Might be worth mentioning to check the status of your DNS in Health Check

Question

Might be worth mentioning to check the status of your DNS in Health Check

ericblade opened this issue 5 months ago · comments

URL to the Wiki page

https://github.com/qdm12/gluetun-wiki/blob/main/faq/healthcheck.md

What's missing?

After spending a couple of hours poking at the Health Check page, and not really having any love with getting my container fixed, I happened to notice that DNS resolution was not working in any containers. A recent upgrade to my docker had caused my custom DNS settings to disappear, which caused DNS resolution to fail, which ... the only obvious thing blowing up was that my gluetun container kept failing healthcheck with cryptic errors.

Since no other containers were outwardly failing, the only thing I had to go on was that gluetun wasn't able to get to anything. Dropping into a terminal, I was able to use the gluetun container to reach things by IP but not by DNS... so.. yeah. Might be a tip worthy of passing on.

Quentin McGaw · Answer 1 · Mon Jul 08 2024 17:21:45 GMT+0800 (China Standard Time)

Were you not using the built-in DNS over TLS (Unbound) in Gluetun?

Eric Blade · Answer 2 · Tue Jul 23 2024 14:40:08 GMT+0800 (China Standard Time)

I don't have anything specifically configured. DNS does not work in any of my containers unless I specify a dns server setting in the docker config. Gluetun is the only piece of my stack that actually needs outbound DNS to function, though, as everything else mostly just talks internally using the built in network host names.

Since Gluetun was just continuously telling me to look at the healthcheck page, and the healthcheck page doesn't say anything about DNS, I thought I'd recommend adding something along the lines of "Check to make sure that DNS resolution inside the container actually works", since it's an easily overlookable problem that could fix the healthcheck.

Quentin McGaw · Answer 3 · Tue Jul 30 2024 05:14:29 GMT+0800 (China Standard Time)

I doubt this was the problem. Gluetun uses Unbound (for now) which goes through the tunnel. Even if, for example, your host or router would block DNS traffic, Gluetun's DNS would still work fine.

Eric Blade · Answer 4 · Tue Jul 30 2024 14:07:34 GMT+0800 (China Standard Time)

100% if I remove the dns setting in my docker config, none of my containers, including gluetun, can access DNS, and the gluetun healthcheck fails. And none of the advice in the wiki page helps because the problem is completely external to gluetun.

As to why it works that way, I don't know, I configure the DNS in my docker config, then all my containers work correctly. Perhaps it is something to do with running in WSL? I don't know. Just making a suggestion for a way to improve the docs, in that when I got name resolution working in docker, then the health check started working, so maybe it would be something to test for, that might save someone else from going through a couple of hours checking everything in the Wiki and being frustrated.