DNS for LXC containers

networking
lxd

(Dragan Espenschied) #1

Hello everybody,

I am working on getting name resolution for individual LXC containers working on Ubuntu 16.04. My goal is to have solid-unicorn.lxc (or .lxd) resolve to the container's IP address, from the host and other containers.

While I managed go get this working on Ubuntu 14.04 with dnsmasq and LXC 1.0.7, the same tricks don't seem to work with LXC/LXD version 2.13. I see lots of tutorials around on how to achieve this (for instance this nice one), but they all seem for versions different from what is available in the repos.

I am willing to install another version than the repo one of course if that helps, or move to another distro, or even use network-manager on the server if that makes things easier :slight_smile: But I am missing a guide on how to proceed and what makes sense.

If anybody could help I'd greatly appreciate it.

My best,
Dragan


DNS entry for the host in bridge network?
(Stéphane Graber) #2

Is it a desktop or server system? Where to hook things up changes quite a bit depending on whether dnsmasq or another resolver is used on the system and whether systemd-resolved is in the mix too.

That's why we've not published any guide about this, the answer is usually "it depends"...


(Dragan Espenschied) #3

Stéphane, thanks for your reply!

It is a server with the only function to run LXC containers and expose web services, and for outside users to ssh into containers some times.

I would set the server up in any way that is the easiest to maintain. I could use dnsmasq or network-manager or resolved, no preference here. Of course the best would be if name resolving setup would survive a future update of LXD :slight_smile: But in general I am very flexible.

I had a great experience with LXC 1.0.7 already, running a dozen isolated environments on a single machine, and would love to continue using it with the latest version.


Ubuntu 18.04 infinite Loop dnsmasq systemd-resolved
#4
  1. If your host is desktop Ubuntu, then it uses NetworkManager, which means you add a file like

     $ cat /etc/NetworkManager/dnsmasq.d/lxd
     server=/lxd/10.0.185.1
     server=/1.185.0.10.in-addr.arpa/10.0.185.1
    

    The IP 10.0.185.1 is the IP address that the LXD dnsmasq is listening on.

  2. If your host is Ubuntu server, then you need to install dnsmasq, and then configure your server’s dnsmasq to consult LXD’s dnsmasq (like before) for the IP range of your containers.
    The location to put the configuration file is

    $ cat /etc/dnsmasq.d-available/lxd
    # Tell any system-wide dnsmasq instance to make sure to bind to interfaces
    # instead of listening on 0.0.0.0
    # WARNING: changes to this file will get lost if lxd is removed.
    server=/lxd/10.0.185.1
    bind-interfaces
    except-interface=lxdbr0
    

    and then link that file to /etc/dnsmasq.d/lxd


What's the deal with /etc/default/lxd-bridge.upgraded
(Tadeusz Łazurski) #5

Thanks simos!

In case anyone is looking to automate dnsmasq based setup - here is my take on it: https://discuss.linuxcontainers.org/t/whats-the-deal-with-etc-default-lxd-bridge-upgraded/330/3


Help - How to enable DNS container name resolution using systemd-networkd and systemd-resolved
(Dragan Espenschied) #6

Dear Simos, thank you so much, your solution did the trick. :+1: