b83f87156de75c4138f800be8e328a936003ef6d
compute/docker.md
| ... | ... | @@ -50,3 +50,15 @@ Look at the network config from a container's namespace |
| 50 | 50 | # nsenter -t $(docker inspect --format '{{.State.Pid}}' <containerid>) -n ip {addr|route|...} |
| 51 | 51 | ``` |
| 52 | 52 | or run bash instead of ip to get a shell in the namespace. |
| 53 | + |
|
| 54 | +# Known Issues |
|
| 55 | + |
|
| 56 | +### DNS failing in containers |
|
| 57 | + |
|
| 58 | +I don't know why, but sometimes (just sometimes) dockerd has problems creating iptables rules for the in-daemon resolver. |
|
| 59 | + |
|
| 60 | +Check that 127.0.0.11 is listed in the container's resolv.conf as it should be, then check: |
|
| 61 | +`nsenter -n -t $(docker inspect --format {{.State.Pid}} <container>) iptables -t nat -nvL` |
|
| 62 | +There should be two DNAT and two SNAT rules for port 53 (upd & tcp). If they're missing, you'll need to restart containerd to make it work. |
|
| 63 | + |
|
| 64 | +This only affects newly started containers - if DNS works at container-boot but fails later, it's something else. |
cook/rice.md
| ... | ... | @@ -21,3 +21,7 @@ Serves 1. Scale accordingly. |
| 21 | 21 | 15. 15 minutes after you turned the heat down, turn the heat off. |
| 22 | 22 | 16. After 10 minutes, it's good to go. |
| 23 | 23 | 17. Fluff with a fork, serve. |
| 24 | + |
|
| 25 | +OR |
|
| 26 | + |
|
| 27 | +Get a non-bargain-basement rice cooker. They're good. |