Docker Community Forums

Share and learn in the Docker community.

Why can my container access my host via hostname?

I have a docker container running on a linux host. The linux host has a hostname of ‘jrm-dev1’.
I am able to ping my linux host and access services running separately on my host, using the hostname ‘jrm-dev1’, with no extra configuration.
While this is no bad thing for my setup, I need to understand how I have arrived at this situation as other installations typically cannot do this.

As I understand, docker copies the DNS entries found in /etc/resolv.conf to containers, stripping out any local servers, as detailed here. This is why it is typically not possible to ping the host via its’ hostname (leading to plenty of questions and different solutions).

Now, if I look in my own /etc/resolv.conf, I have:

nameserver 127.0.0.53
options edns0

So I think nothing should be copied across to docker here?
Likewise, I have no DNS settings configured in my /etc/docker/daemon.json.

However, if I do an nslookup on the docker bridge network, I get:

nslookup 172.17.0.1
1.0.17.172.in-addr.arpa	name =jrm-dev1.
1.0.17.172.in-addr.arpa	name = jrm-dev1.local.

And every custom network I create resolves to the same address - is that normal or is it exceptional for my case?

By any chance, did you use macvlan on your other docker hosts? This would explain why container to host communication was not possible on those.

By default files like /etc/resolv.conf and /etc/hosts are mounted(!) from the host into the container. Exec into a running container and just execute mount and see for yourself.

It’s normal!

Never used macvlan networking. Always user-defined bridge networks (via docker-compose).
So the real question is - why is it sometimes not possible?

Basically we are providing some docker containers and a docker-compose definition. One of the containers expect to speak to a non-docker service (a licensing service) running elsewhere. Our sales people typically do a setup where they have 1 host for the containers and non-docker service.
From time to time, someone ends up being unable to communicate from container to host using the hostname (it works with the IP address). Thus far we have not been able to decipher why…

OK, I didn’t know that /etc/hosts is also mounted, so this is another file to look into…

The sometimes in that question is worrying.

Beeing dependent on external services is not that uncommon. Typical use case: a containerized app that requires a database outside the container engine.

Good luck in troubleshooting!