0

First case:

I have the following docker-compose file

version: '3.4'

services:
  api:
    image: ${DOCKER_REGISTRY}project.api
    ports:
      - "5080:5080"
      - "5081:5081"
    build:
      context: .
      dockerfile: src/Api/Dockerfile.Debug
    environment:
      - ASPNETCORE_URLS=http://+:5080;http://+:5081;http://+:5443
      - ASPNETCORE_HTTP_PORT=5080
      - MANAGEMENT_HTTP_PORT=5081
      - ASPNETCORE_ENVIRONMENT=Local

When doing docker-compose up the container cannot access some endpoint that is supposed to give a token to the api running in the container. So I am having a timeout error.

Second case: However, with the following file it works with no problem.

version: '3.4'

services:
  api:
    image: ${DOCKER_REGISTRY}project.api
    build:
      context: .
      dockerfile: src/Api/Dockerfile.Debug
    environment:
      - ASPNETCORE_URLS=http://+:5080;http://+:5081;http://+:5443
      - ASPNETCORE_HTTP_PORT=5080
      - MANAGEMENT_HTTP_PORT=5081
      - ASPNETCORE_ENVIRONMENT=Local
    network_mode: host

It's worth noticing that on my host machine, the token-endpoint is accessible only when my vpn is running.

I've tried to to see what's is the /etc/resolv.conf/ in the containers in both cases (using docker exec -it "container_id" bash):

First Case: (the non-working case)

search XXX.biz YYY.biz
nameserver 127.0.0.11
options ndots:0

Second Case: (the working case)

search XXX.biz  YYY.biz
nameserver 10.10.***.***
nameserver 10.11.***.***
nameserver 8.8.8.8

I tried to add the missing entries nameserver 10.10.. nameserver 10.11.. nameserver 8.8.8.8

in daemon.json as following:

{
    "dns": [ "10.10.***.***", "10.11.***.***", "8.8.8.8" ],
    "dns-search": [ "XXX.biz", "YYY.biz" ]
}

but it doesn't solve the problem with the first case and I still don't see those entries inside the /etc/resolve.conf/ file inside my container.

Any ideas how to fix the first case?

PS: I have a debian 10 machine

I have tried all of the following attempts, nothing works

Attempt 1: I also tried to add dns entries in docker-compose file but it doesn't work neither.

Attempt 2: Adding dns entries in docker-compose and also networ_mode : brdige. This also adds the entries in the /etc/resolv.conf but the app still cannot get the token.

Attempt 3: Manual mounting where ./resolv.conf file contains what is expected.

volumes:
- ./resolv.conf:/etc/resolv.conf

This also adds the entries in the /etc/resolv.conf but the app still cannot get the token.

The error is

An error has occurred in Timed KeyCloak Authentificated Service
api_1  |       System.Net.Http.HttpRequestException: Resource temporarily unavailable (oauth2.XXX.com:443)

The problem seems to be related to accessing the internet generally and not just accessing the token provider. Indeed, executing the following script within the container returns "Offline"

echo -e "GET http://google.com HTTP/1.0\n\n" | nc google.com 80 > /dev/null 2>&1

if [ $? -eq 0 ]; then
    echo "Online"
else
    echo "Offline"
fi
Offline
Improve this question
1
  • Hi probably the easiest way is to use a fixed resolv.conf use as a volume to overwrite the internal resolv.conf ie : -v ./resolv.conf:/etc/resolv.conf Commented Jun 24, 2022 at 12:00

0

Reset to default

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.