I am using GitLab CI/CD which generates container names in a very large format to ensure uniqueness across projects, pipelines, etc - e.g.:
Gitlab also provides aliases for these containers (e.g. build, mariadb, etc.)
I am trying to connect to a Java JMX/RMI interface which is hosted on another container in the same bridge network. Forward DNS lookups for the alias work correctly, but Java RMI security requires a reverse DNS lookup to authenticate the connection. In this case no response is received from Docker DNS:
nslookup build Server: 127.0.0.11 Address: 127.0.0.11#53 Non-authoritative answer: Name: build Address: 172.18.0.2
nslookup 172.18.0.2 ;; connection timed out; no servers could be reached
Looking into the docker daemon log I can see the following errors:
Apr 13 08:20:06 test-docker.novalocal dockerd: time="2021-04-13T08:20:06.417125309Z" level=debug msg="[resolver] lookup for IP 184.108.40.206: name runner-jl9klc-project-30504-concurrent-0-fd6217607b395033-build-3.runner-jl9klc-project-30504-concurrent-0-job-1297211-network" Apr 13 08:20:06 test-docker.novalocal dockerd: time="2021-04-13T08:20:06.417150733Z" level=error msg="[resolver] error writing resolver resp, dns: bad rdata"
Through manual testing I was able to verify that reverse DNS fails once the container name is larger than 62 characters.
Unfortunately I believe this Gitlab CI Runner behaviour is hard-coded so cannot be configured to make the container names smaller. Is there something that can be done in docker to mitigate this issue?
OS: CentOS 7
Server: Docker Engine - Community Engine: Version: 20.10.6 API version: 1.41 (minimum version 1.12) Go version: go1.13.15 Git commit: 8728dd2 Built: Fri Apr 9 22:43:57 2021 OS/Arch: linux/amd64 Experimental: false containerd: Version: 1.4.4 GitCommit: 05f951a3781f4f2c1911b05e61c160e9c30eaa8e runc: Version: 1.0.0-rc93 GitCommit: 12644e614e25b05da6fd08a38ffa0cfe1903fdec docker-init: Version: 0.19.0 GitCommit: de40ad0