Docker DNS Issue Fixed

Issue:

I have recently installed Pi-Hole container on my docker. My CertBot container can’t access internet to renew certificates. Also, one of recently restarted WordPress container no longer able to access internet as well to add new plugins. What’s going on?

  • WordPress: can’t add new theme or plugin
  • CertBot: can’t connect to “https://acme-v01.api.letsencrypt.org/directory”

Environment:

Ubuntu, Docker, Nginx, Pi-Hole, CertBot, WordPress

Resolution:

Due to the container routing through Pi-hole, when container restarted, the routing go through Pi-Hole instead of router. So, in order for container to go directly to router and skip Pi-Hole, you have an option to add a daemon.json file with router gateway IP to Docker configuration location. To do this, please follow instructions below.

Step-by-step instructions:-

  1. First, locate where your docker daemon configuration file. Usually it’s located at “/etc/docker/daemon.json”. If you just see key.json file, then you’re in the right spot.
  2. If daemon.json not found, create daemon.json file with your favorite editor.
    sudo vi /etc/docker/daemon.json
  3. Copy and paste following content start with “{“ and end with “}” below:
    {
    "dns": ["10.0.0.1"]
    }
  4. Change sample DNS entry 10.0.0.1 to your DNS Server IP or Router IP address. If you setup Pi-Hole, look under your DNS entries. You may add alternative DNS failover with comma like below:
    {
    "dns": ["10.0.0.1","8.8.8.8"]
    }
  5. Save ([Esc]:wq) and restart docker service by typing:
    sudo service docker restart
  6. Once all your containers restarted, try ping again to see if problem resolves.
    To test CertBot container internet connectivity, use this command:

    sudo docker exec certbot_container_name ping google.com

 

Troubleshoot:

  1. If you can’t add new theme or plugin to WordPress, your WordPress container probably can’t access internet. Try above solution and restart your container.
  2. If you try to create certificate with CertBot and get an error message saying something like can’t connect to “https://acme-v01.api.letsencrypt.org/directory”. Try above solution and restart your container.
  3. If your Docker container route traffic through Pi-Hole (i.e., 10.0.0.2) due to changed in router Dnsmasq, try above solution and restart your container.
    Dnsmasq = dhcp-option=6,10.0.0.2

Reference:

Daemon Configuration File

Sample command to test if docker site is working:

root@server:$ curl -H "Host: www.problemsolvedtoo.com" localhost

Sample command to create certificate with CertBot:

sudo docker exec certbot certbot certonly --webroot -w /var/www/certbot --staging --email certbot@problemsolvedtoo.com -d www.problemsolvedtoo.com --rsa-key-size 4096 --agree-tos --force-renewal

 

WordPress Media Upload Error on Docker with Nginx

Issue:

HTTP error message displayed when upload media on WordPress as shown below

or

Error message found in nginx error log:
[error] 71#71: *164 client intended to send too large body: 1524386 bytes

Environment:

WordPress on Docker with Nginx

Resolution:

increase upload size by adding below syntax to nginx.conf:

client_max_body_size 8M;

Step-by-step instructions:-

Step 1) copy original nginx.conf file from nginx container with Docker command

docker cp 98fd0d924718:/etc/nginx/nginx.conf .

Note: replace 98fd0d924718 with your nginx container id

Step 2) open nginx.conf file and add client_max_body_size 8M; between “http {“ and before “log_format”

http {
     include /etc/nginx/mime.types;
     default_type application/octet-stream;
     client_max_body_size 8M;
     log_format main ‘$remote_addr - $remote_user [$time_local] “$request” ‘

Step 3) copy modified nginx.conf file back to nginx container

docker cp nginx.conf 98fd0d924718:/etc/nginx/nginx.conf

Step 4) enter nginx container to restart nginx service

docker exec -it 98fd0d924718 /bin/bash
service nginx reload

Step 5) try to upload again. If you want to increase the size of upload file more than default 2MB, follow this instruction.

Reference:

http://wiki.nginx.org/HttpCoreModule#client_max_body_size