通过dns更新用docker主机更新bind nameserver区域。
docker-hostdns的Python项目详细描述
用法
docker hostdns 可以通过 docker hostdns包装脚本运行,也可以直接使用 python -m docker hostdns
usage: docker-entrypoint [-h] [--zone ZONE] [--dns-server DNS_SERVER] [--dns-key-secret DNS_KEY_SECRET] [--dns-key-name DNS_KEY_NAME] [--dns-key-alg {...}] [--name NAME] [--network NETWORK] [--verbose] [--syslog [SYSLOG]] [--clear-on-exit] Update BIND nameserver zone with Docker hosts via DNS Updates. optional arguments: -h, --help show this help message and exit --zone ZONE dns zone to update, defaults to "docker" --dns-server DNS_SERVER address of DNS server which will be updated, defaults to 127.0.0.1 --dns-key-secret DNS_KEY_SECRET DNS Server key secret for use when updating zone, use '-' to read from stdin --dns-key-name DNS_KEY_NAME DNS Server key name for use when updating zone --dns-key-alg {...} DNS Server key algorithm for use when updating zone --name NAME name to differentiate between multiple instances inside same dns zone, defaults to current hostname --network NETWORK network to fetch container names from, defaults to docker default bridge, can be used multiple times --verbose, -v give more output - option is additive, and can be used up to 3 times --syslog [SYSLOG] enable logging to syslog, defaults to "/dev/log", you can provide path to unix socket or uri: <tcp|udp|unix>://<path_or_host>[:<port>] --clear-on-exit clear zone on exit
只有在安装了python-daemon3包之后, --daemonize选项才可用。
示例 named.conf 带密钥验证的区域配置:
include "/etc/bind/docker.key"; zone "docker" in { type master; file "/var/bind/dyn/docker.zone"; allow-update { key "docker-key"; }; };
docker.key 可由以下项生成:
rndc-confgen -a -c docker.key -k docker-key
然后:
echo'my base64 key secret'| docker-hostdns --dns-key-name docker-key --dns-key-secret -