<div dir="ltr"><div><div><div><div>Norbento, indeed you are not crazy! I have seen the same thing here.<br>On my laptop I did the nm-applet setup to setup dns on lxdbr0, and then saw cpu usage spike to 100% due to a loop about dnsmasq asking the network-manager dns server and back around forever...<br><br></div>the way I fixed this was by adding these two config options to lxd's dnsmasq:<br>auth-zone=lxd<br>dns-loop-detect<br><br><a href="http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html">http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html</a> for what those do.<br><br>$ lxc network edit lxdbr0<br><br></div><div>looks like...<br>config:<br> ipv4.address: <a href="http://10.216.134.1/24">10.216.134.1/24</a><br> ipv4.nat: "true"<br> ipv6.address: none<br> ipv6.nat: "true"<br> raw.dnsmasq: |<br> auth-zone=lxd<br> dns-loop-detect<br>name: lxdbr0<br>type: bridge<br><br></div>No more 100% cpu usage any more!<br><br></div>The workaround I was using until I figured it out was...
<a href="https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1571967/comments/13">https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1571967/comments/13</a>
-- but that only works for ssh, not for http and other stuff<br><br>Hope you can confirm that this works for you too.<br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Apr 17, 2017 at 6:23 PM, Norberto Bensa <span dir="ltr"><<a href="mailto:nbensa+lxcusers@gmail.com" target="_blank">nbensa+lxcusers@gmail.com</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">That used to work, but from 17.04 (on the desktop editions, both<br>
ubuntu and kubuntu) adding the ip of the bridge to /etc/resolv.conf<br>
makes systemd-resolved and dnsmasq eat my cpu.<br>
<div><div class="h5"><br>
2017-04-17 12:16 GMT-03:00 Matlink <<a href="mailto:matlink@matlink.fr">matlink@matlink.fr</a>>:<br>
> For me, simply adding the lxc bridge IP address to DNS resolvers made me<br>
> able to resolve *.lxd domains from the host machine.<br>
> --<br>
> Matlink<br>
><br>
> Le 17 avril 2017 13:42:36 GMT+02:00, Simos Xenitellis<br>
> <<a href="mailto:simos.lists@googlemail.com">simos.lists@googlemail.com</a>> a écrit :<br>
>><br>
>> On Thu, Apr 13, 2017 at 10:49 PM, Norberto Bensa<br>
>> <<a href="mailto:nbensa%2Blxcusers@gmail.com">nbensa+lxcusers@gmail.com</a>> wrote:<br>
>>><br>
>>> Hello Simos,<br>
>>><br>
>>> 2017-04-13 10:44 GMT-03:00 Simos Xenitellis<br>
>>> <<a href="mailto:simos.lists@googlemail.com">simos.lists@googlemail.com</a>>:<br>
>>>><br>
>>>> I got stuck with this issue (Ubuntu Desktop with NetworkManager) and<br>
>>>> wrote about it at<br>
>>>><br>
>>>> <a href="https://www.mail-archive.com/lxc-users@lists.linuxcontainers.org/msg07060.html" rel="noreferrer" target="_blank">https://www.mail-archive.com/<wbr>lxc-users@lists.<wbr>linuxcontainers.org/msg07060.<wbr>html</a><br>
>>><br>
>>><br>
>>> For me, that doesn't work anymore with 17.04<br>
>>><br>
>>> I tried a lot of configuration options with dnsmasq, network-manager,<br>
>>> and systemd-resolved with Ubuntu and Kubuntu (real hardware and<br>
>>> virtualized with kvm).<br>
>><br>
>><br>
>><br>
>> If you installed additional packages or changed configuration options,<br>
>> you might have changed something that alters the default behaviour.<br>
>><br>
>> 1. On Ubuntu Desktop, NetworkManager handles the networking configuration.<br>
>> You should be able to do "ps aux | grep dnsmasq" and see at least one<br>
>> "dnsmasq" process,<br>
>> the one from NetworkManager.<br>
>> For me, it is:<br>
>> " 3653 ? S 0:00 /usr/sbin/dnsmasq --no-resolv<br>
>> --keep-in-foreground --no-hosts --bind-interfaces<br>
>> --pid-file=/var/run/<wbr>NetworkManager/dnsmasq.pid<br>
>> --listen-address=127.0.1.1 --cache-size=0 --conf-file=/dev/null<br>
>> --proxy-dnssec --enable-dbus=org.freedesktop.<wbr>NetworkManager.dnsmasq<br>
>> --conf-dir=/etc/<wbr>NetworkManager/dnsmasq.d"<br>
>><br>
>> What is yours?<br>
>><br>
>> 2. NetworkManager uses dnsmasq as a caching nameserver, and it does so<br>
>> by configuring /etc/resolv.conf with:<br>
>> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by<br>
>> resolvconf(8)<br>
>> # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN<br>
>> nameserver 127.0.1.1<br>
>><br>
>> Can you verify that you have exactly the same?<br>
>><br>
>> 3. Then, LXD should have it's own "dnsmasq" process (as a DHCP server<br>
>> and caching nameserver).<br>
>> This dnsmasq process binds on a specific private IP address, which you<br>
>> can find with, for example,<br>
>><br>
>> ifconfig lxdbr0<br>
>><br>
>> In my case, it is 10.0.125.1. I have an LXD container called<br>
>> "mycontainer", therefore I can run<br>
>><br>
>> $ host mycontainer.lxd 10.0.125.1<br>
>> Using domain server:<br>
>> Name: 10.0.185.1<br>
>> Address: 10.0.185.1#53<br>
>> Aliases:<br>
>><br>
>> mycontainer.lxd has address 10.0.125.18<br>
>> mycontainer.lxd has IPv6 address fd42:aacb:3658:4ca6:216:3e4f:<wbr>fcd9:35e1<br>
>> $ _<br>
>><br>
>> Do you get such a result? If not, perhaps you have the wrong IP address.<br>
>> Also, if you ran "lxd init" several times, you might have lingering<br>
>> "dnsmasq" process<br>
>> that bind on port 53 on lxdbr0. Would need to reboot here.<br>
>><br>
>> If you can get up to this point, then the rest is really easy.<br>
>><br>
>> Simos<br>
>> ______________________________<wbr>__<br>
>><br>
>> lxc-users mailing list<br>
>> <a href="mailto:lxc-users@lists.linuxcontainers.org">lxc-users@lists.<wbr>linuxcontainers.org</a><br>
>> <a href="http://lists.linuxcontainers.org/listinfo/lxc-users" rel="noreferrer" target="_blank">http://lists.linuxcontainers.<wbr>org/listinfo/lxc-users</a><br>
><br>
><br>
</div></div>> ______________________________<wbr>_________________<br>
<span class="">> lxc-users mailing list<br>
> <a href="mailto:lxc-users@lists.linuxcontainers.org">lxc-users@lists.<wbr>linuxcontainers.org</a><br>
> <a href="http://lists.linuxcontainers.org/listinfo/lxc-users" rel="noreferrer" target="_blank">http://lists.linuxcontainers.<wbr>org/listinfo/lxc-users</a><br>
</span>______________________________<wbr>_________________<br>
<div class="HOEnZb"><div class="h5">lxc-users mailing list<br>
<a href="mailto:lxc-users@lists.linuxcontainers.org">lxc-users@lists.<wbr>linuxcontainers.org</a><br>
<a href="http://lists.linuxcontainers.org/listinfo/lxc-users" rel="noreferrer" target="_blank">http://lists.linuxcontainers.<wbr>org/listinfo/lxc-users</a></div></div></blockquote></div><br></div>