To which LXC host my container belongs to?

jairusan · July 6, 2017, 6:40am

I logged into my container, however, I would like to know in which host I am running? for example, host server LXC name or IP is it doable?

Thank you in advance.

Sincerely,

simos · July 6, 2017, 1:07pm

You can get the IP address of the host, which is the IP address of the host’s lxdbr0 network interface.
For example,

ubuntu@c1:~$ ip route show default 0.0.0.0/0
default via 10.0.85.1 dev eth0 
ubuntu@c1:~$

I think you cannot get the host’s IP address of the other network interfaces. Even if you use mtr 8.8.8.8 from inside the container, it will not show the other network interfaces of the host.
However, you can scan from inside a container for ranges of IP addresses, and this can reveal which one is the host. For example,

root@c1:~# ping 192.168.5.12
PING 192.168.5.12 (192.168.5.12) 56(84) bytes of data.
64 bytes from 192.168.5.12: icmp_seq=1 ttl=64 time=0.055 ms
64 bytes from 192.168.5.12: icmp_seq=2 ttl=64 time=0.073 ms
64 bytes from 192.168.5.12: icmp_seq=3 ttl=64 time=0.080 ms

Such small response time would indicate that this is the IP address of the host. If you look into this much more than I do, I would be interested if you can find out the iptables command that would make the host not to respond to ICMPs coming from the container.

You mention host server LXC name. I do not think there is such a hostname. It is the containers that have hostnames, and you can get the full list of the leases (on the host) at /var/lib/lxd/networks/lxdbr0/dnsmasq.leases

stgraber · July 6, 2017, 3:25pm

The goal of system containers is to give the illusion of a separate system, minimizing the amount of information leakage between the host and container, so unless your host happens to be the default gateway of your container (as @simos showed), it’s going to be pretty difficult to find it and that’s a good thing.

You can certainly detect that you run inside a container and look at the host’s hardware specifications from within the container, but that’s about the extent of the information you’ll get from the host.

Anything else would have to be voluntarily shared by the host, typically through shared directories so that host and container can share additional information.

jairusan · February 24, 2018, 12:29pm

Really appreciate the help from both of you, LXC/LXD was completely new to me. I am now running it for testing in a couple of testing labs.

Thank you!