How to configure custom DNS for Insights Looker

News Knowledge Base
, , ,
1

How to configure custom DNS for Insights Looker

Issue Description

This article explains how to configure a custom DNS server for the Docker container that Looker executes out of. This solution only applies to some specific scenarios where the container won't inherit the host machine's DNS configuration.

Background

By default, a Docker container will inherit the DNS settings of the host machine. For more details see: Docker DNS. The container will typically have the same /etc/resolv.conf settings as the host machine.

In the case that, for some reason the host machine resolv.conf settings cannot be used, docker will default the settings to a well-known DNS provider like 8.8.8.8 (Google).

For now, the only reported case where this happens is if dnsmasq is being locally on the machine by pointing the nameserver in /etc/resolv.conf to 127.0.0.1.


Customizing the DNS

The default behavior of Docker can be overridden by customizing the file /etc/docker/daemon.json. It can be pointed to a specific server.
  1. Decide what DNS servers should be used.
If using dnsmasq locally with the nameserver in /etc/resolv.conf mapped to 127.0.0.1, dnsmasq as our resolver can still be used. To do this there are two options:
  1. The private IP of the host machine for our DNS server can be used.
  2. The Docker bridge IP address can be used. Generally, this is static. It should be 172.17.0.1 in this example. However, it can be verified by running: ip link addr show docker0
Example output:
[root@looker ~]# ip address show docker0
3: docker0:  mtu 1500 qdisc noqueue state UP group default
    link/ether 02:42:72:1b:ad:11 brd ff:ff:ff:ff:ff:ff
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
    inet6 fe80::42:72ff:fe1b:ad11/64 scope link
       valid_lft forever preferred_lft forever
In the above, the IP address would be 172.17.0.1
Note: The usage of the Docker bridge IP is recommended. (Docker bridge will be whitelisted in the firewall and any network issues are unlikely).
  1. Once the DNS is chosen, make sure to validate it. This can be done with an nslookup against the SQL server (\The SQL server is a good test because SQL connectivity is what fails when DNS is broken): nslookup
Example:
[root@looker ~]# nslookup sqlinsights.uipath.devtest 172.17.0.1
Server:172.17.0.1
Address:172.17.0.1#53

Name:sqlinsights.uipath.devtest
Address: 10.0.0.7
  1. If the nslookup check succeeds, the given IP address can be used.
  1. Update /etc/docker/daemon.json to have the correct DNS settings.
    1. The Current installer does not configure any settings, so most likely the file will not exist. This can be verified by running:
sudo ls -lrt /etc/docker
  1. We need to create the DNS entries in this file.
  • If the files does not exist set up the DNS configuration by running the below command. Make sure to replace the IP with the DNS server to be used. (A comma-separated list can be used. i.e. dns": ["172.17.0.1", "8.8.8.8"] )
echo '{
  "dns": ["172.17.0.1"]
}' | sudo tee /etc/docker/daemon.json
  • If the file exists, use vi or your preferred editor to make the appropriate changes. Final changes should look like the below example (pre-existing files may have other settings. Check docker documentation if unsure of the formatting to use).
{
  "dns": ["172.17.0.1"]
}
  1. After the file is updated, restart docker.
systemctl restart looker-container
  1. Finally, validate the change by testing the DNS. Run the following command: docker exec -it looker-container getent ahosts
Example:
[root@looker ~]# sudo docker exec -it looker-container getent ahosts sqlinsights.uipath.devtest
10.0.0.7        STREAM sqlinsights.uipath.devtest
10.0.0.7        DGRAM
10.0.0.7        RAW
If the test returns the SQL server, everything should work.