The following pull request was submitted through Github. It can be accessed and reviewed at: https://github.com/lxc/lxd/pull/7015
This e-mail was sent by the LXC bot, direct replies will not reach the author unless they happen to be subscribed to this list. === Description (from pull-request) === This allows the local system to resolvie all running lxd containers, using the (by default) .lxd domain. This will work only if the local system is using systemd-resolved for DNS. Signed-off-by: Dan Streetman <ddstr...@canonical.com>
From c8b262da42a7e53efbe8c828a83548d7646a44be Mon Sep 17 00:00:00 2001 From: Dan Streetman <ddstr...@canonical.com> Date: Fri, 6 Mar 2020 11:10:11 +0100 Subject: [PATCH] lxd/network/network: tell systemd-resolved we can resolve .lxd This allows the local system to resolve all running lxd containers, using the (by default) .lxd domain. This will work only if the local system is using systemd-resolved for DNS. Signed-off-by: Dan Streetman <ddstr...@canonical.com> --- lxd/network/network.go | 32 +++++++++++++++++++++++++++++--- 1 file changed, 29 insertions(+), 3 deletions(-) diff --git a/lxd/network/network.go b/lxd/network/network.go index 3510bec05a..de6461847f 100644 --- a/lxd/network/network.go +++ b/lxd/network/network.go @@ -415,6 +415,7 @@ func (n *Network) setup(oldConfig map[string]string) error { } // Configure IPv4 + ipv4addr := "" if !shared.StringInSlice(n.config["ipv4.address"], []string{"", "none"}) { // Parse the subnet ip, subnet, err := net.ParseCIDR(n.config["ipv4.address"]) @@ -422,8 +423,10 @@ func (n *Network) setup(oldConfig map[string]string) error { return err } + ipv4addr = ip.String() + // Update the dnsmasq config - dnsmasqCmd = append(dnsmasqCmd, fmt.Sprintf("--listen-address=%s", ip.String())) + dnsmasqCmd = append(dnsmasqCmd, fmt.Sprintf("--listen-address=%s", ipv4addr)) if n.HasDHCPv4() { if !shared.StringInSlice("--dhcp-no-override", dnsmasqCmd) { dnsmasqCmd = append(dnsmasqCmd, []string{"--dhcp-no-override", "--dhcp-authoritative", fmt.Sprintf("--dhcp-leasefile=%s", shared.VarPath("networks", n.name, "dnsmasq.leases")), fmt.Sprintf("--dhcp-hostsfile=%s", shared.VarPath("networks", n.name, "dnsmasq.hosts"))}...) @@ -520,6 +523,7 @@ func (n *Network) setup(oldConfig map[string]string) error { } // Configure IPv6 + ipv6addr := "" if !shared.StringInSlice(n.config["ipv6.address"], []string{"", "none"}) { // Enable IPv6 for the subnet err := util.SysctlSet(fmt.Sprintf("net/ipv6/conf/%s/disable_ipv6", n.name), "0") @@ -533,8 +537,10 @@ func (n *Network) setup(oldConfig map[string]string) error { return err } + ipv6addr = ip.String() + // Update the dnsmasq config - dnsmasqCmd = append(dnsmasqCmd, []string{fmt.Sprintf("--listen-address=%s", ip.String()), "--enable-ra"}...) + dnsmasqCmd = append(dnsmasqCmd, []string{fmt.Sprintf("--listen-address=%s", ipv6addr), "--enable-ra"}...) if n.HasDHCPv6() { if n.config["ipv6.firewall"] == "" || shared.IsTrue(n.config["ipv6.firewall"]) { // Setup basic iptables overrides for DHCP/DNS @@ -926,7 +932,7 @@ func (n *Network) setup(oldConfig map[string]string) error { } // Configure dnsmasq - if n.config["bridge.mode"] == "fan" || !shared.StringInSlice(n.config["ipv4.address"], []string{"", "none"}) || !shared.StringInSlice(n.config["ipv6.address"], []string{"", "none"}) { + if n.config["bridge.mode"] == "fan" || ipv4addr != "" || ipv6addr != "" { // Setup the dnsmasq domain dnsDomain := n.config["dns.domain"] if dnsDomain == "" { @@ -1019,6 +1025,26 @@ func (n *Network) setup(oldConfig map[string]string) error { return err } } + + // Tell systemd-resolved we can resolve for dnsDomain + if n.config["dns.mode"] != "none" && (ipv4addr != "" || ipv6addr != "") { + // newer systemd uses 'resolvectl' instead of 'systemd-resolve', + // which has different usage, but systemd-resolve with the older usage + // is still supported everywhere, for now + resolveCmd := "systemd-resolve" + resolveArgs := []string{"--interface", n.name} + + resolveArgs = append(resolveArgs, []string{"--set-domain", fmt.Sprintf("~%s", dnsDomain)}...) + if ipv4addr != "" { + resolveArgs = append(resolveArgs, []string{"--set-dns", ipv4addr}...) + } + if ipv6addr != "" { + resolveArgs = append(resolveArgs, []string{"--set-dns", ipv6addr}...) + } + + // ignore error, maybe resolved isn't running/used...? + shared.RunCommand(resolveCmd, resolveArgs...) + } } else { // Clean up old dnsmasq config if exists and we are not starting dnsmasq. leasesPath := shared.VarPath("networks", n.name, "dnsmasq.leases")
_______________________________________________ lxc-devel mailing list lxc-devel@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-devel