快捷導(dǎo)航

dockerfile引用自建dns服務(wù)方式

更新時間：2025年10月10日 14:44:22 作者：happy_king_zi

這篇文章主要介紹了dockerfile引用自建dns服務(wù)方式,具有很好的參考價值,希望對大家有所幫助,如有錯誤或未考慮完全的地方,望不吝賜教

一、指定DNS服務(wù)器

1、docker 啟動容器dns會讀取宿主機的配置

]# cat /etc/resolv.conf
# Generated by NetworkManager
search test.com
nameserver 114.114.114.114
 
# docker images|grep centos
centos                                                   7                              eeb6ee3f44bd        2 weeks ago         204MB

基于centos7打了一個鏡像，dockerfile如下：

FROM centos:7
RUN echo -e "search test.com\nnameserver 8.8.8.8">/etc/resolv.conf && echo "`sed 'p' -n /etc/resolv.conf`"
RUN echo "`sed 'p' -n /etc/resolv.conf`"
RUN yum install -y wget && yum clean all

2、嘗試使用RUN 直接修改resolv.conf文件失敗

因為在容器啟動時的操作，會被docker run指定的參數(shù)覆蓋

這里指定了dns配置，然后再下面打印了一下，效果如下：

# docker build -t test:dns .
Sending build context to Docker daemon  2.048kB
Step 1/4 : FROM centos:7
---> eeb6ee3f44bd
Step 2/4 : RUN echo "search test.com\nnameserver 8.8.8.8">/etc/resolv.conf && echo "`sed 'p' -n /etc/resolv.conf`"
---> Running in f3ec71d93b5f
search test.com
nameserver 8.8.8.8
Removing intermediate container f3ec71d93b5f
---> c2a5a9f9985f
Step 3/4 : RUN echo "`sed 'p' -n /etc/resolv.conf`"
---> Running in 08d22ef982d6
# Generated by NetworkManager
search test.com
nameserver 114.114.114.114
Removing intermediate container 08d22ef982d6
---> 9c01241bad24
Step 4/4 : RUN yum install -y wget
---> Running in e831037cf89b
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
* base: mirrors.tuna.tsinghua.edu.cn
* extras: mirrors.bupt.edu.cn
* updates: mirrors.tuna.tsinghua.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package wget.x86_64 0:1.14-18.el7_6.1 will be installed
--> Finished Dependency Resolution
 
 
Dependencies Resolved
 
 
================================================================================
Package        Arch             Version                   Repository      Size
================================================================================
Installing:
wget           x86_64           1.14-18.el7_6.1           base           547 k
 
 
Transaction Summary
================================================================================
Install  1 Package
 
 
Total download size: 547 k
Installed size: 2.0 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/wget-1.14-18.el7_6.1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for wget-1.14-18.el7_6.1.x86_64.rpm is not installed
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid     : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package    : centos-release-7-9.2009.0.el7.centos.x86_64 (@CentOS)
From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : wget-1.14-18.el7_6.1.x86_64                                  1/1
install-info: No such file or directory for /usr/share/info/wget.info.gz
  Verifying  : wget-1.14-18.el7_6.1.x86_64                                  1/1
 
 
Installed:
  wget.x86_64 0:1.14-18.el7_6.1                                                 
 
 
Complete!
Removing intermediate container e831037cf89b
---> 747d8f4768dd
Successfully built 747d8f4768dd
Successfully tagged test:dns
 
 
# docker run --rm -it --name testdns test:dns /bin/sh -c "cat /etc/resolv.conf"
# Generated by NetworkManager
search test.com
nameserver 114.114.114.114

從這可以看到，在第二步設(shè)置dns，第三步打印出的結(jié)果還是讀取的宿主機的配置。

這里分析了一下原因：

由于以Dockerfile的形式構(gòu)建鏡像，其中每一個指令都是一層，它的過程是基于基礎(chǔ)鏡像運行一個容器，然后按指令執(zhí)行，第一個指令完畢后，commit為一個新的鏡像層，docker再運行一個基于新鏡像的容器，執(zhí)行下一步指令，直到結(jié)束。
這樣的好處是，假如共有四個指令，第三個失敗了，那么可以基于第二個指令生成的鏡像繼續(xù)操作，不需要再從頭操作一遍，節(jié)省資源。

那么，由此可見，我在第二步設(shè)置完，docker提交一個鏡像，docker接下來運行這個鏡像的時候，會讀取宿主機配置，所以我的設(shè)置也就不生效了。使用docker commit構(gòu)建鏡像也是一樣的效果。

如果想讓它生效，需要在啟動命令里指定。

3、使用ENTRYPOINT在容器啟動時的操作

而且不會被docker run指定的參數(shù)覆蓋。

]# cat Dockerfile
FROM centos:7
ENTRYPOINT echo -e "search test.com\nnameserver 8.8.8.8">/etc/resolv.conf && echo "`sed 'p' -n /etc/resolv.conf`" && tail -f /dev/null
RUN echo "`sed 'p' -n /etc/resolv.conf`"
RUN yum install -y wget && yum clean all
 
 
使用entrypoint指令，這個指令的作用是在容器啟動時的操作，而且不會被docker run指定的參數(shù)覆蓋。（當然也可以覆蓋，在啟動的時候docker run --entrypoint=
可以這樣指定臨時的啟動命令來覆蓋dockerfile里的entrypoint）
# docker build -t test:dns .
Sending build context to Docker daemon  2.048kB
Step 1/4 : FROM centos:7
---> eeb6ee3f44bd
Step 2/4 : ENTRYPOINT echo -e "search test.com\nnameserver 8.8.8.8">/etc/resolv.conf && echo "`sed 'p' -n /etc/resolv.conf`" && tail -f /dev/null
---> Running in 361ec0e4cf3b
Removing intermediate container 361ec0e4cf3b
---> e062358b2b4d
Step 3/4 : RUN echo "`sed 'p' -n /etc/resolv.conf`"
---> Running in 1272cc8f69cb
# Generated by NetworkManager
search test.com
nameserver 114.114.114.114
Removing intermediate container 1272cc8f69cb
---> 08b7026e183e
Step 4/4 : RUN yum install -y wget
---> Running in 5346d673e0b7
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors
* base: mirrors.tuna.tsinghua.edu.cn
* extras: mirrors.bfsu.edu.cn
* updates: mirrors.tuna.tsinghua.edu.cn
Resolving Dependencies
--> Running transaction check
---> Package wget.x86_64 0:1.14-18.el7_6.1 will be installed
--> Finished Dependency Resolution
 
 
Dependencies Resolved
 
 
================================================================================
Package        Arch             Version                   Repository      Size
================================================================================
Installing:
wget           x86_64           1.14-18.el7_6.1           base           547 k
 
 
Transaction Summary
================================================================================
Install  1 Package
 
 
Total download size: 547 k
Installed size: 2.0 M
Downloading packages:
warning: /var/cache/yum/x86_64/7/base/packages/wget-1.14-18.el7_6.1.x86_64.rpm: Header V3 RSA/SHA256 Signature, key ID f4a80eb5: NOKEY
Public key for wget-1.14-18.el7_6.1.x86_64.rpm is not installed
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Importing GPG key 0xF4A80EB5:
Userid     : "CentOS-7 Key (CentOS 7 Official Signing Key) <security@centos.org>"
Fingerprint: 6341 ab27 53d7 8a78 a7c2 7bb1 24c6 a8a7 f4a8 0eb5
Package    : centos-release-7-9.2009.0.el7.centos.x86_64 (@CentOS)
From       : /etc/pki/rpm-gpg/RPM-GPG-KEY-CentOS-7
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
  Installing : wget-1.14-18.el7_6.1.x86_64                                  1/1
install-info: No such file or directory for /usr/share/info/wget.info.gz
  Verifying  : wget-1.14-18.el7_6.1.x86_64                                  1/1
 
 
Installed:
  wget.x86_64 0:1.14-18.el7_6.1                                                 
 
 
Complete!
Removing intermediate container 5346d673e0b7
---> e8c04c88aed2
Successfully built e8c04c88aed2
Successfully tagged test:dns
 
 
 
# docker run --rm -it --name testdns test:dns /bin/sh -c "cat /etc/resolv.conf"
search test.com
nameserver 8.8.8.8

可以看到，使用entrypoint之后，這個指定的配置便生效了。