Try these

Background info on my setup
- ubuntu 24.04 + https://docs.docker.com/engine/install/ubuntu/ , arm64 (a
vm on mac, if it matters). Other distros should work fine too, as long it
can run docker compose.
- ubuntu/bind9:9.20-24.10_edge docker image . Mainly
because internetsystemsconsortium/bind9 don't hame arm64 image.
- test on host port 10053 first, so you can make sure it works while still
having whatever is currently using port 53 running (e.g. your non-docker
bind9 setup)
- make sure the user owns the directory and is part of "docker" group (in
my case, the user name is "user")
$ id
uid=1000(user) gid=1000(user) groups=1000(user),997(docker)

Preparation:
- make sure docker-ce-cli and docker-compose-plugin is installed (if you
can run "docker compose", you should be fine already)
- pick a directory (in my case, /data/bind9), make user the user running
docker owns it.
- easiest way to setup sub directories for docker volumes: $ mkdir -m 1777
{etc,cache,lib}
- create minimal etc/named.conf
options {
        directory "/var/cache/bind";
        // needed if your ISP mess with DNS
        dnssec-validation no;
};

- create this compose.yml, then run "docker compose up"
services:
  bind9:
    image: ubuntu/bind9:9.20-24.10_edge
    command: "docker-entrypoint.sh -4"
    ports:
      - "10053:53"
      - "10053:53/udp"
    volumes:
      - etc:/etc/bind
      - lib:/var/lib/bind
      - cache:/var/cache/bind
volumes:
  etc:
    driver: local
    driver_opts:
      device: "./etc"
      type: none
      o: bind
  lib:
    driver: local
    driver_opts:
      device: "./lib"
      type: none
      o: bind
  cache:
    driver: local
    driver_opts:
      device: "./cache"
      type: none
      o: bind

- or you can also run
docker run --rm -it --name bind9 \
  -e TZ=UTC \
  -p 10053:53 -p 10053:53/udp \
  -v ./etc:/etc/bind \
  -v ./lib:/var/lib/bind \
  -v ./cache:/var/cache/bind \
  ubuntu/bind9:9.20-24.10_edge \
  docker-entrypoint.sh -4

- on another terminal, "dig google.com @127.0.0.1 -p 10053"
- to exit, press ctrl-c on the docker / docker compose terminal
- to listen on your ip address port 53, replace "10053:53" with
"your_ip_addres:53:53", e.g "192.168.25.156:53:53". note that you will also
need to edit named.conf to allow queries from that subnet

-- 
Fajar

On Mon, Dec 30, 2024 at 1:27 AM Pablo Andalaft Tarodo <pa...@heavenly.cl>
wrote:

> Hi all,
>
>
> Thanks for taking the time. I've been spending many hours on this, to no
> solution. But, some things that may shine more light:
>
> When the container is stuck restarting, the error, aside from exit code
> 1, is "user 'bind' is not recognised" or something similar, and checking
> the container entrypoint "/usr/sbin/named -u bind -f -c
> /etc/bind/named.conf", it tries to use the user "bind" to start "named",
> but this user is present in the base image (checking /etc/passwd)...
>
> For a long time I wasn't able to find other logs and I resorted to using
> a Dockerfile to see if I could control  more steps for the image, no help.
>
> So I started off with what works, running a container directly from the
> image (doesn't get stuck restarting), and copying the files to it
> `docker container cp /config/named.conf
> <container_name>:/etc/bind/named.conf` etc., and finally exec'ing into
> the container's shell and launching `/usr/sbin/named -u bind -f -g -c
> /etc/bind/named.conf`, this showed me that there were some errors in the
> config (thanks for the -g heads up), that I could address.
>
> However through docker compose, I still get the "named: user 'bind'
> unknown" error.
>
>
-- 
Visit https://lists.isc.org/mailman/listinfo/bind-users to unsubscribe from 
this list

ISC funds the development of this software with paid support subscriptions. 
Contact us at https://www.isc.org/contact/ for more information.


bind-users mailing list
bind-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/bind-users

Reply via email to