panel
panel copied to clipboard
pterodactyl
Ridiculous defaults for Docker network in Wings
The wings configuration defaults to using 1.1.1.1 and 1.0.0.1 instead of the system's DNS. This makes no sense.
cloudflare dns are way better than local, as they will cache data and also have a very fast response time
Could you explain why you don't believe it makes no sense? Personally, I don't see why it wouldn't make sense.
The DNS options should be left up to the user - if they want to use CloudFlare, or something else. Usually, that's configured through the system's configuration files, and having it separate is a headache.
The issue title was definitely exaggerating (I had just spent like 3 hours finding this out).
Further explanation of my problem:
I use an internal DNS to resolve the domain names of my Wings nodes. My containers were correctly set up to use the DNS server, but Wings completely missed it and went straight to CloudFlare because of this.
The issue being that most people who rent a VPS or a server don't have complete control of their own DNS servers let alone want to set up their own.
I'm not exactly sure why our networks use custom DNS settings but I'm sure there is a reason. This seems more like a documentation issue or something to call out for people having issues rather than anything else. I can easily understand your frustration with us not using the host's DNS settings by default, but in most cases this simplifies things for many users and likely works around issues where the host is using systemd-resolved which would likely break DNS in containers unless Docker (or our DNS detection logic) handles it correctly.
For anybody posting on this issue about Cloudflare specifically, if you would actually read the issue, this is not about using Cloudflare vs Google vs whatever. It's about us not defaulting or inheriting what the host specifies.
My best guess is that getting the DNS hosts from all the different distros and their varied networking providers is extremely difficult.
I'm pretty sure Docker handles it for you.
But yeah, maybe a little note in the documentation or an option in the panel would be the best solution.
Hi, just throwing in my two cents. I find it inconvenient that this program decides to set its own DNS by default. I already have my own DNS configuration set up for the machine and docker.
https://docs.docker.com/network/#dns-services
It is anticipated that containers use the docker engine or host configuration for DNS. Not all networks are permissive of external DNS servers and have internal infrastructure.
I would assert that if DNS wasn't functional for Docker engine and the host, the container image couldn't be pulled from the registry. I think the problem specifying DNS servers attempts to solve is only theoretical in nature. If name resolution is broke, Wings wouldn't be the only thing broken.
If I didn't have Splunk showing me the firewall was dropping DNS traffic to 1.1.1.1 and 1.0.0.1, it would have taken much longer to figure out what was causing the name resolution failures.
I think the title of the issue is inflammatory, or at least contains an opinion. A more neutral title would be "Wings container ignores host and engine DNS configuration."
Yeah, I have to admit it's a bit inflammatory.
This is what I've been trying to get at. Docker containers shouldn't be using their own DNS.
Wanted to add my own experience of this. I block the use of external DNS servers and run my own DNS locally so I am able to do firewalling and domain blocking, so this caused a problem for me. It took me almost an hour to work out why MC servers couldn't reach domains and I couldn't connect to the servers, I saw the firewall events that 1.1.1.1 and 1.0.0.1 were being blocked and ended up having to hunt around the host figuring out why the systems DHCP DNS wasn't being used, as a quick solution I used "grep" and searched for 1.1.1.1 inside the /etc/ directory, found the pterodactyl config to be forcing Docker to use 1.1.1.1 as DNS, changed it to my local routers DNS and everything works normally now.
