Updating /etc/hosts for an enclave
Your enclave application may use /etc/hosts to map hostnames to IP addresses.
This page explains how to configure /etc/hosts when using the Anjuna Nitro Runtime.
For containers running outside an enclave,
/etc/hosts is managed by the container runtime,
so you can use features like
docker run --add-host
or Docker Compose extra_hosts
to configure /etc/hosts.
When using the Anjuna Nitro Runtime,
/etc/hosts is created at runtime rather than build time.
You should configure /etc/hosts by modifying the container application’s ENTRYPOINT or CMD.
You can change the Dockerfile directly, or use the enclave configuration file.
-
Dockerfile
-
Enclave configuration file
If you control the Dockerfile,
you can update /etc/hosts from the ENTRYPOINT.
This will affect the container itself,
and you will not need to use docker run --add-host or similar configuration at runtime.
The following example uses echo and shell redirection to append 127.0.0.1 example.localhost to the /etc/hosts file:
# Dockerfile
ENTRYPOINT ["/bin/sh", "-c" , "echo '127.0.0.1 example.localhost' >> /etc/hosts && exec <original entrypoint>" ]You can also use the Anjuna enclave configuration file to override the container’s ENTRYPOINT.
Updating the enclave configuration only affects the resulting enclave,
so you would still need to use docker run --add-host when running the unprotected container.
The following example uses echo and shell redirection to append 127.0.0.1 example.localhost to the /etc/hosts file:
# enclave-config.yaml
version: 1.8
entrypoint: ["/bin/sh", "-c" , "echo '127.0.0.1 example.localhost' >> /etc/hosts && exec <original entrypoint>" ]For more complex hostname-to-IP mapping, you can also configure your enclave to use a DNS server. Since the Anjuna Nitro Network Proxy transparently enables network connectivity, no additional Anjuna configuration should be needed.