unbound-docker icon indicating copy to clipboard operation
unbound-docker copied to clipboard

Published 20 hours ago verified publisher icon MatthewVance

Healthcheck name resolver

Open brccabral opened this issue 11 months ago • 1 comments

My image is image: mvance/unbound:latest. Current healthcheck command is drill @127.0.0.1 cloudfare.com

I setup unbound in a subnet 172.19.0.x. This drill command fails when using 127.0.0.1, causing the healthcheck to only show unhealthy.
I think it is because it is expecting unbound to be run in the host network.
But in the /etc/resolv.conf the nameserver is 127.0.0.11, so, I tried drill @127.0.0.11 cloudfare.com and it works.

As far as I understand 127.0.0.11 is the default Docker nameserver (DNS).
https://medium.com/@prajwal.chin/understanding-docker-dns-2ed4b070a0

Therefore, should the default healthcheck be changed to use 127.0.0.11 instead?

Thanks, Bruno

brccabral avatar Mar 25 '24 07:03 brccabral

Same issue here

Fixed here by adding the following to compose file:

healthcheck:
      test: ["CMD", "drill", "@127.0.0.11", "cloudflare.com"]
      interval: 60s
      timeout: 10s

ar0311 avatar May 22 '24 12:05 ar0311