Device unable to resolve internet address names

dind

#1

I’m playing with Docker in Docker and using a Pi 3 as the test device.
The Dockerfile.template is pretty simple

FROM resin/%%RESIN_MACHINE_NAME%%-debian:jessie

# Let's start with some basic stuff.
RUN apt-get update && apt-get install -yq --no-install-recommends \    
   apt-transport-https \
   ca-certificates \
   curl \
   lxc \
   iptables \
   && apt-get clean && rm -rf /var/lib/apt/lists/

# Install Docker from hypriot repos
RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 37BBEE3F7AD95B3F && \
   echo "deb https://packagecloud.io/Hypriot/Schatzkiste/debian/ wheezy main" > 
/etc/apt/sources.list.d/hypriot.list && \
  apt-get update && apt-get install -yq --no-install-recommends \
   docker-hypriot docker-compose \
   && rm -rf /var/lib/apt/lists/

COPY ./wrapdocker /usr/local/bin/wrapdocker

COPY ./apps /apps
WORKDIR /apps

# Define additional metadata for our image.
VOLUME /var/lib/docker
ADD start.sh /start.sh
CMD ["bash", "start.sh"]

The image compiles OK, it downloads to the device, the device comes online, I see the logs scrolling and I can get in remotely using the terminal. However, when start.sh runs it does a

docker compose up

and at this point, I get errors saying that the docker index cannot be reached and everything stops.
Just as importantly, the device stops updating its image: i.e. if I update the dockerfile and push a new version, it gets rebuilt on resin.io but does not get downloaded to the device. The only solution is to delete the device and start afresh.

By installing some test tools I have established that the problem seems to be with name resolution. I can ping IP addresses but not dns names.

I’ve tried force pushing a different image and this works fine, so it’s not the network or the device hardware.

Any ideas of where to start looking?


#3

@Guff666, what do you have in your compose file? If possible, can you please reproduce the issue so we can ssh into your device and grab some logs?

Also, I’ve asked our team if anyone had the same issue before and we will come back as soon as possible.


#4

There’s very little in the compose file, other than comments. here’s the bit that isn’t commented out:

mysql:
  image: "hypriot/rpi-mysql"
  environment:

# set mysql credentials
  - MYSQL_ROOT_PASSWORD=secure
  - MYSQL_USER=flight
  - MYSQL_PASSWORD=flight
  - MYSQL_DATABASE=flight
volumes:
# bind the folder /opt/flight/mysql on the raspberry as datastorage
  - /opt/flight/mysql:/var/lib/mysql

I’ll PM you the UUID of the device and app


#5

OK, I can’t see how you send a private message on this forum. Here’s the UID

b907123159a9e007a2c2271582dcf391


#6

Thanks for the UUID. The only thing of note I can see in the compose file is that of binding /opt/flight/mysql to the MySQL database. This isn’t a persistent storage area, so will vanish the next time a reboot/app restart occurs (and this might be causing your error, though without the actual error message I can only speculate).

This shouldn’t be preventing a new app build from being downloaded to your device, however. I shall try and replicate this issue and get back to you.


#7

Hi,

I’ve not been able to replicate this. If you could supply an archive with a cut-down example where this occurs, or a Github repo of the same, this would help us try and replicate the issue.


#8

Sure. here you go.

https://github.com/garethhowell/resin-multi01


#9

I should have added, the app is gareth/carcam01


#10

Hi,
Thanks for the repo link! I can confirm that we see the same issue. We’ll look into it and try to determine the issue.


#11

Cheers.


#12

Hi again,

The cause appears to be that the dind instance of docker is removing the rules we use to allow containers to successfully use DNS.

We’ve raised an issue internally and will be looking into this in more detail. Apologies for the inconvenience this causes.


#13

No worries. Always happy to dig out these sort of issues when the quality of support is so high.


#14

Just curious to know if there has been a resolution of this?


#15

Hi,
We are working on it.
We will get back to you as soon as this gets released.


#16

Hi @Guff666,

Just in case you missed it, we’d like to let you know that resin.io now natively supports multicontainer applications. The docker-in-docker workaroud is no longer needed, and the DNS issues mentioned in this thread should by now be resolved.

Feel free to check our release blog post for more information https://resin.io/blog/multicontainer-on-resin-io-is-here/

Thanks!