From 1b76b44d2285d224d906cf67b462bc994a062237 Mon Sep 17 00:00:00 2001 From: James Phillips Date: Fri, 16 Dec 2016 10:31:51 -0800 Subject: [PATCH] Adds Google DNS recursor to DNS example. --- consul/content.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/consul/content.md b/consul/content.md index 4144fadc0..01d93db00 100644 --- a/consul/content.md +++ b/consul/content.md @@ -161,15 +161,15 @@ By default, Consul's DNS server is exposed on port 8600. Because this is cumbers Here's an example: ```console -$ docker run -d --net=host -e 'CONSUL_ALLOW_PRIVILEGED_PORTS=' consul -dns-port=53 +$ docker run -d --net=host -e 'CONSUL_ALLOW_PRIVILEGED_PORTS=' consul -dns-port=53 -recursor=8.8.8.8 ``` -If you are binding Consul's client interfaces to the host's loopback address, then you should be able to configure your host's `resolv.conf` to route DNS requests to Consul by including "127.0.0.1" as the primary DNS server. This would expose Consul's DNS to all applications running on the host, but due to Docker's built-in DNS server, you can't point to this directly from inside your containers; Docker will issue an error message if you attempt to do this. You must configure Consul to listen on a non-localhost address that is reachable from within other containers. +This example also includes a recursor configuration that uses Google's DNS servers for non-Consul lookups. You may want to adjust this based on your particular DNS configuration. If you are binding Consul's client interfaces to the host's loopback address, then you should be able to configure your host's `resolv.conf` to route DNS requests to Consul by including "127.0.0.1" as the primary DNS server. This would expose Consul's DNS to all applications running on the host, but due to Docker's built-in DNS server, you can't point to this directly from inside your containers; Docker will issue an error message if you attempt to do this. You must configure Consul to listen on a non-localhost address that is reachable from within other containers. Once you bind Consul's client interfaces to the bridge or other network, you can use the `--dns` option in your *other containers* in order for them to use Consul's DNS server, mapped to port 53. Here's an example: ```console -$ docker run -d --net=host -e 'CONSUL_ALLOW_PRIVILEGED_PORTS=' consul agent -dns-port=53 -bind= +$ docker run -d --net=host -e 'CONSUL_ALLOW_PRIVILEGED_PORTS=' consul agent -dns-port=53 -recursor=8.8.8.8 -bind= ``` Now start another container and point it at Consul's DNS, using the bridge address of the host: