Docker-Compose Networking - DNS Returns Multiple, Inaccurate IP Addresses

Question

I set up a project with Docker-Compose's experimental --x-networking feature, and I'm running across an odd issue with DNS lookups on the private network that compose creates.

When I do a ping, or ip command, or look at /etc/hosts, I see everything as I expect. But tools that do DNS lookups (e.g. Varnish on startup, or dig) are returning odd results.

Rather than returning the value from /etc/hosts, they are returning a PAIR of IP addresses, neither of which is the actual one.

I am running docker-compose version 1.5.2, build 7240ff3 on Mac OS X.

Here's my docker-compose.yml:

redis:
  image: redis
  container_name: my_redis
db:
  image: postgres
  container_name: my_postgres
nginx:
  image: nginx
  container_name: my_nginx
  volumes:
    - .:/code
    - ./devscripts/docker-compose/nginx.conf:/etc/nginx/nginx.conf:ro
  ports:
    - 8080
uwsgi:
  build: .
  container_name: my_uwsgi
  environment:
    DJANGO_SETTINGS_MODULE: 'my.settings_docker_compose'
  command: uwsgi --yaml=devscripts/docker-compose/uwsgi-compose.yml
  volumes:
    - .:/code
  ports:
    - 7000
varnish:
  image: million12/varnish
  container_name: my_varnish
  environment:
    VARNISHD_PARAMS: -a :8000
  ports:
    - 8000:8000
  volumes:
    - ./devscripts/docker-compose/varnish.vcl:/etc/varnish/default.vcl:ro

From the my_varnish container, /etc/hosts:

[root@61bcb46ba4a2 /]# cat /etc/hosts
172.18.0.3  61bcb46ba4a2
127.0.0.1   localhost
::1 localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
172.18.0.4  my_redis
172.18.0.6  my_nginx
172.18.0.2  my_postgres
172.18.0.2  my_postgres.my
172.18.0.4  my_redis.my
172.18.0.5  my_uwsgi
172.18.0.5  my_uwsgi.my
172.18.0.6  my_nginx.my

And here is the Dig Output (CentOS 7 Image):

[root@61bcb46ba4a2 /]# dig my_nginx

; <<>> DiG 9.9.4-RedHat-9.9.4-29.el7_2.1 <<>> my-nginx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47196
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;my_nginx.      IN  A

;; ANSWER SECTION:
my_nginx.   10  IN  A   198.105.244.23
my_nginx.   10  IN  A   198.105.254.23

;; Query time: 56 msec
;; SERVER: 205.171.2.25#53(205.171.2.25)
;; WHEN: Thu Dec 31 01:11:33 UTC 2015
;; MSG SIZE  rcvd: 66

Those two IP addresses don't have anything to do with anything as far as I can tell, they don't actually work. Also, every host I dig gets the same two A records back for it.

And the trick is that Varnish won't start up because it does a one-time DNS lookup and finds two (bogus) addresses for the backends.

Any guess on what might be going on here?

Cheers!

Answer 1

I was able to get this to work by explictly setting the DNS to use 127.0.0.1 first. I also then had to use the trick of 'volumes_from' to ensure that varnish started AFTER it's backends. Ideally, in a future version of compose, there will be something like "depends_on", since "link" is deprecated.

varnish:
  image: million12/varnish
  container_name: my_varnish
  environment:
    VARNISHD_PARAMS: -a :8000
  dns:
    - 127.0.0.1
    - 8.8.8.8
  ports:
    - 8000:8000
  volumes:
    - ./devscripts/docker-compose/varnish.vcl:/etc/varnish/default.vcl:ro
  volumes_from:
    - uwsgi
    - nginx