User Tools

Site Tools


en:ressources:articles:coredns

CoreDNS server inside a Docker container

This howto describes how to run CoreDNS in a Docker container. It assumes a running docker setup.

Fetch the container

CoreDNS maintains a docker container at https://hub.docker.com/r/coredns/coredns/.

# docker pull coredns/coredns
Using default tag: latest
latest: Pulling from coredns/coredns
Digest: sha256:1eeb4c7316bacb1d4c8ead65571cd92dd21e27359f0d4917f1a5822a73b75db1
Status: Image is up to date for coredns/coredns:latest
docker.io/coredns/coredns:latest

Create local configurations

Configurations need to live outside the container and be mounted as a volume. We create a folder in /root/containers/coredns on the host to store these configuration.

The first configuration file declares a zone with the location of a database file. The second configuration file declares DNS records in a zone file.

# mkdir /root/containers/coredns
# cat /root/containers/coredns/Corefile
necto.org:53 {
	file /root/necto.org.db # the location of the database file inside the container
	log
	errors
}

The database file uses the standard Bind syntax. See RFC 1035 for more info on how to structure zone files.

Note that the serial *must* store in a 32 bits integer so keep it at 10 digits for simplicity.

# cat /root/containers/coredns/necto.org.db 
necto.org. IN SOA ns1.necto.org. administrator.necto.org. 2024071901 7200 3600 1209600 3600
legolas.necto.org. IN A 75.67.215.94
ns1.necto.org. IN CNAME legolas.necto.org.

Start the container

The docker run command mounts the folder from the host into the container and sets the configuration flag to point to the Corefile file inside the container. We also forward UDP 53 to answer queries.

# docker run -d --name coredns --restart=always --volume=/root/containers/coredns/:/root/ -p 53:53/udp coredns/coredns -conf /root/Corefile

docker ps, docker logs and docker inspect can be used to evaluate the state of the container.

# docker ps
CONTAINER ID   IMAGE             COMMAND                  CREATED       STATUS       PORTS                                       NAMES
330c19f5b978   coredns/coredns   "/coredns -conf /roo…"   3 hours ago   Up 3 hours   53/tcp, 0.0.0.0:53->53/udp, :::53->53/udp   coredns

# docker logs 330c19f5b978
necto.org.:53
CoreDNS-1.11.1
linux/arm64, go1.20.7, ae2bbc2
[INFO] 172.17.0.1:36321 - 6587 "A IN legolas.necto.org. udp 58 false 1232" NOERROR qr,aa,rd 68 0.000162407s
[INFO] 199.47.252.56:36063 - 45182 "A IN legolas.necto.org. udp 58 false 4096" NOERROR qr,aa,rd 68 0.000134611s

# docker inspect 330c19f5b978
[
    {
        "Id": "330c19f5b978e1101a7f500596b2f26227f49794dccf8f7d48dd8016e1fddc62",
        "Created": "2024-07-19T12:00:22.78761211Z",
        "Path": "/coredns",
...

Run the container as a systemd service

To run the container as a systemd service, create the following service file under /etc/systemd/system/docker.coredns.service

# cat /etc/systemd/system/docker.coredns.service 
[Unit]
Description=CoreDNS Container
After=docker.service
Requires=docker.service

[Service]
TimeoutStartSec=0
Restart=always
ExecStartPre=-/usr/bin/docker stop %n
ExecStartPre=-/usr/bin/docker rm %n
ExecStartPre=/usr/bin/docker pull coredns/coredns
ExecStart=/usr/bin/docker run --name %n --volume=/root/containers/coredns/:/root/ -p 53:53/udp coredns/coredns -conf /root/Corefile

[Install]
WantedBy=multi-user.target

And run it with the following command:

# systemctl start docker.coredns

# systemctl|grep coredns
docker.coredns.service                        loaded active running   CoreDNS Container

Use systemctl enable docker.coredns to run it at startup.

en/ressources/articles/coredns.txt · Last modified: 2024/07/19 11:32 by admin