[GH-ISSUE #80] Compose not supported with latest docker #36

New issue

Closed

opened 2026-02-26 04:33:50 +03:00 by kerem · 6 comments

kerem commented 2026-02-26 04:33:50 +03:00

Owner

Copy link

Originally created by @gliviu on GitHub (Jul 8, 2018).
Original GitHub issue: https://github.com/mageddo/dns-proxy-server/issues/80

According to this answer and #70, DPS seem to have worked for containers started from docker compose.
Tried with docker version 18.03 and id din't work.

I used the compose file from SO answer.

version: '3'
services:
  redis:
    image: redis:2.8
    hostname: redis.dev.intranet
  elasticsearch:
    image: elasticsearch:2.2
    hostname: elasticsearch.dev.intranet

Started DPS with docker run --rm --hostname dns.mageddo --na....

Then

> docker stack deploy -c compose.yaml dps_stack
Creating network dps_stack_default
Creating service dps_stack_elasticsearch
Creating service dps_stack_redis

> nslookup redis.dev.intranet
Server:         172.17.0.2
Address:        172.17.0.2#53

Non-authoritative answer:
Name:   redis.dev.intranet
Address: 10.0.0.4

> ping redis.dev.intranet
PING redis.dev.intranet (10.0.0.4) 56(84) bytes of data.
2 packets transmitted, 0 received, 100% packet loss, time 1007ms

Tried with docker run instead of compose and DPS correctly uses '172.17..' network.

Specs:

• OS: inux liviu 4.13.0-45-generic #50~16.04.1-Ubuntu SMP
• Docker Version: 18.03.1-ce, build 9ee9f40
• DPS Version: 2.5.4
• Logs: dps_stack.log

Originally created by @gliviu on GitHub (Jul 8, 2018). Original GitHub issue: https://github.com/mageddo/dns-proxy-server/issues/80 According to [this answer](https://stackoverflow.com/a/45071126) and #70, DPS seem to have worked for containers started from docker compose. Tried with docker version 18.03 and id din't work. I used the compose file from SO answer. ``` version: '3' services: redis: image: redis:2.8 hostname: redis.dev.intranet elasticsearch: image: elasticsearch:2.2 hostname: elasticsearch.dev.intranet ``` Started DPS with `docker run --rm --hostname dns.mageddo --na...`. Then ```bash > docker stack deploy -c compose.yaml dps_stack Creating network dps_stack_default Creating service dps_stack_elasticsearch Creating service dps_stack_redis > nslookup redis.dev.intranet Server: 172.17.0.2 Address: 172.17.0.2#53 Non-authoritative answer: Name: redis.dev.intranet Address: 10.0.0.4 > ping redis.dev.intranet PING redis.dev.intranet (10.0.0.4) 56(84) bytes of data. 2 packets transmitted, 0 received, 100% packet loss, time 1007ms ``` Tried with `docker run` instead of compose and DPS correctly uses '172.17..' network. **Specs:** - OS: `inux liviu 4.13.0-45-generic #50~16.04.1-Ubuntu SMP` - Docker Version: `18.03.1-ce, build 9ee9f40` - DPS Version: `2.5.4` - Logs: [dps_stack.log](https://github.com/mageddo/dns-proxy-server/files/2173747/dps_stack.log)

kerem 2026-02-26 04:33:50 +03:00

• closed this issue
• added the
  discussion
  label

kerem commented 2026-02-26 04:33:51 +03:00

Author

Owner

Copy link

@mageddo commented on GitHub (Jul 8, 2018):

Thank you for your great question.

The main point here is that the containers (redis, elasticsearch) are running at different networks than dns-proxy-server so dns-proxy-server have not firewall permissions to talk with them, this is a docker premise

To make it work you'll have to put then on same network, as I see you are using docker stack deploy, if you use docker-compose up you can put them on same network by adding network_mode option

version: '3'
services:
  server-01:
    image: alpine:3.7
    hostname: server-01.intranet
    command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null'
   network_mode: bridge
  server-02:
    image: alpine:3.7
    hostname: server-02.intranet
    command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null'
    network_mode: bridge

To make it work with docker stack deploy you'll have to use networks option (it works for docker-compose as well)

Creating a common network

docker network create --attachable --driver overlay github

Running DPS at just created network

docker run --rm --hostname dns.mageddo --name dns-proxy-server \
  --network github \
  -v /var/run/docker.sock:/var/run/docker.sock \
  -v /etc/resolv.conf:/etc/resolv.conf \
  defreitas/dns-proxy-server

version: '3'
services:
  server-01:
    image: alpine:3.7
    hostname: server-01.intranet
    command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null'
    networks:
      - github
  server-02:
    image: alpine:3.7
    hostname: server-02.intranet
    command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null'
    networks:
      - github

networks:
  github:
    external: true

Then it should work, note that create a external network is necessary since all containers must ran at same network and DPS was started without docker stack deploy

If you don't want to manually create an external network then you will have to start DPS at the same stack file that way docker will create a network for that deploy and assign all those containers at same network

version: '3'
services:
  dps:
    image: defreitas/dns-proxy-server
    hostname: dns.mageddo
    volumes:
      - /etc/resolv.conf:/etc/resolv.conf
      - /var/run/docker.sock:/var/run/docker.sock
  server-01:
    image: alpine:3.7
    hostname: server-01.intranet
    command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null'
    volumes:
      - /etc/resolv.conf:/etc/resolv.conf
  server-02:
    image: alpine:3.7
    hostname: server-02.intranet
    command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null'
    volumes:
      - /etc/resolv.conf:/etc/resolv.conf

The drawback is that you will have to volume resolv.conf to have sure others containers will bind it correctly

Observation
Not related to your question but as you are using docker stack deploy then you are using docker swarm, you must be aware DPS will solve just containers started at the current machine, it will not solve containers from others cluster nodes.

PS: I used alpine container because is more lite to pull and start.

UPDATE Must run DPS specifying network at example 2

<!-- gh-comment-id:403292445 --> @mageddo commented on GitHub (Jul 8, 2018): Thank you for your great question. The main point here is that the containers (redis, elasticsearch) are running at different networks than dns-proxy-server so dns-proxy-server have not firewall permissions to talk with them, this is a docker premise To make it work you'll have to put then on same network, as I see you are using `docker stack deploy`, if you use `docker-compose up` you can put them on same network by adding `network_mode` option ```yaml version: '3' services: server-01: image: alpine:3.7 hostname: server-01.intranet command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null' network_mode: bridge server-02: image: alpine:3.7 hostname: server-02.intranet command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null' network_mode: bridge ``` To make it work with `docker stack deploy` you'll have to use `networks` option (it works for docker-compose as well) Creating a common network ``` docker network create --attachable --driver overlay github ``` Running DPS at just created network ``` docker run --rm --hostname dns.mageddo --name dns-proxy-server \ --network github \ -v /var/run/docker.sock:/var/run/docker.sock \ -v /etc/resolv.conf:/etc/resolv.conf \ defreitas/dns-proxy-server ``` ```yaml version: '3' services: server-01: image: alpine:3.7 hostname: server-01.intranet command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null' networks: - github server-02: image: alpine:3.7 hostname: server-02.intranet command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null' networks: - github networks: github: external: true ``` Then it should work, note that create a external network is necessary since all containers must ran at same network and DPS was started without docker stack deploy If you don't want to manually create an external network then you will have to start DPS at the same stack file that way docker will create a network for that deploy and assign all those containers at same network ```yaml version: '3' services: dps: image: defreitas/dns-proxy-server hostname: dns.mageddo volumes: - /etc/resolv.conf:/etc/resolv.conf - /var/run/docker.sock:/var/run/docker.sock server-01: image: alpine:3.7 hostname: server-01.intranet command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null' volumes: - /etc/resolv.conf:/etc/resolv.conf server-02: image: alpine:3.7 hostname: server-02.intranet command: sh -c 'apk add --update curl iputils bind-tools && tail -f /dev/null' volumes: - /etc/resolv.conf:/etc/resolv.conf ``` The drawback is that you will have to volume resolv.conf to have sure others containers will bind it correctly **Observation** Not related to your question but as you are using `docker stack deploy` then you are using `docker swarm`, you must be aware `DPS` will solve just containers started at the current machine, it will not solve containers from others cluster nodes. **PS:** I used alpine container because is more lite to pull and start. **UPDATE** Must run DPS specifying network at example 2

kerem commented 2026-02-26 04:33:51 +03:00

Author

Owner

Copy link

@gliviu commented on GitHub (Jul 9, 2018):

Thanks for the quick answer. I'll check and get back with results.

<!-- gh-comment-id:403457279 --> @gliviu commented on GitHub (Jul 9, 2018): Thanks for the quick answer. I'll check and get back with results.

kerem commented 2026-02-26 04:33:51 +03:00

Author

Owner

Copy link

@gliviu commented on GitHub (Jul 11, 2018):

Using docker-compose works as expected which should be enough for developer machines.
Didn't manage to make it work using stack deploy.
My docker network inspect github:

        "Containers": {
            "9db3d4c7876c6dbe720f29ee37530b1f549edb0db0e13f25939ba0b2adc10a6d": {
                "Name": "ds_server-01.1.sj1k887ignu1i7qfujmhw7osg",
                "EndpointID": "e21e64602839e0652ea6b856feb1b25539e56de9e963444790851083b2711877",
                "MacAddress": "02:42:0a:00:00:05",
                "IPv4Address": "10.0.0.5/24",
                "IPv6Address": ""
            },
            "a7c86a08351c50d09cfc4662db5b2b6c5941dfa898a3cfb7825b25fe62c1a669": {
                "Name": "dns-proxy-server",
                "EndpointID": "6969623d441e8781e7a1e918176cb2c4000360ab95482f662e2cc8775db0843c",
                "MacAddress": "02:42:0a:00:00:03",
                "IPv4Address": "10.0.0.3/24",
                "IPv6Address": ""
            },
            "e20d75174f3293c10bb86e81c9b0a7c4133427ab2373855315a836c14b2a85f3": {
                "Name": "ds_server-02.1.r2g3jbkvd1lo5ak086vltx7dn",
                "EndpointID": "d4517ef443a913d8e26e9443783e0ae300af531956b3244d3dc555d72bec98b9",
                "MacAddress": "02:42:0a:00:00:07",
                "IPv4Address": "10.0.0.7/24",
                "IPv6Address": ""
            }
        }

And /etc/resolv.conf

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
# nameserver 127.0.1.1 # dps-comment
nameserver 10.0.0.3 # dps-entry

And I can't even ping 10.0.0.3 from my host machine.

However since docker-compose solution works fine I suppose we can safely close this issue.

<!-- gh-comment-id:404057446 --> @gliviu commented on GitHub (Jul 11, 2018): Using `docker-compose` works as expected which should be enough for developer machines. Didn't manage to make it work using stack deploy. My `docker network inspect github`: ``` "Containers": { "9db3d4c7876c6dbe720f29ee37530b1f549edb0db0e13f25939ba0b2adc10a6d": { "Name": "ds_server-01.1.sj1k887ignu1i7qfujmhw7osg", "EndpointID": "e21e64602839e0652ea6b856feb1b25539e56de9e963444790851083b2711877", "MacAddress": "02:42:0a:00:00:05", "IPv4Address": "10.0.0.5/24", "IPv6Address": "" }, "a7c86a08351c50d09cfc4662db5b2b6c5941dfa898a3cfb7825b25fe62c1a669": { "Name": "dns-proxy-server", "EndpointID": "6969623d441e8781e7a1e918176cb2c4000360ab95482f662e2cc8775db0843c", "MacAddress": "02:42:0a:00:00:03", "IPv4Address": "10.0.0.3/24", "IPv6Address": "" }, "e20d75174f3293c10bb86e81c9b0a7c4133427ab2373855315a836c14b2a85f3": { "Name": "ds_server-02.1.r2g3jbkvd1lo5ak086vltx7dn", "EndpointID": "d4517ef443a913d8e26e9443783e0ae300af531956b3244d3dc555d72bec98b9", "MacAddress": "02:42:0a:00:00:07", "IPv4Address": "10.0.0.7/24", "IPv6Address": "" } } ``` And `/etc/resolv.conf` ``` # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN # nameserver 127.0.1.1 # dps-comment nameserver 10.0.0.3 # dps-entry ``` And I can't even ping 10.0.0.3 from my host machine. However since `docker-compose` solution works fine I suppose we can safely close this issue.

kerem commented 2026-02-26 04:33:51 +03:00

Author

Owner

Copy link

@mageddo commented on GitHub (Jul 11, 2018):

Did you try all of the examples I've presented and none of them worked with docker stack?

<!-- gh-comment-id:404108298 --> @mageddo commented on GitHub (Jul 11, 2018): Did you try all of the examples I've presented and none of them worked with docker stack?

kerem commented 2026-02-26 04:33:51 +03:00

Author

Owner

Copy link

@gliviu commented on GitHub (Jul 11, 2018):

Yes, I've tested both the above examples with docker stack. Although the first example uses network_mode: bridge which is ignored for swarm deploys according to spec.

<!-- gh-comment-id:404156378 --> @gliviu commented on GitHub (Jul 11, 2018): Yes, I've tested both the above examples with docker stack. Although the first example uses `network_mode: bridge` which is ignored for swarm deploys according to [spec](https://docs.docker.com/compose/compose-file/#network_mode).

kerem commented 2026-02-26 04:33:51 +03:00

Author

Owner

Copy link

@mageddo commented on GitHub (Jul 11, 2018):

All right, the first one is expected to not work with docker stack, the others are. Thank you for your feedback. Then I'm closing this issue

<!-- gh-comment-id:404272200 --> @mageddo commented on GitHub (Jul 11, 2018): All right, the first one is expected to not work with `docker stack`, the others are. Thank you for your feedback. Then I'm closing this issue

kerem referenced this issue 2026-02-26 04:34:34 +03:00

[PR #36] [MERGED] removing travis branch #235

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

gh-pages

develop

feat/138_2

feat/629

feat/594

5.9.0

5.9.0-snapshot

5.8.4

5.8.4-snapshot

5.8.3-snapshot

5.8.2-snapshot

5.8.1-snapshot

5.8.0-snapshot

5.7.0-snapshot

5.6.2-snapshot

5.6.1-snapshot

5.6.0-snapshot

5.5.1-snapshot

5.5.0-snapshot

5.4.0-snapshot

5.3.0-snapshot

5.2.0-snapshot

5.1.3-snapshot

5.1.2-snapshot

5.1.0-snapshot

5.0.5-snapshot

5.0.3-snapshot

5.0.2-snapshot

5.0.1-snapshot

5.0.0-snapshot

4.3.0-snapshot

4.2.0-snapshot

4.0.0

4.0.0-snapshot

3.32.7

3.32.7-snapshot

3.32.6

3.32.6-snapshot

3.32.5-snapshot

3.32.4

3.32.4-snapshot

3.32.3

3.32.3-snapshot

3.32.2-snapshot

3.32.1-snapshot

3.32.0-snapshot

3.31.1-snapshot

3.31.0-snapshot

3.30.5-snapshot

3.30.4

3.30.4-snapshot

3.30.3-snapshot

3.30.2-snapshot

3.30.1

3.30.1-snapshot

3.30.0-snapshot

3.29.0-snapshot

3.27.0

3.27.0-snapshot

3.26.0-snapshot

3.25.14

3.25.14-snapshot

3.25.13-snapshot

3.25.12-snapshot

3.25.11

3.25.11-snapshot

3.25.10

3.25.10-snapshot

3.25.9-snapshot

3.25.8-snapshot

3.25.7-snapshot

3.25.6-snapshot

3.25.4-snapshot

3.25.3-snapshot

3.25.2-snapshot

3.25.1-snapshot

3.25.0-snapshot

3.24.2

3.24.2-snapshot

3.24.1

3.24.1-snapshot

3.24.0-snapshot

3.23.0-snapshot

3.22.2-snapshot

3.22.3-snapshot

3.22.1-snapshot

3.21.3-snapshot

3.22.0-snapshot

3.21.2-snapshot

3.21.1-snapshot

3.20.0-snapshot

3.21.0-snapshot

3.19.7-snapshot

3.19.6-snapshot

3.19.5-snapshot

3.19.4-snapshot

3.19.3-snapshot

3.19.2-snapshot

3.19.1

3.19.1-snapshot

3.19.0

3.18.5-snapshot

3.18.4-snapshot

3.18.3-snapshot

3.18.2

3.18.2-snapshot

3.18.1-snapshot

3.18.0-snapshot

3.17.3-snapshot

3.17.2-snapshot

3.17.1-snapshot

3.17.0-snapshot

3.16.3-snapshot

3.16.2-snapshot

3.16.1-snapshot

3.16.0-snapshot

3.15.13-snapshot

3.15.12-snapshot

3.15.11-snapshot

3.15.10-snapshot

3.15.9-snapshot

3.15.8-snapshot

3.15.7-snapshot

3.15.6-snapshot

3.15.5-snapshot

3.15.4-snapshot

3.15.3-snapshot

3.15.2-snapshot

3.15.1-snapshot

3.15.0-snapshot

3.14.5

3.14.4

3.14.3

3.14.3-snapshot

3.14.2-snapshot

3.14.1-snapshot

3.14.0-snapshot

3.13.1

3.13.1-snapshot

3.13.0-snapshot

3.12.1

3.12.0

3.11.0

3.10.2-snapshot

3.10.3-snapshot

3.10.4-snapshot

3.10.5-snapshot

3.10.1-snapshot

3.9.2

3.9.1

3.9.0

3.8.1-last-version-with-quarkus

3.8.1

3.8.0

3.7.0

3.6.0

3.5.3

3.5.2

3.5.0

3.4.0-beta

3.3.0-beta

3.2.5-beta

3.2.4-beta

3.2.3-beta

3.2.2-beta

3.2.1-beta

3.2.0-beta

3.1.7-beta

3.1.6-beta

3.1.5-beta

3.1.4-beta

3.1.3-beta

3.1.2-beta

b-jre-8

3.1.1-beta

3.1.0-beta

3.0.4-beta

3.0.3-beta

3.0.2-beta

3.0.1-beta

v2-golang

2.19.5

2.19.4

2.19.3

2.19.2

2.19.1

2.19.0

2.18.7

2.18.6

2.18.5

2.18.4

2.18.3

2.18.2

2.18.1

2.18.0

2.17.4

2.17.3

2.17.2

2.17.1

2.17.0

2.16.0

2.15.0

2.14.6

2.14.5

2.14.4

2.14.2

2.14.1

2.14.0

2.13.2

2.13.1

2.13.0

2.12.0

2.11.0

2.10.4

2.10.3

2.10.2

2.10.1

2.10.0

2.9.1

2.9.0

2.8.0

2.7.0

2.6.1

2.6.0

2.5.4

2.5.3

2.5.2

2.5.1

2.5.0

2.4.1

2.4.0

2.3.3

2.2.3

2.2.2

2.2.1

2.2.0

2.1.8

2.1.7

2.1.6

2.1.5

2.1.2

2.1.1

2.1.0

2.0.21

2.0.20

2.0.19

2.0.18

2.0.17

2.0.16

2.0.9

2.0.5

2.0.4

v1-nodejs

1.8.1

1.8.0

1.7.7

1.7.6

1.7.5

1.7.4

1.7.3

1.7.2

1.7.1

1.7.0

1.6.9

1.6.8

1.6.7

1.6.6

1.6.5

1.6.4

1.6.3

1.6.2

1.6.1

1.6.0

1.5.0

1.4.0

1.3.5

1.3.4

1.3.3

1.3.2

1.3.1

1.3.0

peteris-version

1.1.4-peteris-version

1.2.0

1.1.3

1.1.2

1.1.1

1.1.0

1.0.1

1.0.0

Labels

Clear labels   

bug

  

confirmed

  

discussion

  

duplicate

  

enhancement

  

feature

  

feature-request

  

not-planned

  

pull-request

Mirrored from GitHub Pull Request

  

secondary-feature

  

stale

  

triage

  

waiting-feedback

No labels

bug

confirmed

discussion

duplicate

enhancement

feature

feature-request

not-planned

pull-request

secondary-feature

stale

triage

waiting-feedback

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/dns-proxy-server-mageddo#36

No description provided.