Tech Preview

SUSE Bind (DNS Server)

ISC BIND 9 container based on the SLE Base Container Image.

Get Image
Digest:
sha256:e9b0449432e83d6d99e5d3ddd12dc1be3dd66a168b947bb62164a0d903912d7c
e9b044943
Repository:
registry.suse.com/suse/bind:latest

SLE ISC BIND 9: BIND9 Application Container

Support LevelSLSA Provenance: Available

Description

BIND (Berkeley Internet Name Domain) is a suite of software for interacting with the Domain Name System (DNS). Its core component, named, serves as both an authoritative name server for DNS zones and a recursive resolver for network queries.

Usage

This container image provides the named daemon from SLE 15 SP6, including the default configuration that comes with the RPM package.

When no additional parameters are specified, the container entrypoint launches named in the foreground mode by default:

$ podman run --rm -d -p 53/udp registry.suse.com/suse/bind:9

Health Check

The container includes a health check script that performs a simple A-record lookup and verifies that a valid IPv4 address is returned.

Environment Variables

The container entrypoint accepts the following environment variables:

  • NAMED_CONF (default: /etc/named.conf): Path to the configuration file for named. See the upstream documentation for syntax details.

  • NAMED_CHECKCONF_BIN (default: /usr/bin/named-checkconf): Path to the configuration checker binary executed before launching named.

  • NAMED_CHECKCONF_ARGS (default: empty): Arguments passed to NAMED_CHECKCONF_BIN in the entrypoint.

  • ETC_RNDC_KEY (default: /etc/rndc.key): Location of the rndc configuration file. If not a symlink, it is moved to NEW_RNDC_KEY.

  • NEW_RNDC_KEY (default: /var/lib/named/rndc.key): Target location where ETC_RNDC_KEY is moved if it is not a symlink. If NEW_RNDC_KEY does not exist, it is generated using RNDC_BIN.

  • RNDC_BIN (default: /usr/sbin/rndc): Binary used to generate the rndc configuration file if it does not exist.

  • RNDC_KEYSIZE (default: 512): Key size passed to RNDC_BIN for generating the rndc configuration file.

Differences compared to the RPM Package

The container does not use systemd to manage named. Instead, named is launched directly by the container entrypoint in foreground mode, with logs output to stdout.

Moreover, environment variables from /etc/sysconfig/named are not sourced or used. You must set them explicitly using the container runtime, for example:

$ podman run --rm -d -e RNDC_KEYSIZE=1024 registry.suse.com/suse/bind:9

Additional Information

For more details on BIND and named, refer to the official documentation.

Licensing

SPDX-License-Identifier: MIT

This documentation and the build recipe are licensed as MIT. The container itself contains various software components under various open source licenses listed in the associated Software Bill of Materials (SBOM).

This image is a tech preview. Do not use it for production. Your feedback is welcome. Please report any issues to the SUSE Bugzilla.

  • Image Data

    Last Built: 15 May 18:58 UTC

    Compressed Size: 22.7 MB

    Uncompressed Size: 59.7 MB

    Support Level: Techpreview

    Supported until: 31 Dec 2025


  • Health Index
    A

    No vulnerabilities found

    Last Scan:

    about 7 hours ago