Network DNS between pods in rootless Podman

641 views Asked by At

I am putting my containers in different pods to better organise my application. Here is my setup:

  • Network: public
  • Pod1 (expose 80, 81, 443) attached to network public:
    • NginX Proxy Manager
    • MariaDB
  • Pod2 attached to network public:
    • Node-red

Now, I want NginX Proxy Manager (NPM) to talk to Node-red.

My commands are as follow:

podman network create public
podman pod create --name pod1 --network public -p 2080:80,2081:81,2443:443
podman pod create --name pod2 --network public
podman run -d --pod pod1 --name db -e MYSQL_ROOT_PASSWORD=... jc21/mariadb-aria:latest
podman run -d --pod pod1 --name nom -e ... jc21/nginx-proxy-manager:latest
podman run -d --pod pod2 --name my-node-red node red/node-red:latest

I had a similar setup on Windows with WSL podman machine, rootless, and it works, i.e. I can ping node-red from npm, but it does not work on my OpenSUSE Micro server. When I lookup the IP of the node-red container, npm can reach node-red via IP, so this is only a DNS issue.

Some post pointed to the podman-plugins package, which from the description, seems to address the DNS problem. However, that package is deprecated as of today, and from the description, it seems that it has become part of podman network.

What I am looking for is the DNS resolution so that NPM can find node-red via pod name, i.e. in NPM, I can point to pod2, instead of the IP of pod2.

Note: I am running Podman 4.4.4 in OpenSUSE Leap Micro.

1

There are 1 answers

4
Khanetor On BEST ANSWER

I finally found the answer, and I find the Podman community to be very unresponsive. I hope this would change in the near future.

What was happening was that, when I install podman 4.4.4, the latest offering on OpenSUSE Leap, the default network backend is CNI, which does not support container DNS. What I did was installing netavark and aardvark-dns.

# Depending on your distro, you may have different installation commands
# This is for OpenSUSE Leap Micro
sudo transactional-update reboot pkg in netavark aardvark-dns

After that, I reset my podman machine. Maybe there is a way to just change the network backend, but reseting the podman machine delete everything; images, containers, pods. Regardless, from now on, when I create a network, the default network backend is netavark, which has container DNS.

podman network create some-network

You can now create rootless containers and pods, and have them talk to each other via pod names. I have not tried using container names with containers outside of pods, but I suspect it would work as well.

BR