Try these
Background info on my setup
- ubuntu/bind9:9.20-24.10_edge docker image . Mainly because internetsystemsconsortium/bind9 don't hame arm64 image.
- test on host port 10053 first, so you can make sure it works while still having whatever is currently using port 53 running (e.g. your non-docker bind9 setup)
- make sure the user owns the directory and is part of "docker" group (in my case, the user name is "user")
$ id
uid=1000(user) gid=1000(user) groups=1000(user),997(docker)
Preparation:
- make sure docker-ce-cli and docker-compose-plugin is installed (if you can run "docker compose", you should be fine already)
- pick a directory (in my case, /data/bind9), make user the user running docker owns it.
- easiest way to setup sub directories for docker volumes: $ mkdir -m 1777 {etc,cache,lib}
- create minimal etc/named.conf
options {
directory "/var/cache/bind";
// needed if your ISP mess with DNS
dnssec-validation no;
};
- create this compose.yml, then run "docker compose up"
services:
bind9:
image: ubuntu/bind9:9.20-24.10_edge
command: "docker-entrypoint.sh -4"
ports:
- "10053:53"
- "10053:53/udp"
volumes:
- etc:/etc/bind
- lib:/var/lib/bind
- cache:/var/cache/bind
volumes:
etc:
driver: local
driver_opts:
device: "./etc"
type: none
o: bind
lib:
driver: local
driver_opts:
device: "./lib"
type: none
o: bind
cache:
driver: local
driver_opts:
device: "./cache"
type: none
o: bind
- or you can also run
docker run --rm -it --name bind9 \
-e TZ=UTC \
-p 10053:53 -p 10053:53/udp \
-v ./etc:/etc/bind \
-v ./lib:/var/lib/bind \
-v ./cache:/var/cache/bind \
ubuntu/bind9:9.20-24.10_edge \
docker-entrypoint.sh -4
- to exit, press ctrl-c on the docker / docker compose terminal
- to listen on your ip address port 53, replace "10053:53" with "your_ip_addres:53:53", e.g "192.168.25.156:53:53". note that you will also need to edit named.conf to allow queries from that subnet
--
Fajar
Hi all,
Thanks for taking the time. I've been spending many hours on this, to no
solution. But, some things that may shine more light:
When the container is stuck restarting, the error, aside from exit code
1, is "user 'bind' is not recognised" or something similar, and checking
the container entrypoint "/usr/sbin/named -u bind -f -c
/etc/bind/named.conf", it tries to use the user "bind" to start "named",
but this user is present in the base image (checking /etc/passwd)...
For a long time I wasn't able to find other logs and I resorted to using
a Dockerfile to see if I could control more steps for the image, no help.
So I started off with what works, running a container directly from the
image (doesn't get stuck restarting), and copying the files to it
`docker container cp /config/named.conf
<container_name>:/etc/bind/named.conf` etc., and finally exec'ing into
the container's shell and launching `/usr/sbin/named -u bind -f -g -c
/etc/bind/named.conf`, this showed me that there were some errors in the
config (thanks for the -g heads up), that I could address.
However through docker compose, I still get the "named: user 'bind'
unknown" error.