Presentation is loading. Please wait.

Presentation is loading. Please wait.

Dynamic DNS support for EGI Federated cloud

Published byWarren Porter Modified over 6 years ago

Similar presentations

Presentation on theme: "Dynamic DNS support for EGI Federated cloud"— Presentation transcript:

1 Dynamic DNS support for EGI Federated cloud
Viet Tran (IISAS)

2 Requirement Some apps/VOs need VMs running in clouds with valid DNS hostnames ( In principle, any service hosted in cloud will need a valid DNS hostname Supports for DNS in EGI Federated cloud are very limited and fragmented Some sites have new hostname for every new VM Some have fixed hostname for each IP Some do not support at all Random, encrypted and unpredictable hostnames for services hosted in clouds Users need to reconfigure servers and clients for every start

3 EGI FedCloud wide dynamic DNS support
For users: can register hostnames and assign them to VMs: Memorable, sensible hostnames for services hosted in FedCloud Predictable, reusable hostnames for clients/servers setting, no reconfiguration of clients and servers for every start Common domains for VMs in whole federation, independent from location of VMs in FedCloud For sites: no changes, no additional support required For FedCloud: promotion of federated approach

4 DDNS command-line client
Architecture Users EGI CheckIn Authentication DDNS command-line client NS-update server Register hostnames Assign/update IPs updating DNS records BIND9 DNS server DNS server

5 Implementation NS-update server: nsupdate.info software
Open-source, available on github.com Based on stable components (django framework, standard python libraries) Server in production for free from 2014 Still active development BIND9 DNS server De-facto standard for DNS server DNS records update via RFC 2136

6 Standards and compliance
All communications between components are supported by standards: OpenID Connect between NS-update – EGI CheckIn dyndns2 between command-line client – NS-update RFC 2136 between NS-update – BIND9 server Implementation-independent All relationships are many-to-many, e.g. One NS-update server – many OpenID identity providers One NS-update server – many DNS servers (one portal for many domains) Many NS-update servers – one DNS server (many portal for one domain) Sustainable and extensible

7 Registering hostnames
Support multiple domains/subdomains Currently using subdomains from fedcloud.eu for testing Web portal with authentication via EGI CheckIn Just log in and register a hostname in an available domain Server will give error message if the hostname is occupied by other users See instruction/demo at the end of presentation

8 Assigning/updating IPs
Each registered hostname has its own secret (password) Once hostname is registered, no user credential is needed for assigning/updating IP address No user credential stored on VMs, just hostname and its own secret Very simple usage Common DDNS clients available in Linux Configuration files generated by NS-update server, just copy/paste For VMs, in most cases, it is enough to add the following command to cloud-init script “curl

9 Current status Please check up-to-date status on wiki Available functionalities: testing domain fedcloud.eu for EGI FedCloud users DNS servers setup for fedcloud.eu NS-update server deployed at Authentication via EGI CheckIn service Hostname registration via NS-update portal IP assign/update via portal or common DDNS clients

10 Usage instructions Just log into portal and follow the menu. Some screenshots are included at the end of this presentation. Typical scenario: Log into portal via EGI CheckIn (see screenshot 1 after this page) Go to “Overview” menu and click “Add host” (screenshot 2) Choose hostname, domain then “Create” (screenshot 3) Roll down and copy the update URL (screenshot 5). Note the update URL somewhere for later use Click to “Overview” again to see the new host and its IP (should be IP of your computer now) (screenshot 6). Log into your VM, run command curl with the noted update URL (from step 4) Click to “Overview” again to see the new host and its IP change to IP of your VM Try ping or ssh with the hostname to see if the IP is correctly updated to your VM Assign the hostname to your VM automatically at start by adding “curl update_URL” command into cloud-init script

11 Notes If you get an error message when logging into NS-update server via EGI CheckIn, your browser may have expired token It is problem of token in browser, not portal Just open this link in your browser to refresh the token or restart your browser and log in again NS-update server uses HTTPS protocol, hostname/secret are encrypted as data during transfer so it is secure to use the URL Portal does not store host secret in recoverable form. If you forget the host secret, you can generate new one Hostnames/IP addresses are not expired: No need to refresh IP addresses if no changes, it is enough to run once In most cases, it is enough to add the following command to cloud-init “curl to assign hostname automatically at VM start MS Windows tend to cache and remember DNS locally for longer time Try to check IP address of the hostname (host, ssh, ping commands) on Linux or flush DNS cache (“ipconfig /flushdns” with admin account)

12 Screenshot – login to portal

13 Screenshot-overview after login

14 Screenshot – register new hostname

15 Screenshot-new hostname registered

16 Screenshot – instructions for updating IPs

17 Screenshot – overview with new hostname

18 Screenshot: Edit host

Download ppt "Dynamic DNS support for EGI Federated cloud"

Similar presentations

WordPress Installation for Beginners Sheila Bergman

WordPress Installation for Beginners Sheila Bergman
automated single login access to Novell storage resources

automated single login access to Novell storage resources
Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile.

Introduction To The Course Network Architecture Hervey Allen Chris Evans Phil Regnauld September 3 - 4, 2009 Santiago, Chile.
1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.

1 Configuring Internet- related services (April 22, 2015) © Abdou Illia, Spring 2015.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 13: Administering Web Resources.

70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 13: Administering Web Resources.
DIMES Planner The DIMES Project Tel Aviv University October-2010.

DIMES Planner The DIMES Project Tel Aviv University October-2010.
1 CS 502: Computing Methods for Digital Libraries Lecture 22 Web browsers.

1 CS 502: Computing Methods for Digital Libraries Lecture 22 Web browsers.
1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.

1 Configuring Web services (Week 15, Monday 4/17/2006) © Abdou Illia, Spring 2006.
© Copyright 1997, The University of New Mexico C-1 Internet Service Provider Services What to do once you’re connected.

© Copyright 1997, The University of New Mexico C-1 Internet Service Provider Services What to do once you’re connected.
Hands-On Microsoft Windows Server 2003 Administration Chapter 7 Administering Web Resources in Windows Server 2003.

Hands-On Microsoft Windows Server 2003 Administration Chapter 7 Administering Web Resources in Windows Server 2003.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 7: Planning a DNS Strategy.
LEARN THE QUICK AND EASY WAY! VISUAL QUICKSTART GUIDE HTML and CSS 8th Edition Chapter 21: Publishing Your Pages on the Web.

LEARN THE QUICK AND EASY WAY! VISUAL QUICKSTART GUIDE HTML and CSS 8th Edition Chapter 21: Publishing Your Pages on the Web.
Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.

Hands-On Microsoft Windows Server 2008 Chapter 8 Managing Windows Server 2008 Network Services.
Host Name Resolution. Overview Name resolution Name resolution Addressing a host Addressing a host Host names Host names Host name resolution Host name.

Host Name Resolution. Overview Name resolution Name resolution Addressing a host Addressing a host Host names Host names Host name resolution Host name.
Remote Accessing Your Home Computer Using VNC and a Dynamic DNS Name.

Remote Accessing Your Home Computer Using VNC and a Dynamic DNS Name.
NORTEL NETWORKS CONFIDENTIAL CallPilot 150 Modem Access Jan 03, 2005 Version 1.5.

NORTEL NETWORKS CONFIDENTIAL CallPilot 150 Modem Access Jan 03, 2005 Version 1.5.
IT 210 The Internet & World Wide Web introduction.

IT 210 The Internet & World Wide Web introduction.
Module 7: Configuring TCP/IP Addressing and Name Resolution.

Module 7: Configuring TCP/IP Addressing and Name Resolution.
Computation for Physics 計算物理概論 Introduction to Linux.

Computation for Physics 計算物理概論 Introduction to Linux.
Pc Naming Configuration 1.WEB REGISTER 2.FIXNAME 3.MCAFEE AGENT SETUP ITC Training: Session 2.

Pc Naming Configuration 1.WEB REGISTER 2.FIXNAME 3.MCAFEE AGENT SETUP ITC Training: Session 2.

Similar presentations

Ads by Google