Most often, we come across Docker 504 DNS lookup failed due to an invalid DNS server.
As part of our Docker Hosting Services, we assist our customers with several Docker queries.
Today, let us see the methods we employ to resolve this issue.
Docker 504 DNS lookup failed
As soon as we face this issue, we need to run cat /etc/resolv.conf in the docker container.
If it has an invalid DNS server, the container will fail to resolve the domain names into IP addresses. Hence, ping google.com fails.
Next, we need to check the cat /etc/resolv.conf on the host machine.
Every time a container starts Docker copies the host’s /etc/resolv.conf to the container. So if the host’s /etc/resolv.conf is wrong, then so will the docker container.
Suppose we find that the host’s /etc/resolv.conf is wrong, then we have 2 options.
Moving ahead, let us see how our Support Techs go about them.
1. Hardcode DNS server in docker daemon.json
Initially, we edit /etc/docker/daemon.json
{ "dns": ["10.1.2.3", "8.8.8.8"] }
Then for the changes to take effect, we restart the docker daemon:
sudo systemctl restart docker
Eventually, when we run/start a container, docker will populate /etc/resolv.conf with the values from daemon.json.
2. Fix the host’s /etc/resolv.conf
Here, our Support Techs recommend two options. Let us discuss the same.
A. Ubuntu 16.04 and earlier
In this case, /etc/resolv.conf isas dynamically generated by NetworkManager.
We need to comment out the line dns=dnsmasq (with a #) in /etc/NetworkManager/NetworkManager.conf
Then we restart the NetworkManager to regenerate /etc/resolv.conf :
sudo systemctl restart network-manager
Finally, we verify on the host: cat /etc/resolv.conf
B. Ubuntu 18.04 and later
Ubuntu 18.04 uses systemd-resolved to generate /etc/resolv.conf. Now by default, it uses a local DNS cache 127.0.0.53.
That will not work inside a container. In such a scenario, Docker defaults to Google’s 8.8.8.8 DNS server, which may break for people behind a firewall.
/etc/resolv.conf is actually a symlink (ls -l /etc/resolv.conf) which points to /run/systemd/resolve/stub-resolv.conf (127.0.0.53) by default.
We need to just change the symlink to point to /run/systemd/resolve/resolv.conf, which lists the real DNS servers:
sudo ln -sf /run/systemd/resolve/resolv.conf /etc/resolv.conf
Then we verify on the host: cat /etc/resolv.conf
Now we will have a valid /etc/resolv.conf on the host for docker to copy into the containers.
[Need further assistance? We are glad to assist you]
Conclusion
In short, we saw how our Support Techs fix this issue for our customers.
PREVENT YOUR SERVER FROM CRASHING!
Never again lose customers to poor server speed! Let us help you.
Our server experts will monitor & maintain your server 24/7 so that it remains lightning fast and secure.
0 Comments