1

I have an Ubuntu 14.04.1 LTS server that's running LXC containers. The containers run Ubuntu 14.04.1 too. Network config of host is pretty standard, static IP, ISP's DNSes (IP1/IP2) plus google's :

$ cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

# The primary network interface
auto eth0
#iface eth0 inet dhcp

iface eth0 inet static
address 192.168.1.10
netmask 255.255.255.0
gateway 192.168.1.1
dns-nameservers <IP1> <IP2> 8.8.8.8

No firewalls used on the system.

Now, inside the containers, apt-get works intermittently. After restarting the host and starting the containers, it works fine. But after 'a while' (I haven't measured it) apt-get starts failing:

# apt-get update
Ign http://security.ubuntu.com trusty-security InRelease
Ign http://security.ubuntu.com trusty-security Release.gpg
Ign http://security.ubuntu.com trusty-security Release
Ign http://archive.ubuntu.com trusty InRelease

<...>

W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty-updates/universe/binary-i386/Packages  404  Not Found [IP: 91.189.92.201 80]

W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty-updates/multiverse/binary-i386/Packages  404  Not Found [IP: 91.189.92.201 80]

E: Some index files failed to download. They have been ignored, or old ones used instead.

The sources lists are default. Tried replacing them but made no difference. This happens to all containers. Nothing is changed when restarted. The strange thing is they can ping both IPs and hosts (so DNS probably works ok. Tried pinging google.com, ubuntu.com, archive.ubuntu.com, security.ubuntu.com, always success).

Container network config:

auto lo
iface lo inet loopback

auto eth0
iface eth0 inet dhcp

Regarding LXC config, I use the default for ubuntu, veth device and an lxcbr0 bridge for all containers. I'm very new to LXC so bear with me if I screwed up somewhere...

Any ideas are helpful. Let me know if more info is needed, I'll update the description :)

Thanks for your time

PS: I've already tried the standard "apt-get fails" remedies like this one with no success.

Community
  • 1
Chris
  • 29
  • I'm having a similar problem, but I'm not using static IPs. I tried purging LXC and the containers, and starting over, but that failed too. – EvilSupahFly Feb 23 '15 at 02:41
  • I'm still experiencing the problem... I keep updating the host OS, hoping it's some bug that will be fixed but no go. Someone helped me troubleshoot it a bit on ubuntuforums (http://ubuntuforums.org/showthread.php?t=2264832) but we couldn't solve it, and responses stopped so I'm back to square 1. :(

    let us know if you find a solution, and I'll do the same.

     – Chris Feb 23 '15 at 08:09
  • I fixed my issue today by purging the dnsmasq package from my system and just letting LXC handle everything. – EvilSupahFly Feb 23 '15 at 22:31
  • This is very good! Well done. Unfortunately, I don't have dnsmasq installed neither on the host or the containers, so it does not apply to me :(

    I'll keep looking/waiting. But, was your problem identical to mine? If yes I may need to re-check the dns settings on my containers.

     – Chris Feb 24 '15 at 09:02
  • My problem was almost exactly what you stated, except that I wasn't using static IPs. Evidently, dnsmasq was messing with the bridge settings, and I somehow had some extra bridges that weren't attached to anything. Once dnsmasq was purged, I restarted the networking services, and it was golden. – EvilSupahFly Feb 24 '15 at 19:54
  • I also solved some routing issues by setting static assignments for specific physical machines in my router, rather than setting the static IP in the host OS. Much simpler. – EvilSupahFly Feb 24 '15 at 19:56
  • So, after a few weeks the problem was "solved by itself". Well, probably some update of LXC did it, but I can't reproduce it anymore. Mixed fealings... happy it works, sad I can't mark Seann's answer as accepted. Thanks for all your efforts Seann! – Chris Apr 15 '15 at 07:41

1 Answers1

1

After a little more Google Surfing (because now I'm really curious about your problem!), I found This Post, describing a similar issue in which the accepted solution was to remove or comment out the gateway lines from the host config, leaving the guest configs on DHCP.

Also, verify your subnet settings because that's messed me up before (on Windows, mind you, but still...)

Community
  • 1
EvilSupahFly
  • 409
  • So, I've been trying to test this for a few days now, and I always end up getting locked out of my server. The machine loses connectivity without the gateway directive..

    So unfortunately that doesn't solve my issue :(

     – Chris Feb 28 '15 at 20:06
  • Hmmmm. Does the containers need to be on static IP? Is there a reason they can't just be auto-assigned via DHCP? – EvilSupahFly Mar 02 '15 at 02:31
  • Oh I don't use static IPs, just static IP on the host. The clients are not set, but they seem to get the same IPs every time.

    It still is strange that the containers can ping security.ubuntu.com but apt-get can't see/use it.

    New data: rebooted the host 24h ago, and started a container 12h ago. Still everything works (apt-get in containers). Let me observe when the problem appears...

     – Chris Mar 02 '15 at 08:06