Difference between revisions of "Dynamic DNS"
Line 7: | Line 7: | ||
The aim of this task is to provide united, federation-wide Dynamic DNS support for VMs in EGI Federated Clouds. Users can register their chosen meaningful and memorable DNS host names in given domains (e.g. my-server.vo-name.egi.eu) and assign to public IPs of their servers hosted in EGI Federated Cloud. By using Dynamic DNS, users can host services in EGI Federated Cloud with their meaningful service names, can freely move VMs from sites to sites without modifying server/client configurations (federated approach), can request valid server certificates in advance (critical for security)and many other advantages. | The aim of this task is to provide united, federation-wide Dynamic DNS support for VMs in EGI Federated Clouds. Users can register their chosen meaningful and memorable DNS host names in given domains (e.g. my-server.vo-name.egi.eu) and assign to public IPs of their servers hosted in EGI Federated Cloud. By using Dynamic DNS, users can host services in EGI Federated Cloud with their meaningful service names, can freely move VMs from sites to sites without modifying server/client configurations (federated approach), can request valid server certificates in advance (critical for security)and many other advantages. | ||
A short presentation of the task is available [https://drive.google.com/file/d/0B-BKNHNUi7TDRzB6ZUxoZHAyalU/view?usp=sharing here] | A short presentation of the task is available [https://drive.google.com/file/d/0B-BKNHNUi7TDRzB6ZUxoZHAyalU/view?usp=sharing here] | ||
A short tutorial how to use the service is available [https://wiki.egi.eu/wiki/Dynamic_DNS_tutorial here] | |||
= How to use EGI FedCloud Dynamic DNS service = | |||
Using EGI FedCloud Dynamic DNS service is very simple and intuitive via GUI portal. Just go to https://nsupdate.fedcloud.eu and follow the menu in the portal. Concretely: | |||
*Dynamic DNS service uses EGI CheckIn for authentication. If you have not EGI account, please register via https://sso.egi.eu/admin/ | |||
*Log into Dynamic DNS service portal using EGI account via menu "Login" and click on "egi" button | |||
*Use "Overview" -> "Add host" to register a new hostname in an available domain. Choose a hostname in an available domain and click on "Create: | |||
*Follow the instruction after host creation for IP assignment/update. Note the host secrete and the update URL (in form "curl https://YOUR_HOSTNAME:HOST_SECRET@nsupdate.fedcloud.eu/nic/update") for later use | |||
*Run "curl https://HOSTNAME:SECRET@nsupdate.fedcloud.eu/nic/update" in your VM to assign the hostname to a running VM | |||
*or add "curl https://HOSTNAME:SECRET@nsupdate.fedcloud.eu/nic/update" into cloud_init file to assign hostname automatically at start. | |||
*You can edit/update/delete your registered hostnames in the "Overview" menu and click on the hostname | |||
= Participants = | = Participants = | ||
Line 55: | Line 75: | ||
*A testing domain fedcloud.eu has been registered for testing and development (without touching production domains like egi.eu) | *A testing domain fedcloud.eu has been registered for testing and development (without touching production domains like egi.eu) | ||
*DNS servers are installed and configured for fedcloud.eu domain | *DNS servers are installed and configured for fedcloud.eu domain | ||
*Portal is installed on configured https://nsupdate.fedcloud.eu/ | *Portal is installed on configured https://nsupdate.fedcloud.eu/ | ||
*Users can register themselves and log in portal, can register DNS names within fedcloud.eu domain and assign to VMs | *Users can register themselves and log in portal, can register DNS names within fedcloud.eu domain and assign to VMs | ||
*Authentication via EGI CheckIn service is supported | *Authentication via EGI CheckIn service is supported | ||
Line 61: | Line 81: | ||
= Ongoing work = | = Ongoing work = | ||
*Authorization via VO memberships | *Authorization via VO memberships | ||
*Command-line clients for registering domains | *Command-line clients for registering domains | ||
= Next steps = | = Next steps = |
Revision as of 08:25, 7 March 2017
Objective
DNS names for VMs in EGI Federated cloud are recently required by many VOs requirements , however, current support for DNS resolution at site level is inadequate and fragmented.
The aim of this task is to provide united, federation-wide Dynamic DNS support for VMs in EGI Federated Clouds. Users can register their chosen meaningful and memorable DNS host names in given domains (e.g. my-server.vo-name.egi.eu) and assign to public IPs of their servers hosted in EGI Federated Cloud. By using Dynamic DNS, users can host services in EGI Federated Cloud with their meaningful service names, can freely move VMs from sites to sites without modifying server/client configurations (federated approach), can request valid server certificates in advance (critical for security)and many other advantages.
A short presentation of the task is available here
A short tutorial how to use the service is available here
How to use EGI FedCloud Dynamic DNS service
Using EGI FedCloud Dynamic DNS service is very simple and intuitive via GUI portal. Just go to https://nsupdate.fedcloud.eu and follow the menu in the portal. Concretely:
- Dynamic DNS service uses EGI CheckIn for authentication. If you have not EGI account, please register via https://sso.egi.eu/admin/
- Log into Dynamic DNS service portal using EGI account via menu "Login" and click on "egi" button
- Use "Overview" -> "Add host" to register a new hostname in an available domain. Choose a hostname in an available domain and click on "Create:
- Follow the instruction after host creation for IP assignment/update. Note the host secrete and the update URL (in form "curl https://YOUR_HOSTNAME:HOST_SECRET@nsupdate.fedcloud.eu/nic/update") for later use
- Run "curl https://HOSTNAME:SECRET@nsupdate.fedcloud.eu/nic/update" in your VM to assign the hostname to a running VM
- or add "curl https://HOSTNAME:SECRET@nsupdate.fedcloud.eu/nic/update" into cloud_init file to assign hostname automatically at start.
- You can edit/update/delete your registered hostnames in the "Overview" menu and click on the hostname
Participants
Developer
- Viet Tran (IISAS) viet.tran _at_ savba.sk
Advisory board
- Enol Fernández
- Peter Solagna
- Vincenzo Spinoso
- Boris Parak
- Jerome Pansanel
Requirements
- Basic functionalities
- Web-based GUI interfaces for registering DNS hostnames for EGI users (done)
- DNS server with Dynamic DNS support for forward DNS resolution (done)
- Command-line clients for assigning registered hostnames to IPs (done)
- Advanced functionalities
- Using EGI Checkin services (authentication done, authorization ongoing)
- Command-line client for registering DNS hostnames (next period)
- Not compulsory but desired functionalities
- Support for reverse DNS resolution (long term)
Used technologies
- Backend: BIND9 DNS server with configuration for updating DNS names via RFC 2136
- Frontend: nsupdate.info portal for registering and managing DNS names/domains
- Clients: Wide support of common dynamic DNS clients like ddclient, inadyn, or just curl
Current status
- A testing domain fedcloud.eu has been registered for testing and development (without touching production domains like egi.eu)
- DNS servers are installed and configured for fedcloud.eu domain
- Portal is installed on configured https://nsupdate.fedcloud.eu/
- Users can register themselves and log in portal, can register DNS names within fedcloud.eu domain and assign to VMs
- Authentication via EGI CheckIn service is supported
Ongoing work
- Authorization via VO memberships
- Command-line clients for registering domains
Next steps
- Transfer to egi.eu domain
- Production