BUG001:Docker-Alpine-Golang-APP修改hosts文件不生效的问题
2. Docker Alpine 容器修改/etc/hosts 不生效的问题
有些团队开的工作开发时喜欢使用修改hosts 来绑定开发域名和子域名之间的cookie共享,但是在使用 golang app使用 alpine docker image(container)的时候,修改 /etc/hosts 文件不能生效.
解决办法:在你的dockerfile中加入这样一条指令
FROM alpine
LABEL maintainer="Eric Zhou<EricZhou@mojotv.cn>"
# 解决解决etc/hosts 不生效的问题
RUN echo "hosts: files dns" > /etc/nsswitch.conf
3.为什么这个问题会出现在golang中?
alpine 容器默认缺少 /etc/nsswitch.conf 文件,需要写入hosts: files dns
在标准库中net 源码 net/conf.go 120~281行中
// hostLookupOrder determines which strategy to use to resolve hostname.
// The provided Resolver is optional. nil means to not consider its options.
func (c *conf) hostLookupOrder(r *Resolver, hostname string) (ret hostLookupOrder) {
if c.dnsDebugLevel > 1 {
defer func() {
print("go package net: hostLookupOrder(", hostname, ") = ", ret.String(), "\n")
}()
}
fallbackOrder := hostLookupCgo
if c.netGo || r.preferGo() {
fallbackOrder = hostLookupFilesDNS
}
if c.forceCgoLookupHost || c.resolv.unknownOpt || c.goos == "android" {
return fallbackOrder
}
if bytealg.IndexByteString(hostname, '\\') != -1 || bytealg.IndexByteString(hostname, '%') != -1 {
// Don't deal with special form hostnames with backslashes
// or '%'.
return fallbackOrder
}
// OpenBSD is unique and doesn't use nsswitch.conf.
// It also doesn't support mDNS.
if c.goos == "openbsd" {
// OpenBSD's resolv.conf manpage says that a non-existent
// resolv.conf means "lookup" defaults to only "files",
// without DNS lookups.
if os.IsNotExist(c.resolv.err) {
return hostLookupFiles
}
lookup := c.resolv.lookup
if len(lookup) == 0 {
// https://www.openbsd.org/cgi-bin/man.cgi/OpenBSD-current/man5/resolv.conf.5
// "If the lookup keyword is not used in the
// system's resolv.conf file then the assumed
// order is 'bind file'"
return hostLookupDNSFiles
}
if len(lookup) < 1 || len(lookup) > 2 {
return fallbackOrder
}
switch lookup[0] {
case "bind":
if len(lookup) == 2 {
if lookup[1] == "file" {
return hostLookupDNSFiles
}
return fallbackOrder
}
return hostLookupDNS
case "file":
if len(lookup) == 2 {
if lookup[1] == "bind" {
return hostLookupFilesDNS
}
return fallbackOrder
}
return hostLookupFiles
default:
return fallbackOrder
}
}
// Canonicalize the hostname by removing any trailing dot.
if stringsHasSuffix(hostname, ".") {
hostname = hostname[:len(hostname)-1]
}
if stringsHasSuffixFold(hostname, ".local") {
// Per RFC 6762, the ".local" TLD is special. And
// because Go's native resolver doesn't do mDNS or
// similar local resolution mechanisms, assume that
// libc might (via Avahi, etc) and use cgo.
return fallbackOrder
}
nss := c.nss
srcs := nss.sources["hosts"]
// If /etc/nsswitch.conf doesn't exist or doesn't specify any
// sources for "hosts", assume Go's DNS will work fine.
if os.IsNotExist(nss.err) || (nss.err == nil && len(srcs) == 0) {
if c.goos == "solaris" {
// illumos defaults to "nis [NOTFOUND=return] files"
return fallbackOrder
}
if c.goos == "linux" {
// glibc says the default is "dns [!UNAVAIL=return] files"
// https://www.gnu.org/software/libc/manual/html_node/Notes-on-NSS-Configuration-File.html.
return hostLookupDNSFiles
}
return hostLookupFilesDNS
}
if nss.err != nil {
// We failed to parse or open nsswitch.conf, so
// conservatively assume we should use cgo if it's
// available.
return fallbackOrder
}
var mdnsSource, filesSource, dnsSource bool
var first string
for _, src := range srcs {
if src.source == "myhostname" {
if isLocalhost(hostname) || isGateway(hostname) {
return fallbackOrder
}
hn, err := getHostname()
if err != nil || stringsEqualFold(hostname, hn) {
return fallbackOrder
}
continue
}
if src.source == "files" || src.source == "dns" {
if !src.standardCriteria() {
return fallbackOrder // non-standard; let libc deal with it.
}
if src.source == "files" {
filesSource = true
} else if src.source == "dns" {
dnsSource = true
}
if first == "" {
first = src.source
}
continue
}
if stringsHasPrefix(src.source, "mdns") {
// e.g. "mdns4", "mdns4_minimal"
// We already returned true before if it was *.local.
// libc wouldn't have found a hit on this anyway.
mdnsSource = true
continue
}
// Some source we don't know how to deal with.
return fallbackOrder
}
// We don't parse mdns.allow files. They're rare. If one
// exists, it might list other TLDs (besides .local) or even
// '*', so just let libc deal with it.
if mdnsSource && c.hasMDNSAllow {
return fallbackOrder
}
// Cases where Go can handle it without cgo and C thread
// overhead.
switch {
case filesSource && dnsSource:
if first == "files" {
return hostLookupFilesDNS
} else {
return hostLookupDNSFiles
}
case filesSource:
return hostLookupFiles
case dnsSource:
return hostLookupDNS
}
// Something weird. Let libc deal with it.
return fallbackOrder
}
重点关注 c.goos == "linux" hostLookupDNSFiles: "dns,files"
if c.goos == "linux" {
// glibc says the default is "dns [!UNAVAIL=return] files"
// https://www.gnu.org/software/libc/manual/html_node/Notes-on-NSS-Configuration-File.html.
return hostLookupDNSFiles
}
29.2.3 Notes on the NSS Configuration File Finally a few more hints. The NSS implementation is not completely helpless if /etc/nsswitch.conf does not exist. For all supported databases there is a default value so it should normally be possible to get the system running even if the file is corrupted or missing. For the hosts and networks databases the default value is dns [!UNAVAIL=return] files. I.e., the system is prepared for the DNS service not to be available but if it is available the answer it returns is definitive.