Is it ok to point the Docker host OS to the Rancher DNS server?


I have an ELK stack running within Rancher and I want to send Docker container (also managed by rancher) logs using the Docker log drivers. I configured logstash to receive syslog events and exposed a port in the ELK container. On the container, where I want to send the logs from, I configured the syslog-address=tcp://host:port and enabled it.

Now the issue I have is that the ELK stack hostname is not available from the Docker host OS because the logging driver is not aware of the container internal dns server.

I created a workaround by pointing the Docker host OS namespace server to and then use ElkStack_elk_1 as syslog-address…

Is it ok and safe to do so or is there an alternative and better approach to achieve this?



Any thoughts on this question?

This doesn’t seem like a great idea, though it sounds like it mostly works for you. I could see issues like something wanting DNS answers before the container is up on a reboot…

Ok thx Vincent. Do you know which DNS server is used by the internal Rancher DNS to resolve external domains?

Whatever is configured in Docker, which defaults to what is configured on the host, or Google (

Ok, this could explain some UnknownHostExceptions. The host is configured to use the internal Rancher DNS server. Which probably means that I am into some kind of loop when resolving domain names… :slight_smile:

I think I need to find another solution…