Thank you for the help Tycho. This makes the behaviour clear for me. Regards Genco.
On Thu, Jun 11, 2015 at 12:11 AM, Tycho Andersen < tycho.ander...@canonical.com> wrote: > On Thu, Jun 11, 2015 at 12:07:21AM +0200, Genco Yilmaz wrote: > > On Wed, Jun 10, 2015 at 11:06 PM, Tycho Andersen < > > tycho.ander...@canonical.com> wrote: > > > > > On Wed, Jun 10, 2015 at 09:22:10PM +0200, Genco Yilmaz wrote: > > > > Hi, > > > > I have been playing with containers for a few days only and > deployed > > > > several to test some networking features. I have searched on the net > to > > > get > > > > an answer but couldn't find any post/page yet. Issue is that I set > up a > > > > small LAB > > > > containers of which has no internet access. If I need to install an > > > > application e.g apache2 > > > > I attach to the container like; > > > > > > > > #lxc-attach -n container1 > > > > container1#apt-get install apache2 > > > > > > > > but for this to work, I add a veth peer to let the container access > > > outside > > > > network (This isn't something I prefer to do as I need to isolate > these > > > > containers) > > > > > > Why not just run an apt mirror on the isolated network? > > > > > > > I wonder if there is any way to install this app from the master > host i.e > > > > by using master > > > > host's network space but install the app on the container something > like > > > > this imaginary command; > > > > > > > > #*lxc-run* -n container -c "apt-get install apache2" > > > > > > > > i.e pulling the application from repository on the master space but > > > pushing > > > > it onto the container. > > > > > > > > There is lxc-execute, lxc-attach but they all run inside container's > > > space > > > > which doesn't work for me. > > > > > > You might like the -s option to lxc-attach. > > > > > > Tycho > > > > > > > Thanks, > > > > > > > > Genco. > > > > > > > > Hi Tycho, > > Thanks for the reply. I have tried this one now. Apparently I didn't > > notice this option:) but there seems to be an issue with name resolution. > > Not sure what I am doing wrong though but although I am not attaching to > > container's network namespace, > > system still checks the resolv.conf file inside the container instead of > > host's resolv.conf. As you can see, > > if I add the nameserver to container resolv.conf, name resolution works. > Is > > this expected or there is a missing/incorrect option in my command? > > This is expected, because you're using the container's mount > namespace, and thus the tools look at the container's > /etc/resolv.conf. > > Tycho > > > or is > > it because of the MOUNT namespace. Because of this name resolution issue, > > apt-get also fails > > > > > > > > root@vhost3:~# lsb_release -a > > No LSB modules are available. > > Distributor ID: Ubuntu > > Description: Ubuntu 14.04.2 LTS > > Release: 14.04 > > Codename: trusty > > > > root@vhost3:~# ping archive.ubuntu.com -c 1 > > PING archive.ubuntu.com (91.189.91.15) 56(84) bytes of data. > > 64 bytes from likho.canonical.com (91.189.91.15): icmp_seq=1 ttl=51 > > time=81.6 ms > > > > --- archive.ubuntu.com ping statistics --- > > 1 packets transmitted, 1 received, 0% packet loss, time 0ms > > rtt min/avg/max/mdev = 81.607/81.607/81.607/0.000 ms > > > > root@vhost3:~# lxc-attach -n LAB1016-co -e -s 'UTSNAME|MOUNT|PID|IPC' -- > > ping archive.ubuntu.com -c 1 > > ping: unknown host archive.ubuntu.com > > > > root@vhost3:~# lxc-attach -n LAB1016-co -e -s 'UTSNAME|MOUNT|PID|IPC' -- > > ping 91.189.91.15 -c 1 > > PING 91.189.91.15 (91.189.91.15) 56(84) bytes of data. > > 64 bytes from 91.189.91.15: icmp_seq=1 ttl=51 time=80.7 ms > > > > --- 91.189.91.15 ping statistics --- > > 1 packets transmitted, 1 received, 0% packet loss, time 0ms > > rtt min/avg/max/mdev = 80.739/80.739/80.739/0.000 ms > > > > root@vhost3:~# cat /etc/resolv.conf > > # Dynamic resolv.conf(5) file for glibc resolver(3) generated by > > resolvconf(8) > > # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN > > nameserver 8.8.8.8 > > search example.com > > > > root@vhost3:~# lxc-attach -n LAB1016-co > > root@LAB1016-co:~# echo "nameserver 8.8.8.8" >> /etc/resolv.conf > > root@LAB1016-co:~# exit > > exit > > root@vhost3:~# lxc-attach -n LAB1016-co -e -s 'UTSNAME|MOUNT|PID|IPC' -- > > ping archive.ubuntu.com -c 1 > > PING archive.ubuntu.com (91.189.91.14) 56(84) bytes of data. > > 64 bytes from orobas.canonical.com (91.189.91.14): icmp_seq=1 ttl=52 > > time=87.2 ms > > > > --- archive.ubuntu.com ping statistics --- > > 1 packets transmitted, 1 received, 0% packet loss, time 0ms > > rtt min/avg/max/mdev = 87.250/87.250/87.250/0.000 ms > > > _______________________________________________ > > lxc-users mailing list > > lxc-users@lists.linuxcontainers.org > > http://lists.linuxcontainers.org/listinfo/lxc-users > > _______________________________________________ > lxc-users mailing list > lxc-users@lists.linuxcontainers.org > http://lists.linuxcontainers.org/listinfo/lxc-users >
_______________________________________________ lxc-users mailing list lxc-users@lists.linuxcontainers.org http://lists.linuxcontainers.org/listinfo/lxc-users
