Docker swarm on AWS - swarm services cannot access internet

Question

I've create a docker swarm ( Docker version 17.03.1-ce ) of one manager and 2 workers. All swarm nodes can "ping stackoverflow.com" but inside the swarm service containers I can "ping 8.8.8.8" and not "ping stackoverflow.com", they can not resolve the domain name.

on the manager I have in /usr/sbin/dhclient-script

search eu-central-1.compute.internal
nameserver 10.0.0.2

and on one of the containers I have in /usr/sbin/dhclient-script

search eu-central-1.compute.internal
nameserver 127.0.0.11
options ndots:0

Docker networks:

$ docker network ls

NETWORK ID          NAME                DRIVER              SCOPE
ID                  bridge              bridge              local
ID                  docker_gwbridge     bridge              local
ID                  host                host                local
ID                  ingress             overlay             swarm
ID                  my_overlay          overlay             swarm
ID                  none                null                local

I start the docker service this way:

docker service create \
    --name myservice \
    --replicas 1 \
    --endpoint-mode dnsrr \
    --network my_overlay \
    --constraint 'node.role == manager' \
    --env COOKIE='SRV insert indirect nocache maxidle 30m maxlife 8h' \
    --env VIRTUAL_HOST='myservice' \
    --env SERVICE_PORTS='8080' \
myservice_image

AWS VPC and security groups are configured correctly I think, since ec2 instances can reach external domain names, and can be reached externally too. Why can't myservice resolve for example stackoverflow.com ?

Answer 1

It seems that the problem is solved.

I habe to add "dns": ["8.8.8.8","8.8.4.4"] to /etc/docker/daemon.json .

I tried to do the same in /etc/default/docker, it didn't work, I guess that's the old way.