Merge pull request #10018 from estesp/resolvconf-updater-bugfix

Properly handle containers which pre-date the resolv.conf update feature

daemon/container.go

@@ -1057,7 +1057,15 @@ func (container *Container) updateResolvConf(updatedResolvConf []byte, newResolv
 	//read the hash from the last time we wrote resolv.conf in the container
 	hashBytes, err := ioutil.ReadFile(resolvHashFile)
 	if err != nil {
-		return err
+		if !os.IsNotExist(err) {
+			return err
+		}
+		// backwards compat: if no hash file exists, this container pre-existed from
+		// a Docker daemon that didn't contain this update feature. Given we can't know
+		// if the user has modified the resolv.conf since container start time, safer
+		// to just never update the container's resolv.conf during it's lifetime which
+		// we can control by setting hashBytes to an empty string
+		hashBytes = []byte("")
 	}
 
 	//if the user has not modified the resolv.conf of the container since we wrote it last

docs/sources/articles/networking.md

@@ -201,6 +201,13 @@ If the options (`--dns` or `--dns-search`) have been used to modify the
 default host configuration, then the replacement with an updated host's
 `/etc/resolv.conf` will not happen as well.
 
+> **Note**:
+> For containers which were created prior to the implementation of
+> the `/etc/resolv.conf` update feature in Docker 1.5.0: those
+> containers will **not** receive updates when the host `resolv.conf`
+> file changes. Only containers created with Docker 1.5.0 and above
+> will utilize this auto-update feature.
+
 ## Communication between containers and the wider world
 
 <a name="the-world"></a>