Weave DNS server
The Weave DNS server answers name queries in a Weave network. It is
run per-host, to be supplied as the nameserver for containers on that
host. It is then told about hostnames for the local containers. For
other names it will ask the other weave hosts, or fall back to using
the host's configured name server.
Use
The Weave DNS container should be started after the Weave router --
i.e., after running weave launch
-- and joined to the Weave network.
In general, it should be given an IP in the same subnet as the
router. To watch for container events it must have the docker socker
mounted.
$ weave launch 10.0.0.1/16
$ weave run 10.0.0.2/16 --name=weavedns -v /var/run/docker.sock:/var/run/docker.sock zettio/weavedns
The docker IP for the container can then be provided as the --dns
value
for other containers:
$ dns_ip=$(docker inspect --format='{{ .NetworkSettings.IPAddress }}' weavedns)
$ shell1=$(weave run 10.0.1.2/24 -h shell.weave.local --dns=$dns_ip -t ubuntu /bin/bash)
To associate a hostname with an IP, use an HTTP PUT to the DNS server:
$ shell1_ip=$(docker inspect --format='{{ .NetworkSettings.IPAddress }}' $shell1)
$ curl -X PUT "http://$dns_ip:6785/name/$shell1/10.0.1.2?fqdn=shell1.weave.local&routing_prefix=24&local_ip=$shell1_ip"
You should now be able to look up the name:
$ dig @$dns_ip +short shell1.weave.local
By default, the server will also watch docker events and remove
entries for any containers that die. You can tell it not to by adding
--watch=false
to the container args:
$ weave run 10.0.0.2/16 --name=weavedns -v /var/run/docker.sock:/var/run/docker.sock zettio/weavedns --watch=false
Present limitations
- The server will not know about restarted containers, unless you
re-PUT the name.
- The server will forget names if it is itself restarted.
- The server may give unreachable IPs as answers, since it
doesn't try to filter by subnet yet.
- We use UDP broadcast to find out about remote names (from Weave DNS
servers on other hosts); this likely won't scale well beyond a
certain point T.B.D., so we'll have to come up with another scheme.