I am experimenting with Linux Containers, as I would like to run several web servers without the overhead of proper virtualization. I am using Oracle Linux 6.5 on both the host and the container. I never got static IP addresses to work, so I instead gave the container a fixed reservation from the DHCP server. It is now getting the desired IP address, and it's populating /etc/resolv.conf with the appropriate DNS servers. I am able to SSH into the container, and ping around the local network and the internet from the container, but by IP only. DNS lookups work on all clients on the network, and from the host, but not from the containers; To be clear: I can ping Google by IP address, but ping won't resolve the hostname if I try pinging google.com.
I do not have a local DNS (yet); That will come later when I install IdM/FreeIPA. Right now, the DHCP server is issuing 8.8.8.8 and 8.8.4.4 as the DNS servers, and that works on all of the network clients in the house EXCEPT the Linux Containers. There is talk in the Oracle manual about opening ports on the host... But the host itself is behaving appropriately, so I don't THINK that's the problem. I tried disabling the firewall inside the container, but that didn't magically fix anything. Naturally, I WILL want the firewall turned on when this goes into production ;) I'm having several other problems with LXC not being very stable; Occasionally, seemingly random commands and programs will stop working on either the host or the container without rhyme or reason until the system is rebooted (For example, once vi started giving segmentation faults on the host, but worked just fine in the container; Another time, ifconfig was spitting back "Illegal call" errors in the container, but worked fine on the host. Both times, the problem was solved by restarting the container). Because of this, I may end up giving up on the whole experiment and switch back to "normal" virtualization... But I would sure like to figure out what's wrong with my networking before I go that route... Much effort went into getting macvlan bridges working on the host, and I don't want to lose that if LXC DOES actually work... SO, what might be causing my DNS name lookups to fail inside the LXC container? _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
