Revise container DNS resolution implementation

The current LXC cache preparation copies the DNS resolver config
from the host into the container.

When the host has been setup with a DNS caching system like 'unbound'
running on it, the host's resolv.conf contains only a localhost
nameserver entry which will not work from inside the container.

The Ubuntu containers use resolvconf by default. Resolvconf gathers
the DNS settings from each interface configured and compiles
/etc/resolv.conf from the interface information. This results in
a nameserver list which will start with the LXC dnsmasq service
which runs on lxcbr0. This service uses the host's DNS configuration
for name resolution.

In effect, therefore, when the containers use the DNS service on
lxcbr0, the host does the resolution and responds to the container.
This means far less moving parts and a far more predictable
implementation for name resolution.

This patch implements the changes necessary for this strategy to
work.

Change-Id: Ib139af5221dbb1f479ca068e472cf0e8aa828a8d

vars/redhat-7.yml

@@ -45,9 +45,11 @@ lxc_cache_map:
   copy_from_host:
     - /etc/yum.repos.d/
     - /etc/pki/rpm-gpg/
-    - /etc/resolv.conf
-    - /etc/systemd/resolved.conf
   cache_prep_commands: |
+    if [ -a /etc/resolv.conf ]; then
+      mv /etc/resolv.conf /etc/resolv.conf.org
+    fi
+    echo "nameserver {{ lxc_net_address }}" > /etc/resolv.conf
     yum install -y {{ lxc_cache_packages | join(' ') }}
     rm -f /usr/bin/python
     ln -s /usr/bin/python2.7 /usr/bin/python
@@ -64,6 +66,11 @@ lxc_cache_map:
     ln -s /dev/null /etc/systemd/system/proc-sys-fs-binfmt_misc.automount || true
     echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/sysconfig/network-scripts/ifcfg-eth0
     chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
+    if [ -a /etc/resolv.conf.org ]; then
+      mv /etc/resolv.conf.org /etc/resolv.conf
+    else
+      rm -f /etc/resolv.conf
+    fi
 
 lxc_cache_packages:
   - ca-certificates

vars/ubuntu-14.04.yml

@@ -43,11 +43,12 @@ lxc_cache_map:
   copy_from_host:
     - /etc/apt/sources.list
     - /etc/apt/apt.conf.d/
-    - /run/resolvconf/
-    - /etc/resolvconf/
-    - /etc/resolv.conf
     - /root/repo.keys
   cache_prep_commands: |
+    if [ -a /etc/resolv.conf ]; then
+      mv /etc/resolv.conf /etc/resolv.conf.org
+    fi
+    echo "nameserver {{ lxc_net_address }}" > /etc/resolv.conf
     apt-key add /root/repo.keys
     rm /root/repo.keys
     export DEBIAN_FRONTEND=noninteractive
@@ -71,6 +72,11 @@ lxc_cache_map:
     echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/network/interfaces
     mkdir -p /etc/network/interfaces.d
     chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
+    if [ -a /etc/resolv.conf.org ]; then
+      mv /etc/resolv.conf.org /etc/resolv.conf
+    else
+      rm -f /etc/resolv.conf
+    fi
 
 # This forces any modified configurations to remain, and any unmodified configs to be replaced
 # ref: http://serverfault.com/questions/259226/automatically-keep-current-version-of-config-files-when-apt-get-install

vars/ubuntu-16.04.yml

@@ -47,12 +47,12 @@ lxc_cache_map:
   copy_from_host:
     - /etc/apt/sources.list
     - /etc/apt/apt.conf.d/
-    - /run/resolvconf/
-    - /etc/resolvconf/
-    - /etc/resolv.conf
-    - /etc/systemd/resolved.conf
     - /root/repo.keys
   cache_prep_commands: |
+    if [ -a /etc/resolv.conf ]; then
+      mv /etc/resolv.conf /etc/resolv.conf.org
+    fi
+    echo "nameserver {{ lxc_net_address }}" > /etc/resolv.conf
     apt-key add /root/repo.keys
     rm /root/repo.keys
     export DEBIAN_FRONTEND=noninteractive
@@ -76,6 +76,11 @@ lxc_cache_map:
     echo -e '{{ lxc_container_default_interfaces }}' | tee /etc/network/interfaces
     mkdir -p /etc/network/interfaces.d
     chage -I -1 -d -1 -m 0 -M 99999 -E -1 root
+    if [ -a /etc/resolv.conf.org ]; then
+      mv /etc/resolv.conf.org /etc/resolv.conf
+    else
+      rm -f /etc/resolv.conf
+    fi
 
 # This forces any modified configurations to remain, and any unmodified configs to be replaced
 # ref: http://serverfault.com/questions/259226/automatically-keep-current-version-of-config-files-when-apt-get-install