Random DNS drops for a single container

heya :slight_smile: using incus to manage some service on my personal server, loving it.
I’ve been having a bit of a dns issue with some containers – so I’ve got a traefik app container (linking to the dockerhub image) in a managed network with all of my other containers. Traefik serves as the entrypoint for port 80/443, then dispatches stuff to the other containers through dns (e.g. http://foo.lxd). Works well enough.
Occasionally though, some container or other will have its dns disappear from traefik’s sight, for unexplainable reasons… this was the case as well before when I used haproxy in an ubuntu system container. Trying a ping just gives a hostname not found error, even though the container is still visible if I pull an “incus network show lxdbr0”. Other containers are fine when this happens. Restarting the container usually fixes this. (the one this is happening to right now is an nginx app container.)

I’m using dns.mode=managed and no other particular config on an ubuntu host OS – I was wondering if there was anything about this that would be amiss, or if there was a way to get more details on what could be going wrong? I’m not finding any leads at the moment since everything seems “right” from the host OS side.
All my containers have the host machine pointed to as a dns provider in their resolv.conf, it seems (in this case 10.2.162.1 for an lxdbr0 network whose ipv4.address = 10.2.162.1/24).

Thanks in advance!

An update with some more findings concerning this issue.

Having learned that incus, by default, uses dnsmasq under the hood, I’ve taken to monitoring the /var/lib/incus/networks/lxdbr0 folder.

if I take a look at the “dnsmasq.leases” file, I can see the following line:

1732496403 00:16:3e:87:1a:14 10.2.162.123 faulty-container *
1732495949 00:16:3e:9d:12:70 10.2.162.79 working-container 01:00:16:3e:9d:12:70

The (application) container whose dns drops over time seems to have a wildcard here. The other (system) containers have a proper MAC address instead.

Once the lease for the application container expires, it disappears from this file and never comes up online again, even though there is a faulty-container.eth0 file in the dnsmasq.hosts folder that contains the mac address of that application container (identical as shown by incus show faulty-container).

Is this an issue common to all application containers?

EDIT: Just realized this is already submitted as an issue and has been fixed last week (so a few days after I installed incus, haha). Thought I’d looked hard enough, but apparently didn’t. Thanks anyway!

1 Like