Docker Compose Setup with ISC/Bind9 Image

Pablo Andalaft Tarodo pablo at heavenly.cl
Sun Dec 29 18:27:28 UTC 2024 

Hi all,


Thanks for taking the time. I've been spending many hours on this, to no 
solution. But, some things that may shine more light:

When the container is stuck restarting, the error, aside from exit code 
1, is "user 'bind' is not recognised" or something similar, and checking 
the container entrypoint "/usr/sbin/named -u bind -f -c 
/etc/bind/named.conf", it tries to use the user "bind" to start "named", 
but this user is present in the base image (checking /etc/passwd)...

For a long time I wasn't able to find other logs and I resorted to using 
a Dockerfile to see if I could control  more steps for the image, no help.

So I started off with what works, running a container directly from the 
image (doesn't get stuck restarting), and copying the files to it 
`docker container cp /config/named.conf 
<container_name>:/etc/bind/named.conf` etc., and finally exec'ing into 
the container's shell and launching `/usr/sbin/named -u bind -f -g -c 
/etc/bind/named.conf`, this showed me that there were some errors in the 
config (thanks for the -g heads up), that I could address.

However through docker compose, I still get the "named: user 'bind' 
unknown" error.


Regards,

Pablo


On 29/12/2024 10:11, Johannes Kastl wrote:
> Hi Pablo,
>
> On 27.12.24 21:17 Pablo wrote:
>
>> This is my docker-compose.yml (my start command has to be sudoed for
>> some reason, Debian 12 machine: sudo docker compose up -d):
> Guess: Your user is not part of the docker group?
>
> Side note: I avoid docker and use (rootless) podman instead, which can
> be used as a backend for docker compose.
>
>> services:
>> bind9:
>> image: internetsystemsconsortium/bind9:9.20
> For some reason the official container image logs to a file instead of
> stdout. It logs to /var/log/bind/default.log by default.
>
> You have mounted the log directory to /var/log/named instead:
>
>> volumes:
>>         - ./config:/etc/bind
>>         - ./cache:/var/cache/bind
>>         - ./zones:/var/lib/bind
>>         - ./log:/var/log/named
> Try changing that to /var/log/bind/. Then you should be able to check
> the log file for errors.
>
> Did you check the docker compose logs for your bind9 service?
>
> Kind Regards,
> Johannes
>

More information about the bind-users mailing list