For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Docker to BIG-IP: Map container names to DNS

Problem this snippet solves:

The associated iRule is used in the DevCentral article:

https://devcentral.f5.com/articles/connecting-docker-to-big-ip

This will intercept DNS requests and return an IP address based on a name from a data group.

How to use this snippet:

Attach to LTM virtual that is the GTM listener (53).

Code :

when DNS_REQUEST {
        set lower_name [string tolower [DNS::question name]]
        if { $lower_name ends_with ".container.f5demo.com" } {
            set container [getfield $lower_name "." 1]
             #log local0. "container $container"
             set node_addr [class match -value $container equals dg_docker_container]
             if {$node_addr ne "" }
                {
                set node_ip  [getfield $node_addr ":" 1]
                DNS::answer insert "[DNS::question name]. 30 [DNS::question class] [DNS::question type] $node_ip"

        # Stop further processing of the query after this iRule and send the answer to the client
       DNS::return
               } else {
                DNS::answer clear
                DNS::header rcode NXDOMAIN
                DNS::return
               }
        }
}
Published Sep 01, 2015
Version 1.0
devops
No CommentsBe the first to comment