[lxc-users] How to check DNS records of containers

Adil Baig simplyadilb at gmail.com
Wed Jun 28 16:12:40 UTC 2017 

I actually don't have a separate dnsmasq instance running on the host. It's
just the one that lxd manages. (DNS from inside the containers do work, but
that's not my concern)

I realised forwarding queries to the lxd dnsmasq does work, ex:

dig @10.0.1.1 +short devop-tools.lxd
10.0.1.66

But just `dig +short devop-tools.lxd` doesn't. Which means the queries are
not being forwarded to the lxds dnsmasq. I have added a nameserver entry to
/etc/resolv.conf, but that hasn't helped.

# Dynamic resolv.conf(5) file for glibc resolver(3) generated by
resolvconf(8)
#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
nameserver 87.117.198.200
nameserver 87.117.237.100
nameserver 87.117.196.200
nameserver 10.0.1.1

Also, from what I've read /etc/resolv.conf this will get overridden on
reboot, so this isn't a solution that will survive a reboot. Any ideas?



On Wed, Jun 28, 2017 at 7:19 PM, Fajar A. Nugraha <list at fajar.net> wrote:

> On Wed, Jun 28, 2017 at 6:34 PM, Adil Baig <simplyadilb at gmail.com> wrote:
>
>> This hasn't worked for me.
>>
>> lxc network show lxdbr0
>> description: ""
>> config:
>>   dns.domain: lxd
>>   dns.mode: managed
>>   ipv4.address: 10.0.1.1/24
>>   ipv4.dhcp.ranges: 10.0.1.2-10.0.1.254
>>   ipv4.nat: "true"
>>   ipv6.address: none
>>   raw.dnsmasq: conf-file=/home/ubuntu/stockopedia-lxd-dnsmasq.conf
>>
>
> why is raw.dsnmasq here?
> while it might not be the cause of your non-working system, best to start
> with known-good configuration first.
>
> I did steps 1.2 and 5. The rest were already in place (lxc version 2.14).
>> I killed dnsmasq
>>
>
> Again, the one doing resolving on the host. Not the one started by lxd to
> manage lxdbr0.
>
> To be more accurate:
> - lxd's dnsmasq should already provide DNS resolving for containers (e.g.
> "ping devop-tools.lxd" should work from inside any of your containers, as
> long as devop-tools is using DHCP).
> - using dnsmasq as DNS resolver on the host as well would simplify the
> configuration. However it should work with any DNS server (e.g. bind) as
> long as you tell it to "forward all queries for .lxd domain to lxd's
> dnsmasq".
>
>
>
>> and restarted lxd service (sudo service lxd restart) .
>>
>>
> That should not be necessary
>
>  ping devop-tools.lxd
>> ping: unknown host devop-tools.lxd
>>
>>
> Does it work from another container? If not, you need to fix that first.
>
> Does "dig" work when you tell it to use lxdbr0's IP as nameserver? e.g.
> "dig devop-tools.lxd @10.0.1.1"
>
> Do you get these entries when restarting the host's dnsmasq? If not, you
> probably edit the wrong file in step (5)
> # systemctl restart dnsmasq
> # systemctl status dnsmasq
> ...
> Jun 28 20:43:29 ip-172-31-0-128 dnsmasq[92746]: using nameserver
> 10.0.3.1#53 for domain lxd
>
> Does your host's /etc/resolv.conf now points to localhost? It should,
> since dnsmasq would make it so. If not, you need to fix that.
>
> --
> Fajar
>
> _______________________________________________
> lxc-users mailing list
> lxc-users at lists.linuxcontainers.org
> http://lists.linuxcontainers.org/listinfo/lxc-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxcontainers.org/pipermail/lxc-users/attachments/20170628/3111b46a/attachment.html>

More information about the lxc-users mailing list