Well In fact, my solution made my DNS resolution quite fucked up. Every 'apt update' freezes at 0% for 30 sec.
Even with Gregory's solution, adding auth-zone and dns-loop-detect in lxc network config, I've got the same issue. However, it does not seem to eat my cpu. Le 18/04/2017 à 02:12, Gregory Lutostanski a écrit : > Norbento, indeed you are not crazy! I have seen the same thing here. > On my laptop I did the nm-applet setup to setup dns on lxdbr0, and > then saw cpu usage spike to 100% due to a loop about dnsmasq asking > the network-manager dns server and back around forever... > > the way I fixed this was by adding these two config options to lxd's > dnsmasq: > auth-zone=lxd > dns-loop-detect > > http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html for what > those do. > > $ lxc network edit lxdbr0 > > looks like... > config: > ipv4.address: 10.216.134.1/24 <http://10.216.134.1/24> > ipv4.nat: "true" > ipv6.address: none > ipv6.nat: "true" > raw.dnsmasq: | > auth-zone=lxd > dns-loop-detect > name: lxdbr0 > type: bridge > > No more 100% cpu usage any more! > > The workaround I was using until I figured it out was... > https://bugs.launchpad.net/ubuntu/+source/lxd/+bug/1571967/comments/13 > -- but that only works for ssh, not for http and other stuff > > Hope you can confirm that this works for you too. > > On Mon, Apr 17, 2017 at 6:23 PM, Norberto Bensa > <nbensa+lxcus...@gmail.com <mailto:nbensa+lxcus...@gmail.com>> wrote: > > That used to work, but from 17.04 (on the desktop editions, both > ubuntu and kubuntu) adding the ip of the bridge to /etc/resolv.conf > makes systemd-resolved and dnsmasq eat my cpu. > > 2017-04-17 12:16 GMT-03:00 Matlink <matl...@matlink.fr > <mailto:matl...@matlink.fr>>: > > For me, simply adding the lxc bridge IP address to DNS resolvers > made me > > able to resolve *.lxd domains from the host machine. > > -- > > Matlink > > > > Le 17 avril 2017 13:42:36 GMT+02:00, Simos Xenitellis > > <simos.li...@googlemail.com <mailto:simos.li...@googlemail.com>> > a écrit : > >> > >> On Thu, Apr 13, 2017 at 10:49 PM, Norberto Bensa > >> <nbensa+lxcus...@gmail.com > <mailto:nbensa%2blxcus...@gmail.com>> wrote: > >>> > >>> Hello Simos, > >>> > >>> 2017-04-13 10:44 GMT-03:00 Simos Xenitellis > >>> <simos.li...@googlemail.com <mailto:simos.li...@googlemail.com>>: > >>>> > >>>> I got stuck with this issue (Ubuntu Desktop with > NetworkManager) and > >>>> wrote about it at > >>>> > >>>> > > https://www.mail-archive.com/lxc-users@lists.linuxcontainers.org/msg07060.html > > <https://www.mail-archive.com/lxc-users@lists.linuxcontainers.org/msg07060.html> > >>> > >>> > >>> For me, that doesn't work anymore with 17.04 > >>> > >>> I tried a lot of configuration options with dnsmasq, > network-manager, > >>> and systemd-resolved with Ubuntu and Kubuntu (real hardware and > >>> virtualized with kvm). > >> > >> > >> > >> If you installed additional packages or changed configuration > options, > >> you might have changed something that alters the default behaviour. > >> > >> 1. On Ubuntu Desktop, NetworkManager handles the networking > configuration. > >> You should be able to do "ps aux | grep dnsmasq" and see at > least one > >> "dnsmasq" process, > >> the one from NetworkManager. > >> For me, it is: > >> " 3653 ? S 0:00 /usr/sbin/dnsmasq --no-resolv > >> --keep-in-foreground --no-hosts --bind-interfaces > >> --pid-file=/var/run/NetworkManager/dnsmasq.pid > >> --listen-address=127.0.1.1 --cache-size=0 --conf-file=/dev/null > >> --proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq > >> --conf-dir=/etc/NetworkManager/dnsmasq.d" > >> > >> What is yours? > >> > >> 2. NetworkManager uses dnsmasq as a caching nameserver, and it > does so > >> by configuring /etc/resolv.conf with: > >> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by > >> resolvconf(8) > >> # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE > OVERWRITTEN > >> nameserver 127.0.1.1 > >> > >> Can you verify that you have exactly the same? > >> > >> 3. Then, LXD should have it's own "dnsmasq" process (as a DHCP > server > >> and caching nameserver). > >> This dnsmasq process binds on a specific private IP address, > which you > >> can find with, for example, > >> > >> ifconfig lxdbr0 > >> > >> In my case, it is 10.0.125.1. I have an LXD container called > >> "mycontainer", therefore I can run > >> > >> $ host mycontainer.lxd 10.0.125.1 > >> Using domain server: > >> Name: 10.0.185.1 > >> Address: 10.0.185.1#53 > >> Aliases: > >> > >> mycontainer.lxd has address 10.0.125.18 > >> mycontainer.lxd has IPv6 address > fd42:aacb:3658:4ca6:216:3e4f:fcd9:35e1 > >> $ _ > >> > >> Do you get such a result? If not, perhaps you have the wrong IP > address. > >> Also, if you ran "lxd init" several times, you might have lingering > >> "dnsmasq" process > >> that bind on port 53 on lxdbr0. Would need to reboot here. > >> > >> If you can get up to this point, then the rest is really easy. > >> > >> Simos > >> ________________________________ > >> > >> lxc-users mailing list > >> lxc-users@lists.linuxcontainers.org > <mailto:lxc-users@lists.linuxcontainers.org> > >> http://lists.linuxcontainers.org/listinfo/lxc-users > <http://lists.linuxcontainers.org/listinfo/lxc-users> > > > > > > _______________________________________________ > > lxc-users mailing list > > lxc-users@lists.linuxcontainers.org > <mailto:lxc-users@lists.linuxcontainers.org> > > http://lists.linuxcontainers.org/listinfo/lxc-users > <http://lists.linuxcontainers.org/listinfo/lxc-users> > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > <mailto:lxc-users@lists.linuxcontainers.org> > http://lists.linuxcontainers.org/listinfo/lxc-users > <http://lists.linuxcontainers.org/listinfo/lxc-users> > > > > > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users
signature.asc
Description: OpenPGP digital signature
_______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
