Last updated May 2026.
This guide covers auto-generating DNS from Docker and Proxmox labels. The configurations and settings below are sourced from real developer setups shared in the community to give you the exact insights that work right now.
Managing local DNS records manually is a tedious anti-pattern. It breaks infrastructure automation. Dnsweaver is a modern, lightweight utility that completely eliminates this problem. It dynamically generates DNS records based on Docker, Kubernetes, and Proxmox container labels. Simply add a standard label to a docker-compose.yml, and Dnsweaver immediately broadcasts the route to the local network. This tutorial covers the installation process, the exact label syntax required, and how to integrate it securely with Pi-hole or AdGuard Home based on reported community setups.
What you need to know
Dnsweaver runs as a sidecar or a small daemon. It watches the container runtime API and pulls any label that matches a pattern defined in the configuration. For example, using dns.name=myapp.example.com tells the DNS server to add or remove the record when the container starts or stops. Because it talks to the same API already in use, there are no extra CLI steps.
The tool works with Docker Engine, the Kubernetes API, and Proxmox’s REST interface. It pushes updates to any server that accepts dynamic updates like BIND, PowerDNS, or Cloudflare.
Real tradeoffs
If containers are labeled properly, the extra step is invisible. If not, establishing that habit is required.
Dnsweaver adds a tiny network hop. It talks to the DNS server every time a container changes state. In a huge cluster that churns heavily, a few extra milliseconds of latency on DNS updates might occur. For most users, it is not noticeable.
The daemon is lightweight, but it must run somewhere that can reach both the container API and the DNS server. If it stops, automatic updates are lost until it is restarted.
Frequently Asked Questions
Q: Does Dnsweaver support wildcard certificates via Traefik?
A: Yes. Dnsweaver integrates with Traefik and Nginx Proxy Manager. It automatically routes subdomains while the reverse proxy handles the Let’s Encrypt certificates.
Q: Can Dnsweaver be used in a Kubernetes cluster alongside CoreDNS?
A: Yes. Developers configure Dnsweaver as a DaemonSet that watches pod labels and pushes new records to CoreDNS, eliminating the need for manual DNS entry management in the cluster.
Q: What happens to DNS records when a container is stopped or removed?
A: Dnsweaver listens to container lifecycle events. When a container stops, it automatically removes the corresponding DNS record, keeping the DNS server clean without any manual intervention.
Q: Is Dnsweaver compatible with Pi-hole as the DNS backend?
A: Yes. Pi-hole supports custom DNS entries via its local DNS records feature, and Dnsweaver can push updates to it directly, making the combination popular in homelab environments.