4

I am setting up a new development environment in AWS Workspaces and I noticed that when I go to run docker build, I get the following errors:

 ---> Running in d18733d53c16
W: Failed to fetch http://deb.debian.org/debian/dists/buster/InRelease  Temporary failure resolving 'deb.debian.org'
W: Failed to fetch http://security.debian.org/debian-security/dists/buster/updates/InRelease  Temporary failure resolving 'security.debian.org'
W: Failed to fetch http://deb.debian.org/debian/dists/buster-updates/InRelease  Temporary failure resolving 'deb.debian.org'
W: Some index files failed to download. They have been ignored, or old ones used instead.

Someone over in Reddit mentioned that this is a known issue, but AWS Documentation doesn't seem to mention this issue and I can't find much more on this online.

It's just a standard Docker file that's been in use for about a year now with no issues. Just seems to be happening in AWS Workspaces for Linux.

halfer
  • 19,824
  • 17
  • 99
  • 186
LewlSauce
  • 5,326
  • 8
  • 44
  • 91
  • If it didn't have internet, you couldn't start it in the first place. It's a DNS problem. Can you check your `/etc/resolv.conf`? I don't know whats AWS best practice there. I expect they have a dashboard for DNS and connectivity. – Daniel W. Apr 12 '21 at 14:53
  • Quick question -- I'm able to resolve it locally on the host, so any reason in particular that the docker build process wouldn't be able to? – LewlSauce Apr 12 '21 at 14:54

2 Answers2

6

It seems that docker images using the bridged networking cannot access the DNS of the host. I suspect that AWS workspaces DNS are doing some filtering.

docker run --rm busybox nslookup google.com
;; connection timed out; no servers could be reached

Using host networking it works.

docker run --rm --network=host busybox nslookup google.com
Server:     10.2.8.238
Address:    10.2.8.238:53

Non-authoritative answer:
Name:   google.com
Address: 2a00:1450:4001:828::200

If you need to use bridged networking, then I suggest to force docker to use Google's DNS as a workaround

cat /etc/docker/daemon.json 
{
    "dns":["1.1.1.1","8.8.8.8"]
}
Guillaume Gros
  • 341
  • 3
  • 7
  • Thanks for the answer - that is indeed the solution that worked for me. But - it has to be noted - after changing the `daemon.json` file, you **must** restart the docker daemon. It too me an embarrassingly long time to figure that out. – Guss Aug 03 '23 at 09:47
1

I was finally able to get this resolved by adding DNS entries into my Dockerfile in the top before doing anything else.

For example:

RUN curl -sL https://deb.nodesource.com/setup_12.x | bash - && \
    apt-get update -qq && \
    apt-get upgrade -y && \

turned into:


RUN echo "nameserver 1.1.1.1" > /etc/resolv.conf && \
    echo "nameserver 8.8.8.8" >> /etc/resolv.conf && \
    curl -sL https://deb.nodesource.com/setup_12.x | bash - && \
    apt-get update -qq && \
    apt-get upgrade -y && \

and now all is well.

LewlSauce
  • 5,326
  • 8
  • 44
  • 91