Thanks for looking into this.
My setup is a 7-host cluster with fan networking.
I have 6 containers and 10 VMs deployed on this cluster. In case it matters, the containers are ubuntu:18.04 images, and the VMs are split between images:ubuntu/18.04 and images:ubuntu/19.10.
akriadmin@c4akri01:~/scripts$ lxc cluster list
+------------+---------------------------+----------+--------+-------------------+--------------+
| NAME | URL | DATABASE | STATE | MESSAGE | ARCHITECTURE |
+------------+---------------------------+----------+--------+-------------------+--------------+
| c4akri01 | https://10.30.30.204:8443 | YES | ONLINE | fully operational | x86_64 |
+------------+---------------------------+----------+--------+-------------------+--------------+
| c4akri02 | https://10.30.30.197:8443 | YES | ONLINE | fully operational | x86_64 |
+------------+---------------------------+----------+--------+-------------------+--------------+
| c4akri03 | https://10.30.30.215:8443 | YES | ONLINE | fully operational | x86_64 |
+------------+---------------------------+----------+--------+-------------------+--------------+
| c4akri04 | https://10.30.30.205:8443 | NO | ONLINE | fully operational | x86_64 |
+------------+---------------------------+----------+--------+-------------------+--------------+
| c4astore01 | https://10.30.30.221:8443 | NO | ONLINE | fully operational | x86_64 |
+------------+---------------------------+----------+--------+-------------------+--------------+
| c4astore02 | https://10.30.30.222:8443 | NO | ONLINE | fully operational | x86_64 |
+------------+---------------------------+----------+--------+-------------------+--------------+
| c4astore03 | https://10.30.30.223:8443 | NO | ONLINE | fully operational | x86_64 |
+------------+---------------------------+----------+--------+-------------------+--------------+
forkdns and dnsmasq are running on all of the hosts (run-physical-hosts.sh is a wrapper script that ssh’s into each host and runs a command):
akriadmin@c4akri01:~/scripts$ ./run-physical-hosts.sh "ps aux | egrep '(forkdns | dnsmasq)'"
[c4akri01]:
akriadm+ 26364 0.0 0.0 11596 3108 pts/0 S+ 16:04 0:00 /bin/bash ./run-physical-hosts.sh ps aux | egrep '(forkdns | dnsmasq)'
akriadm+ 26366 0.0 0.0 46844 5792 pts/0 S+ 16:04 0:00 ssh c4akri01 ps aux | egrep '(forkdns | dnsmasq)'
akriadm+ 26450 0.0 0.0 11592 3196 ? Ss 16:04 0:00 bash -c ps aux | egrep '(forkdns | dnsmasq)'
akriadm+ 26452 0.0 0.0 13136 1004 ? S 16:04 0:00 grep -E (forkdns | dnsmasq)
lxd 36494 0.0 0.0 49984 3692 ? Ss 04:59 0:00 dnsmasq --keep-in-foreground --strict-order --bind-interfaces --except-interface=lo --no-ping --interface=lxdfan0 --quiet-dhcp --quiet-dhcp6 --quiet-ra --listen-address=240.204.0.1 --dhcp-no-override --dhcp-authoritative --dhcp-leasefile=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.leases --dhcp-hostsfile=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.hosts --dhcp-range 240.204.0.2,240.204.0.254,1h -s lxd -S /lxd/240.204.0.1#1053 --rev-server=240.0.0.0/8,240.204.0.1#1053 --conf-file=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.raw -u lxd
root 36495 0.0 0.0 2019848 35412 ? Ssl 04:59 0:08 /snap/lxd/current/bin/lxd forkdns 240.204.0.1:1053 lxd lxdfan0
[c4akri02]:
akriadm+ 10373 0.0 0.0 11592 3196 ? Ss 16:04 0:00 bash -c ps aux | egrep '(forkdns | dnsmasq)'
akriadm+ 10375 0.0 0.0 13136 1044 ? S 16:04 0:00 grep -E (forkdns | dnsmasq)
lxd 39993 0.0 0.0 49984 3708 ? Ss 02:27 0:00 dnsmasq --keep-in-foreground --strict-order --bind-interfaces --except-interface=lo --no-ping --interface=lxdfan0 --quiet-dhcp --quiet-dhcp6 --quiet-ra --listen-address=240.197.0.1 --dhcp-no-override --dhcp-authoritative --dhcp-leasefile=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.leases --dhcp-hostsfile=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.hosts --dhcp-range 240.197.0.2,240.197.0.254,1h -s lxd -S /lxd/240.197.0.1#1053 --rev-server=240.0.0.0/8,240.197.0.1#1053 --conf-file=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.raw -u lxd
root 39994 0.0 0.0 2209028 34172 ? Ssl 02:27 0:11 /snap/lxd/current/bin/lxd forkdns 240.197.0.1:1053 lxd lxdfan0
[c4akri03]:
lxd 5018 0.0 0.0 49984 3536 ? Ss 00:34 0:00 dnsmasq --keep-in-foreground --strict-order --bind-interfaces --except-interface=lo --no-ping --interface=lxdfan0 --quiet-dhcp --quiet-dhcp6 --quiet-ra --listen-address=240.215.0.1 --dhcp-no-override --dhcp-authoritative --dhcp-leasefile=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.leases --dhcp-hostsfile=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.hosts --dhcp-range 240.215.0.2,240.215.0.254,1h -s lxd -S /lxd/240.215.0.1#1053 --rev-server=240.0.0.0/8,240.215.0.1#1053 --conf-file=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.raw -u lxd
root 5019 0.0 0.0 2085896 33520 ? Ssl 00:34 0:13 /snap/lxd/current/bin/lxd forkdns 240.215.0.1:1053 lxd lxdfan0
akriadm+ 35439 0.0 0.0 11592 2984 ? Ss 16:04 0:00 bash -c ps aux | egrep '(forkdns | dnsmasq)'
akriadm+ 35441 0.0 0.0 13136 1000 ? S 16:04 0:00 grep -E (forkdns | dnsmasq)
[c4akri04]:
akriadm+ 23152 0.0 0.0 11592 3184 ? Ss 16:04 0:00 bash -c ps aux | egrep '(forkdns | dnsmasq)'
akriadm+ 23154 0.0 0.0 13136 1036 ? S 16:04 0:00 grep -E (forkdns | dnsmasq)
lxd 38010 0.0 0.0 49984 3596 ? Ss Mar30 0:00 dnsmasq --keep-in-foreground --strict-order --bind-interfaces --except-interface=lo --no-ping --interface=lxdfan0 --quiet-dhcp --quiet-dhcp6 --quiet-ra --listen-address=240.205.0.1 --dhcp-no-override --dhcp-authoritative --dhcp-leasefile=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.leases --dhcp-hostsfile=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.hosts --dhcp-range 240.205.0.2,240.205.0.254,1h -s lxd -S /lxd/240.205.0.1#1053 --rev-server=240.0.0.0/8,240.205.0.1#1053 --conf-file=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.raw -u lxd
root 38011 0.0 0.0 2152008 34932 ? Ssl Mar30 0:14 /snap/lxd/current/bin/lxd forkdns 240.205.0.1:1053 lxd lxdfan0
[c4astore01]:
lxd 8342 0.0 0.0 49984 3552 ? Ss Mar30 0:00 dnsmasq --keep-in-foreground --strict-order --bind-interfaces --except-interface=lo --no-ping --interface=lxdfan0 --quiet-dhcp --quiet-dhcp6 --quiet-ra --listen-address=240.221.0.1 --dhcp-no-override --dhcp-authoritative --dhcp-leasefile=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.leases --dhcp-hostsfile=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.hosts --dhcp-range 240.221.0.2,240.221.0.254,1h -s lxd -S /lxd/240.221.0.1#1053 --rev-server=240.0.0.0/8,240.221.0.1#1053 --conf-file=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.raw -u lxd
root 8343 0.0 0.1 1921784 34308 ? Ssl Mar30 0:12 /snap/lxd/current/bin/lxd forkdns 240.221.0.1:1053 lxd lxdfan0
akriadm+ 13900 0.0 0.0 11592 3156 ? Ss 16:04 0:00 bash -c ps aux | egrep '(forkdns | dnsmasq)'
akriadm+ 13902 0.0 0.0 13136 1104 ? S 16:04 0:00 grep -E (forkdns | dnsmasq)
[c4astore02]:
akriadm+ 21060 0.0 0.0 11592 3256 ? Ss 16:04 0:00 bash -c ps aux | egrep '(forkdns | dnsmasq)'
akriadm+ 21062 0.0 0.0 13136 1008 ? S 16:04 0:00 grep -E (forkdns | dnsmasq)
lxd 31602 0.0 0.0 49984 3696 ? Ss Mar30 0:00 dnsmasq --keep-in-foreground --strict-order --bind-interfaces --except-interface=lo --no-ping --interface=lxdfan0 --quiet-dhcp --quiet-dhcp6 --quiet-ra --listen-address=240.222.0.1 --dhcp-no-override --dhcp-authoritative --dhcp-leasefile=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.leases --dhcp-hostsfile=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.hosts --dhcp-range 240.222.0.2,240.222.0.254,1h -s lxd -S /lxd/240.222.0.1#1053 --rev-server=240.0.0.0/8,240.222.0.1#1053 --conf-file=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.raw -u lxd
root 31603 0.0 0.0 1371340 30020 ? Ssl Mar30 0:08 /snap/lxd/current/bin/lxd forkdns 240.222.0.1:1053 lxd lxdfan0
[c4astore03]:
lxd 5908 0.0 0.0 49984 3528 ? Ss Mar30 0:00 dnsmasq --keep-in-foreground --strict-order --bind-interfaces --except-interface=lo --no-ping --interface=lxdfan0 --quiet-dhcp --quiet-dhcp6 --quiet-ra --listen-address=240.223.0.1 --dhcp-no-override --dhcp-authoritative --dhcp-leasefile=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.leases --dhcp-hostsfile=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.hosts --dhcp-range 240.223.0.2,240.223.0.254,1h -s lxd -S /lxd/240.223.0.1#1053 --rev-server=240.0.0.0/8,240.223.0.1#1053 --conf-file=/var/snap/lxd/common/lxd/networks/lxdfan0/dnsmasq.raw -u lxd
root 5909 0.0 0.0 1436620 32092 ? Ssl Mar30 0:10 /snap/lxd/current/bin/lxd forkdns 240.223.0.1:1053 lxd lxdfan0
akriadm+ 11131 0.0 0.0 11592 3120 ? Ss 16:04 0:00 bash -c ps aux | egrep '(forkdns | dnsmasq)'
akriadm+ 11133 0.0 0.0 13136 1084 ? S 16:04 0:00 grep -E (forkdns | dnsmasq)
To illustrate the DNS resolution issue, the following shows nslookup responses for local and remote containers and VMs from one of the container instances (ctrlr running on host c4akri01, and assigned an IP address of 240.204.0.186):
- k8s-master1 is a local container instance
- k8s-worker1 is a local VM instance
- k8s-lb is a remote container running on a different host (c4akri04)
- k8s-worker4 is a remote VM instance
ubuntu@ctrlr:~$ nslookup k8s-master1
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: k8s-master1.lxd
Address: 240.204.0.82
ubuntu@ctrlr:~$ nslookup k8s-worker1
Server: 127.0.0.53
Address: 127.0.0.53#53
** server can't find k8s-worker1: SERVFAIL
ubuntu@ctrlr:~$ nslookup k8s-lb
Server: 127.0.0.53
Address: 127.0.0.53#53
Non-authoritative answer:
Name: k8s-lb.lxd
Address: 240.205.0.177
** server can't find k8s-lb.lxd: NXDOMAIN
ubuntu@ctrlr:~$ nslookup k8s-worker4
Server: 127.0.0.53
Address: 127.0.0.53#53
** server can't find k8s-worker4: SERVFAIL
ubuntu@ctrlr:~$