-
-
Save jclouds/3202856 to your computer and use it in GitHub Desktop.
| Here's an approach to ensure at least 2 things are sensible on the host: ${hostname} and ${fqdn} | |
| if ${hostname} is not specified via api, it could be set to the same as the node's name | |
| in private clouds, ${fqdn} may need to come from a property or a conversion fn (ex. = ${hostname}.mydomain.com) | |
| in public clouds, ${fqdn} can be set via api data (ec2.publicDnsName), dns resolution, or x-x-x-x.static.cloud-ips.com | |
| on (centos|fedora|rhel|amzn_linux)-based operating systems | |
| /etc/sysconfig/network: replace line HOSTNAME=${fqdn} | |
| /proc/sys/kernel/hostname: replace w/${fqdn} | |
| on (debian|ubuntu)-based operating systems | |
| /etc/hostname: replace w/${hostname} | |
| exec hostname ${hostname} | |
| on all | |
| /etc/hosts: add or replace line ^127.0.0.1 localhost.localdomain localhost ${hostname} | |
| /etc/hosts: add or replace line ^${public_ip} ${fqdn} ${hostname} | |
| /etc/hosts: add or replace line ^${private_ip} ${hostname} | |
| before attempting to run this script, the input data should be checked to ensure it is valid: | |
| ex. run InternetDomainName.isValid on ${fqdn} | |
| A test could be to logon to the machine and make sure ${fqdn} resolves to ${public_ip} and ${hostname} to ${private_ip} |
I'm pretty sure the centos/rhel approach works on SLES too, but I'll verify that tomorrow. Otherwise, yeah, this looks right.
I don't think it's safe to assume ${fqdn} can be resolved to ${public_ip} using external dns infrastructure. A safer approach would be to replicate dns info on all nodes by publishing all (fqdn, ip) pairs in /etc/hosts.
updated gist to clarify that the resolution is a means to test the change, vs a precondition, as you are right: we may not have the same resolver settings as the host does.
That said, I don't think manual dns via updating all machines /etc/hosts files is a sustainable approach, though certainly in tools like Whirr we can do this (as for example we have root access). I'd separate this as 2 steps: 1. correct a machine's configuration (above script) 2. correct DNS server info to be correct (falling back to /etc/hosts update broadcast if for some reason that isn't doable)
wdyt?
I don't have an aversion to pushing the /etc/hosts fix to tools like Whirr that actually care about it. Seems reasonable.
+1 for implementing this approach
manual dns is a horrible hack, and I will help propagate that hack in tools that desire it, just not as a part of the same script.
remember the sysadmin's decree "do not add hair to the yak! I repeat do not add hair to the yak!"
On the yakkier bit, I'm going to quiz openstack-infra a bit about how they handle this for their jenkins stuff right now. They use puppet, which is pretty fqdn sensitive (ssl certificates and all). Maybe there's an option we can make that doesn't presume tools like whirr know about all machines (ex the puppetmaster) who also need to resolve the new nodes.
On the less yakkier bit, I'll start on it tonight :)
please help revise this and/or add approaches for other operating systems!