HOST automatically if [ -z "$DOCKER_HOST" -a "$DOCKER_PORT_2375_TCP" ]; then export DOCKER_HOST='tcp://docker:2375'