Table of Contents
CoreDNS server inside a Docker container
This howto describes how to run CoreDNS in a Docker container. It assumes a running docker setup.
Fetch the container
CoreDNS maintains a docker container at https://hub.docker.com/r/coredns/coredns/.
# docker pull coredns/coredns Using default tag: latest latest: Pulling from coredns/coredns Digest: sha256:1eeb4c7316bacb1d4c8ead65571cd92dd21e27359f0d4917f1a5822a73b75db1 Status: Image is up to date for coredns/coredns:latest docker.io/coredns/coredns:latest
Create local configurations
Configurations need to live outside the container and be mounted as a volume. We create a folder in /root/containers/coredns on the host to store these configuration.
The first configuration file declares a zone with the location of a database file. The second configuration file declares DNS records in a zone file.
# mkdir /root/containers/coredns
# cat /root/containers/coredns/Corefile
necto.org:53 {
file /root/necto.org.db # the location of the database file inside the container
log
errors
}
The database file uses the standard Bind syntax. See RFC 1035 for more info on how to structure zone files.
Note that the serial *must* store in a 32 bits integer so keep it at 10 digits for simplicity.
# cat /root/containers/coredns/necto.org.db necto.org. IN SOA ns1.necto.org. administrator.necto.org. 2024071901 7200 3600 1209600 3600 legolas.necto.org. IN A 75.67.215.94 ns1.necto.org. IN CNAME legolas.necto.org.
Start the container
The docker run command mounts the folder from the host into the container and sets the configuration flag to point to the Corefile file inside the container. We also forward UDP 53 to answer queries.
# docker run -d --name coredns --restart=always --volume=/root/containers/coredns/:/root/ -p 53:53/udp coredns/coredns -conf /root/Corefile
docker ps, docker logs and docker inspect can be used to evaluate the state of the container.
# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
330c19f5b978 coredns/coredns "/coredns -conf /roo…" 3 hours ago Up 3 hours 53/tcp, 0.0.0.0:53->53/udp, :::53->53/udp coredns
# docker logs 330c19f5b978
necto.org.:53
CoreDNS-1.11.1
linux/arm64, go1.20.7, ae2bbc2
[INFO] 172.17.0.1:36321 - 6587 "A IN legolas.necto.org. udp 58 false 1232" NOERROR qr,aa,rd 68 0.000162407s
[INFO] 199.47.252.56:36063 - 45182 "A IN legolas.necto.org. udp 58 false 4096" NOERROR qr,aa,rd 68 0.000134611s
# docker inspect 330c19f5b978
[
{
"Id": "330c19f5b978e1101a7f500596b2f26227f49794dccf8f7d48dd8016e1fddc62",
"Created": "2024-07-19T12:00:22.78761211Z",
"Path": "/coredns",
...
Run the container as a systemd service
To run the container as a systemd service, create the following service file under /etc/systemd/system/docker.coredns.service
# cat /etc/systemd/system/docker.coredns.service [Unit] Description=CoreDNS Container After=docker.service Requires=docker.service [Service] TimeoutStartSec=0 Restart=always ExecStartPre=-/usr/bin/docker stop %n ExecStartPre=-/usr/bin/docker rm %n ExecStartPre=/usr/bin/docker pull coredns/coredns ExecStart=/usr/bin/docker run --name %n --volume=/root/containers/coredns/:/root/ -p 53:53/udp coredns/coredns -conf /root/Corefile [Install] WantedBy=multi-user.target
And run it with the following command:
# systemctl start docker.coredns # systemctl|grep coredns docker.coredns.service loaded active running CoreDNS Container
Use systemctl enable docker.coredns to run it at startup.