Docker container cannot resolve hosts

Question

From my host I can ping google

$ cat /etc/resolv.conf 
nameserver 127.0.1.1
search my.company.server

$ ping google.com
PING google.com (172.217.16.174) 56(84) bytes of data.
64 bytes from fra15s11-in-f14.1e100.net (172.217.16.174): icmp_seq=1 ttl=54 time=11.0 ms
64 bytes from fra15s11-in-f14.1e100.net (172.217.16.174): icmp_seq=2 ttl=54 time=10.7 ms

From the container I can reach internet:

$ docker run ubuntu:14.04 cat /etc/resolv.conf
search my.company.server
nameserver 8.8.8.8
nameserver 8.8.4.4


$ docker run ubuntu:14.04 ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=45 time=16.4 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=45 time=16.3 ms

But can't ping a hostname:

$ docker run ubuntu:14.04 ping google.com
<no answer>

Some environment info:

$ docker --version
Docker version 1.10.1, build 9e83765

$ cat /proc/version
Linux version 4.2.0-27-generic (buildd@lgw01-12) (gcc version 5.2.1 20151010 (Ubuntu 5.2.1-22ubuntu2) ) #32-Ubuntu SMP Fri Jan 22 04:49:08 UTC 2016

$ cat /proc/sys/net/ipv4/ip_forward
1

$ ps -ef|grep [d]ocker
root   ....... /usr/bin/docker daemon -H fd://

Similar to this: Docker container can reach DNS but not resolve hosts

but a reboot doesn't help...

Answer 1

I also got the same issue when ran docker run without assign network, the reason is:

• When run docker run without --network it will use default bridge network, then with default bridge network in Docker documents

Containers on the default bridge network can only access each other by IP addresses, unless you use the --link option, which is considered legacy. On a user-defined bridge network, containers can resolve each other by name or alias.

So it not support resolve by hostname in default bridge network, then I added --link <hostname> to docker run it can resolve the host successfully. But --link is deprecated it will be remove in the future.

Other way to resolve the issue is running docker with --network as above answer mentioned.

Answer 2

Based on Mac, you should go to the whale in the Docker > Preferences > Docker Engine > Daemon

{
"debug": true,
"experimental": false,
"dns": ["8.8.8.8"]
}

Update and restart the engine. It should fix it.

Answer 3

We faced issue connecting to mongoDB. when we try to connect from host system it was working and from docker it was failing. We observed that docker did not start properly and restarted docker.

Use this command to restart: sudo systemctl restart docker

Answer 4

Your issue can be triggered by a bad docker status.
You can try

sudo ip link delete docker0
sudo systemctl restart docker

Answer 5

By default creating a new docker container also creates a virtual network that separates the docker network environment from the host network environment (somewhat). This allows one to easily spin up multiple containers which might all listen on the same port (e.g. 80), but in a way that can be mapped to unique ports on the host machine (e.g. service1:80 -> host:8080, service2:80 -> host:8081).

docker run YOUR_IMAGE --network="host" will bind the container network adapter to that of the host machine. This should allow you to access the host machine via listening port of the host machine. e.g. localhost:8080 However you need to remember that ports are a scarce resource and you cannot have conflicting port listeners in different containers when you do this.

You can also retrieve the host's ip address from within a docker container depending on your OS and docker version:

Mac/Windows: As of Docker v18.03+ you can use the host.docker.internal hostname to connect to your Docker host.

Linux: docker container run -e "DOCKER_HOST=$(ip -4 addr show docker0 | grep -Po 'inet \K[\d.]+')" will make the host IP available from within the docker container as an environment variable: DOCKER_HOST