Setting up DNS for all containers, and publishing records for containers on local DNS server

Aloha,

I am running LXD on three servers on my home network, both using a network bridge on the host to connect containers to my local network, so that they appear on my network as their own. I’m using my ISP-provided router for the moment, planning on replacing it due to it’s poor performance and lack of customization.

1- How could I change how DNS settings are announced to containers? I’d be interested to know what kind of network manager is used on the base Debian cloud-init image, and how the DNS configuration is received by the containers, in order to change it in favor of a local DNS server running on the host. By default, containers are using the home router as their DNS provider ( 192.168.1.1), which I’d like to change to a local DNS server, preferably all at once.

2- What would be the best way to automatically add DNS records for all instances? I own a few domains that I use to reach my services, but for local networking I’m dependent of my home router’s (poor) mDNS service (especially new containers or IP changes are very slowly detected by the router). It may take up to a few hours for my newly created container to be reachable via it’s hostname on my local network. Instead, I would rather have all my containers be automatically added to a local DNS server, or otherwise broadcasted, so that they are immediately and always accessible via their hostname or a canonical subdomain “URN” of the form <instance>.<host>.net.example.org or <instance>.<host>.net.example.local. If a container’s IP were to change, or a new container be created, changes should be applied to the network as fast as possible. As the cherry on the cake, if I could allow a few of those containers to be directly reachable via IPv6 on their URN from the Internet, that would be quite appreciable (albeit doing so would have it’s own security concerns).

1 Like

avahi is use for for this as it uses multicast to announce hostnames…

What I do for all my LXD instances is create a /etc/avahi/service/ssh.service file.

<service-group>
<name replace-wildcards="yes">%h</name>
<service><type>_ssh._tcp</type><port>22</port></service>
</service-group>

Than on any MDNS compliant machine I can refer to the machine as .local.

2 Likes

Thanks !

However, I’d also like to get rid of any reliance on my crappy router for DNS/mDNS, and instead use a local DNS server for all containers.

Regarding my second question, I’ve seen that LXD has a built-in DNS server to manage a configurable network zone (see: https://linuxcontainers.org/lxd/docs/master/howto/network_zones/).

@Shouryuu Orabuntu-LXC github project creates a local LXC-containerized dynamic DNS/DHCP. You could just run Orabuntu-LXC up to the point where it has created the dynamic DNS/DHCP and then terminate after the DNS/DHCP has been setup, or just cherry pick from the scripts to take what you need and create manually. Orabuntu-LXC supports setting the name and ip address range of the DNS/DHCP in the CONFIG.LXD. Currently the DNS/DHCP is built on an Ubuntu 22.04 Jammy Jellyfish LXC container. I use this solution to provide dns/dhcp service for LXD clusters. The solution is intended to be used with an openvswitch network that overlays your local physical network, which Orabuntu-LXC also creates automatically, but you can modify to use your local physical network instead.

Also I should add that LXD team have done alot of work adding support for OVN which is more tightly integrated into LXD than the, if you will, “vanilla” openvswitch implementation Orabuntu-LXC uses, so that might also be another route to explore - using the OVN capabilities of LXD which may have some DNS/DHCP capabilities of it’s own.

2 Likes