diff --git a/consul/content.md b/consul/content.md index 5b91d3da1..e0abdb84c 100644 --- a/consul/content.md +++ b/consul/content.md @@ -164,24 +164,26 @@ By default the dev, client, and server modes started by the endpoint will expose $ docker run --net=host -p 53:8600/tcp -p 53:8600/udp hashicorp/consul ``` -If you are binding Consul's client interfaces to the host's loopback address, then you should be able to configure your host's `resolv.conf` to route DNS requests to Consul by including "127.0.0.1" as the primary DNS server. Due to Docker's built-in DNS server, you can't point to this directly from inside your containers; Docker will issue an error message if you attempt to do this. +If you are binding Consul's client interfaces to the host's loopback address, then you should be able to configure your host's `resolv.conf` to route DNS requests to Consul by including "127.0.0.1" as the primary DNS server. This would expose Consul's DNS to all applications running on the host, but due to Docker's built-in DNS server, you can't point to this directly from inside your containers; Docker will issue an error message if you attempt to do this. You must configure Consul to listen on a non-localhost address that is reachable from within other containers. -If you are binding Consul's client interfaces to the bridge or other network, you can use the `--dns` option in your *other containers* in order for them to use Consul's DNS server, mapped to port 53. Here's an example: +Once you bind Consul's client interfaces to the bridge or other network, you can use the `--dns` option in your *other containers* in order for them to use Consul's DNS server, mapped to port 53. Here's an example: ```console -$ docker run -d --net=host -p 53:8600/tcp -p 53:8600/udp consul client -bind= +$ docker run -d --net=host -p 53:8600/tcp -p 53:8600/udp consul client -bind= ``` Now start another container and point it at Consul's DNS, using the bridge address of the host: ```console -$ docker run -i --dns= -t ubuntu sh -c "apt-get install -y dnsutils && dig consul.service.consul" +$ docker run -i --dns= -t ubuntu sh -c "apt-get install -y dnsutils && dig consul.service.consul" ... ;; ANSWER SECTION: consul.service.consul. 0 IN A 66.175.220.234 ... ``` +In the example above, adding the bridge address to the host's `/etc/resolv.conf` file should expose it to all containers without running with the `--dns` option. + ## Service Discovery with Containers There are several approaches you can use to register services running in containers with Consul. For manual configuration, your containers can use the local agent's APIs to register and deregister themselves, see the [Agent API](https://www.consul.io/docs/agent/http/agent.html) for more details. Another strategy could be to create a derived Consul container for each host type which includes JSON config files for Consul to parse at startup, see [Services](https://www.consul.io/docs/agent/services.html) for more information. Both of these approaches are fairly cumbersome, and the configured services may fall out of sync if containers die or additional containers are started.