Starting Questions and Cannot make Container

LXD
1

Hi All,

Very new to LXD. Planning on playing around with LXD to set up several containerized services on my home server. I have questions regarding the lxd init, as I don’t entirely understand the parameters after researching my questions. It also always fails when trying to make a new container.

-Do you want to configure a new storage pool?
Is this asking me if I want to create a new partition? I have a location set up on my ZFS pool for this that I can point it to.

-Would you like to use clustering?
Not sure what this means in the functional sense so I presume NO. I do want several individual containerized services, but I don’t think this requires clustering

-Would you like to create a network bridge?
Once again unsure, so I used the default of ‘yes’ as I will want access to these services over the web, but this causes a failure before the container is created.

The init always fails, with either no unused IPV6 address being found - or if IPV6 disabled IPV4 fails over with failed to create listening socket for 10.192.104.1 . I found some info on this error and ran sudo netstat -lnp | grep ":53 ". This however doesn’t seem to chow anything blocking dnsmasq…

tcp 0 0 192.168.0.20:53 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN -
tcp6 0 0 :::53 :::* LISTEN -
udp 0 0 192.168.0.20:53 0.0.0.0:* -
udp 0 0 127.0.0.1:53 0.0.0.0:* -
udp 36096 0 127.0.0.53:53 0.0.0.0:* -
udp6 0 0 :::53 :::* -

I’m sorry if this has already been answered but I’m not having much luck at this point… If there are any commands I can run to further help troubleshoot please let me know.

2

Hi!

It does not ask you to create a new partition. LXD does not and cannot create partitions.
If you already have a storage pool, then you select No to this question. Then, you will be prompted to type the name of the existing storage pool.

LXD clustering is when you have three or more LXD servers that have a shared configuration database,

If your multiple LXD installations are independent from each other, then you do not need clustering.

The network bridge it says here, is a private network bridge, and has the default name lxdbr0.
This type of network bridge is a nice default, and puts the newly created containers on that private network bridge. In addition, LXD sets up a DHCP/DNS server using dnsmasq that only binds on the lxdbr0 network interface. By default, your containers get a private IP address from a randomly created subnet 10.x.y.[2-254]. Also, if mycontainer is your container name, then your container can be accessed by the hostname mycontainer.lxd. A container can access other containers using these hostnames.

You can get more info from this network configuration with the lxc network commands.

lxc network list shows the network interfaces of the host, including those that are managed by LXD (i.e. lxdbr0).

lxc network list-leases shows the DHCP network leases of your LXD containers.

Note that you can easily pick and choose how to configure the network of a container when you first create it, or even after you have created it. By using LXD profiles. Let’s see how to do this,

lxc profile list shows the available LXD profiles. It should show default, which is a default LXD profile to set your containers to use the lxdbr0 private bridge.

You can also create a blank LXD profile with no network configuration, and then lxc launch --profile mynewprofile ubuntu:18.04 mycontainer1 to create such a container.

If you have an existing container, you can assign a different profile and then restart the container. For example, lxc profile assign myoldcontainer mynewprofile, then lxc restart myoldcontainer.

Having said all that, what could be the problem in your case where your container cannot get an IP address?
I suspect you have another local DNS server on your computer, and that DNS server binds to all interfaces including lxdbr0. Therefore, LXD’s DNS server for lxdbr0 cannot start and cannot autoconfigure the containers.

Normally, dnsmasq-base on Ubuntu binds only to localhost, therefore it would not interfere with LXD’s dnsmasq. However, if you installed dnsmasq on the host, then it probably it binding to all interfaces.

Run the following command, post the output here and it will show whether you have this problem.

$ sudo lsof -i -n | grep domain
3

The following it the output of the aforementioned command:

systemd-r  1464 systemd-resolve   12u  IPv4  18198      0t0  UDP 127.0.0.53:domain 
systemd-r  1464 systemd-resolve   13u  IPv4  18199      0t0  TCP 127.0.0.53:domain (LISTEN)
named      1750            bind   21u  IPv6  26916      0t0  TCP *:domain (LISTEN)
named      1750            bind   22u  IPv4  26920      0t0  TCP 127.0.0.1:domain (LISTEN)
named      1750            bind   25u  IPv4   4857      0t0  TCP 192.168.0.20:domain (LISTEN)
named      1750            bind  512u  IPv6  26915      0t0  UDP *:domain 
named      1750            bind  513u  IPv6  26915      0t0  UDP *:domain 
named      1750            bind  514u  IPv6  26915      0t0  UDP *:domain 
named      1750            bind  515u  IPv6  26915      0t0  UDP *:domain 
named      1750            bind  516u  IPv6  26915      0t0  UDP *:domain 
named      1750            bind  517u  IPv6  26915      0t0  UDP *:domain 
named      1750            bind  518u  IPv6  26915      0t0  UDP *:domain 
named      1750            bind  519u  IPv6  26915      0t0  UDP *:domain 
named      1750            bind  520u  IPv6  26915      0t0  UDP *:domain 
named      1750            bind  521u  IPv6  26915      0t0  UDP *:domain 
named      1750            bind  522u  IPv6  26915      0t0  UDP *:domain 
named      1750            bind  523u  IPv4  26919      0t0  UDP 127.0.0.1:domain 
named      1750            bind  524u  IPv4  26919      0t0  UDP 127.0.0.1:domain 
named      1750            bind  525u  IPv4  26919      0t0  UDP 127.0.0.1:domain 
named      1750            bind  526u  IPv4  26919      0t0  UDP 127.0.0.1:domain 
named      1750            bind  527u  IPv4  26919      0t0  UDP 127.0.0.1:domain 
named      1750            bind  528u  IPv4  26919      0t0  UDP 127.0.0.1:domain 
named      1750            bind  529u  IPv4  26919      0t0  UDP 127.0.0.1:domain 
named      1750            bind  530u  IPv4  26919      0t0  UDP 127.0.0.1:domain 
named      1750            bind  531u  IPv4  26919      0t0  UDP 127.0.0.1:domain 
named      1750            bind  532u  IPv4  26919      0t0  UDP 127.0.0.1:domain 
named      1750            bind  533u  IPv4  26919      0t0  UDP 127.0.0.1:domain 
named      1750            bind  534u  IPv4   4856      0t0  UDP 192.168.0.20:domain 
named      1750            bind  535u  IPv4   4856      0t0  UDP 192.168.0.20:domain 
named      1750            bind  536u  IPv4   4856      0t0  UDP 192.168.0.20:domain 
named      1750            bind  537u  IPv4   4856      0t0  UDP 192.168.0.20:domain 
named      1750            bind  538u  IPv4   4856      0t0  UDP 192.168.0.20:domain 
named      1750            bind  539u  IPv4   4856      0t0  UDP 192.168.0.20:domain 
named      1750            bind  540u  IPv4   4856      0t0  UDP 192.168.0.20:domain 
named      1750            bind  541u  IPv4   4856      0t0  UDP 192.168.0.20:domain 
named      1750            bind  542u  IPv4   4856      0t0  UDP 192.168.0.20:domain 
named      1750            bind  543u  IPv4   4856      0t0  UDP 192.168.0.20:domain 
named      1750            bind  544u  IPv4   4856      0t0  UDP 192.168.0.20:domain

I personally don’t see dnsmasq binding any of the ranges, but I only know what I’ve learned heuristically…

4

I see you have installed a DNS server called BIND (BIND 9 - ISC).
This DNS server binds (no pun intended) by default to all network interfaces, as shown with the * in the following.

This means that when the LXD service starts, it cannot set up its own DNS server called dnsmasq.

What you need to do, is configure BIND not to bind (to ignore) the lxdbr0 network interface.
See some hints on how to do that, at

5

Sorry for the delay in responding.

This information led me to believe that the instruction to pass to the CLI is sudo dnsmasq --except-interface=lxdbr0. This however fails to create a listening socket for port 53, as the address is already in use (what the error message says). Is this the wrong command to use to clear the bind on the lxdbr0 interface?