So I am hoping y’all can help me because this is such a helpful community but I fear this may not be an LXD issue.
My setup is as follows:
Kubuntu 19.04 host
Several LXC’s running Ubuntu 18.04
These containers have various webservers
I use one container to run HAProxy
I forward all http traffic to host onto the HAProxy container which then forwards onto the other respective containers
My public IP is tracked via ddclient & google domains
A week or so ago I install PiHole on the host. PiHole operates a DNS so it obviously modifies how Ubuntu resolves DNS searches (I think it screws with systemd-resolved)
This proved to be problematic so I uninstalled PiHole and thereafter the host could not resolve any domain names. I then attempted to restore the host to its default dns practice. When I I did this I was able to resolve domain names but could no longer reach my containers via domain names. Further, clients in the WAN and LAN (other than host) cannot reach the web servers in those containers. The host can reach them via IP address.
So what am I missing? Did PiHole screw up LXD as well? I cant figure this out.
So I found a solution (so far, at least) to the “uninstalling PiHole screws up everything DNS related” issue.
Basically, unless you remove dhcpcd5 when you remove PiHole, dhcpcd5 will interfere with network manager. So I removed dhcpcd5 and so far, so good. Cheers.
I tried Pihole in a LXD container and it worked well. I would think that it is a good option to install there as long as the container is using macvlan or more appropriately a bridge.
Another option would be to get a Android box, replace the OS with Ubuntu, and install PiHole there. In that way you will have a server at 24/7 with minimal power consumption. This would set you back about 30€. I suggest S905W.
Yeah I am a big fan of PiHole but to install on a production-level client is pure insanity at this point. I will never do that again.
I have also had success running PiHole in a LXD container with macvlan but, unfortunately, this makes it unavailable to the host or other containers. I wish I could get it working in lxdbr0 put I could never figure out how to force the host - Ubuntu 18.04, 18.10, 19.04, etc - to pass on all dns inquiries to the LXD container. This is very sad because really it would be the perfect solution to someone that wants to maximize the utility of an always on, production level host on a SOHO LAN.
For me it is a no-no to install software on the LXD host. If you use bridged networking (not lxdbr0) for the PiHole container, then the container should be accessible by all.
But in production, it makes sense to put PiHole on a separate computer, with UPS and all.
While testing PiHole, installing and uninstalling in a container, I was surprised by the uninstall process. It would ask you to selectively uninstall base packages and if you are not carefull, you can mess up the system.
If you have more information on how to utilize a bridge (non-lxdbr0) I’d love to hear it. I assume the host would no longer have access internet access though, correct?
Yeah the uninstall process is sketchy. I played it safe and I did not uninstall any of the base packages and that was actually what caused the problem
I’ve utilizing the article you posted - and the article within describing how to create a bridge - and have run into a problem. Every time I create the bridge per the instructions I lose internet access on the host. Have you ever run across this issue?
