CentOS 8, Docker, and DNS

I recently did some home lab upgrades which happened to also include migrating from Ubuntu 18.04 LTS to my preferred CentOS. Due to it being my lab, I decided to give the new CentOS 8 a run, it's been more than a year since it's come out so things should have stabilized by now.

I quickly ran into issues with all my Docker containers not having DNS resolution for some reason. My compose file is old but reliable and had never caused issues before. Manually setting DNS entries for the containers didn't resolve the issue either.

About an hour or two later, I'm going through the REHL/CentOS 8 release notes, and find this tidbit:

nftables replaces iptables as the default network packet filtering framework

While seemingly not a fascinating change, I adjusted my search queries and bam--Docker has yet to fully support nftables [*]. A quick config change later and DNS resolution starting working!

# /etc/firewalld/firewalld.conf
FirewallBackend=iptables

# systemctl restart docker

Of note, putting the docker0 interface into the trusted zone should also work, however I had no such luck.

firewall-cmd --permanent --zone=trusted --add-interface=docker0

Lesson learned--read release notes once in a while!