Docker swarm on AWS – swarm services cannot access internet

I’ve create a docker swarm (Docker version 17.03.1-ce) of one manager and 2 workers. All swarm nodes can “ping stackoverflow.com” but inside the swarm service containers I can “ping 8.8.8.8” and not “ping stackoverflow.com”, they can not resolve the domain name.

on the manager I have in /usr/sbin/dhclient-script

  • AWS ECS - how to log to cloudwatch from ECS container?
  • Get elastic beanstalk environment variables in docker container
  • subdomain is created via domain regitrar or web server?
  • Use --build-arg value in Dockerfile FROM parameter
  • Amazon Container Registry Only with ECS?
  • Use RDS or a container (ECS) for database? Advantages and disadvantages
  • search eu-central-1.compute.internal
    nameserver 10.0.0.2
    

    and on one of the containers I have in /usr/sbin/dhclient-script

    search eu-central-1.compute.internal
    nameserver 127.0.0.11
    options ndots:0
    

    Docker networks:

    $ docker network ls
    
    NETWORK ID          NAME                DRIVER              SCOPE
    ID                  bridge              bridge              local
    ID                  docker_gwbridge     bridge              local
    ID                  host                host                local
    ID                  ingress             overlay             swarm
    ID                  my_overlay          overlay             swarm
    ID                  none                null                local
    

    I start the docker service this way:

    docker service create \
        --name myservice \
        --replicas 1 \
        --endpoint-mode dnsrr \
        --network my_overlay \
        --constraint 'node.role == manager' \
        --env COOKIE='SRV insert indirect nocache maxidle 30m maxlife 8h' \
        --env VIRTUAL_HOST='myservice' \
        --env SERVICE_PORTS='8080' \
    myservice_image
    

    AWS VPC and security groups are configured correctly I think, since ec2 instances can reach external domain names, and can be reached externally too.
    Why can’t myservice resolve for example stackoverflow.com?

  • How do I connect a Docker container running in boot2docker to a network service running on another host?
  • How do you determine if a docker container is running on remote docker-machine or locally running in docker engine?
  • Building draw.io WAR
  • Doctrine missing “WHERE” clause
  • Docker failover: Redis, MySQL and Nginx
  • Can't connect to cassandra cluster, but can connect to single node?
  • One Solution collect form web for “Docker swarm on AWS – swarm services cannot access internet”

    It seems that the problem is solved.

    I habe to add "dns": ["8.8.8.8","8.8.4.4"] to /etc/docker/daemon.json.

    I tried to do the same in /etc/default/docker, it didn’t work, I guess that’s the old way.

    Docker will be the best open platform for developers and sysadmins to build, ship, and run distributed applications.