New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Why does OpenVZ overwrite /etc/resolv.conf on reboots?
pubcrawler
Banned
Have a nagging issue with a few OpenVZ providers.
For some reason some of the servers like to overwrite my /etc/resolv.conf file when the container gets restarted/rebooted.
Why do some providers do this and how as an end user do I get them to stop such?
Comments
Hm.. I think that would be the VPS node setting it.
Yeah. It's probably trying to set the configured defaults. Do these providers use SolusVM?
Yeah I believe they all use SolusVM.
Not sure why they do it.
You chould probably use chattr to stop it being changed...
That's a frickin idiotic feature if you call it that. Since we cache and munge DNS such breaks stuff.
@pubcrawler make a cron to overwrite /etc/resolv.conf with your resolvers, or make it run a script to do it on boot.
It is not "some providers", this is done by the OpenVZ startup scripts.
Probably all providers are doing this, unless they have made some custom modifications.
The script that sets the resolv.conf is in /etc/vz/dists/scripts/set_dns.sh on the node and is installed with the vzctl package.
That's part of how OpenVZ works. It also re-applies the IP address when you stop/start a container. As it does with all variables in it's container configuration file. The host can change it for you.
It's written into OpenVZ's start scripts to give the VM containers the host node's resolv.conf. If you don't want it to do this, you'll have to write a script to replace it on boot.
Since OpenVZ copies it before booting the container, you can add a cron line like:
@reboot cp /root/resolv.conf /etc/resolv.conf
Regarding this:
We have ~1200 OpenVZ customers, and so far none of them have contacted us about resolv.conf being overwritten, so I'd say it's a good feature :P
chattr +i /etc/resolv.conf should stop any changes to it - cron / bootscript seems more complicated than it needs be.
chattr -i should you ever need to change it again
Killer recommendations folks.
There might be more providers smacking my resolv.conf file than I know.
Have two servers I eyeball more than others and noticed one of them doing this crap after I rebooted it to test my changes and see that everything comes back to life after restart (good to test from time to time).
@Damian, thanks for "@reboot cp /root/resolv.conf /etc/resolv.conf"
I've been doing that on one of the servers for months and consider it an ugly hack But it works there.
@prae5, chattr recommendation is awesome. Nice tool I was unaware of!
Plus asking them to send any flag other than stop to vzctl is a good way to weed out the "my friend installed solusvm now im a vps provider"
@Jack and @jarland, you guys crack me up. So true.
chattr works fine, we recommend that to customers to.
Simple and easy
Never knew this until now :P, on reboot it reads from the host node? Weird!
Yeah, basically (and correct me if I'm wrong about the word "every"), it reapplies every value in the config file for that container (/etc/vz/ctid.conf) when the container is booted. This is also why your host may change something and it not stick, because they forgot the "--save" flag that saves changes to the config file (or you can just edit it directly).
Yeah,
chattr +i /etc/resolv.conf
is part of my setup script. Never had a problem with it.What if at some point after some upgrade your container will start to fail to boot-up/reboot/migrate, because the HN scripts will suddenly decide that being unable to overwrite resolv.conf is now a fatal error.
Personally I prefer to rely on the providers' support as little as possible, and besides -- changing some non-trivial OpenVZ thing just for you, when you have perfectly working ways to fix this yourself, sounds like something capricious and unreasonable.
If it's mildly annoying to some, and not noticed by others, can you really say it's something good.
My solutions are
1) custom script called from /etc/rc.local
2) buying less or none OpenVZ, and more Xen/KVM
Good points @rm_.
I might stick with my stashing of good files with another name and copy them at reboot to right place, just to be safe.
Find there is so much custom and glue in my VPS that easy to create ugly situation and have to debug later because I failed to document enough.
@Jack Right. Thanks
Any specific reason for additional work with "custom script" '+ rc.local entry (ie. cp /etc/resolve.conf.mine /etc/resolv.conf" or something like that most likely) instead only simple rc.local entry (ie. echo 'nameserver 8.8.8.8' > /etc/resolv.conf) ?
That can/will work also @Spirit
@pubcrawler just found It's amazing how fast time flies...
http://www.lowendtalk.com/discussion/comment/8184#Comment_8184
Deja deja vue! @Spirit.
I wish the search function on here actually worked. I know the Google route to search it, blah, I'd rather not.