通讯技术>> nss-juju>> 返回
项目作者: frobware

项目描述 :
Name Service Switch (NSS) plugin for Juju
高级语言: M4
项目地址: git://github.com/frobware/nss-juju.git
创建时间: 2016-08-31T08:40:09Z
项目社区:https://github.com/frobware/nss-juju
开源协议:Other
下载


Build Status
Coverage Status
Coverage status

Name Service Switch (NSS) module for Juju (Proof of Concept).

This Name Service Switch (NSS) module provides internet address
resolution for Juju encoded hostnames.

Supporting Juju charms

Some charms require a hostname in lieu of an IP address to work
properly. To support this you can use network-get --primary-hostname in a charm hook to get an always-resolvable
hostname. Internet address resolution is provided by this plugin.

The encoding of the name is TBD but this proof of concept currently
supports the following patterns:

  • IPv4

    juju-ip-172-31-38-207

  • IPv6

    juju-ip-2001-470-1f1d-8d8-c0db-9559-9417-2416

IPv6 names must be fully expanded (i.e., no collapsed 0’s (zeros)).

Juju Charm Example

  1. $ network-get --primary-hostname
  2. juju-ip-192-168-20-1

General Address Resolution

  1. $ getent hosts juju-ip-192-168-20-1
  2. 192.168.20.1    juju-ip-192-168-20-1
  4. $ ping -c 4 juju-ip-192-168-20-1
  5. PING juju-ip-192-168-20-1 (192.168.20.1) 56(84) bytes of data.
  6. 64 bytes from 192.168.20.1: icmp_seq=1 ttl=64 time=0.069 ms
  7. 64 bytes from 192.168.20.1: icmp_seq=2 ttl=64 time=0.052 ms
  8. 64 bytes from 192.168.20.1: icmp_seq=3 ttl=64 time=0.048 ms
  9. 64 bytes from 192.168.20.1: icmp_seq=4 ttl=64 time=0.048 ms

Limitations

Reverse lookup needs to be handled by the host

The module itself cannot be authoritative for arbitrary IP addresses,
particularly if the module is listed before the dns entry. It
can, however, rely on the host to do reverse lookup.

Reverse lookup on AWS

  1. $ hostname
  2. ip-172-31-0-139
  4. $ network-get --primary-hostname
  5. juju-ip-172-31-0-139
  7. $ getent hosts juju-ip-172-31-0-139
  8. 172.31.0.139    juju-ip-172-31-0-139
  10. # Reverse lookup
  11. $ dig -x 172.31.0.139 +short
  12. ip-172-31-0-139.ec2.internal.
  14. # Forward lookup
  15. $ dig ip-172-31-0-139.ec2.internal. +short
  16. 172.31.0.139

Reverse lookup on GCE

Works and behaves the same way as AWS does.

Reverse lookup on Azure

Reverse lookup does not work for private addresses.

Only IPv4 or IPv6 for a single hostname

Because the IP address is encoded in the name it is not (currently)
possible to get both an IPv4 and IPv6 address associated for one
hostname. Arguably, this can be fixed by encoding both addresses in
the name, but it doesn’t read terribly well and may well break
hostname limits.

$ juju-ip-172-31-38-207-2001-470-1f1d-8d8-c0db-9559-9417-2416

Building from source

Build from source requires the following packages be installed:

  1. $ sudo sh ./prerequisites.sh

Configure and build using autoconf:

  1. $ ./autogen.sh
  2. $ ./configure --prefix=/usr
  3. $ make
  4. $ sudo make install
  5. $ sudo ldconfig /usr/lib

Installing the module

To activate the NSS module, add juju to the line starting with
hosts in /etc/nsswitch.conf. It is recommended to place
juju early in the list, but after the files entry.

For example:

  1. $ cat /etc/nsswitch.conf
  3. passwd:         compat
  4. group:          compat
  5. shadow:         compat
  6. gshadow:        files
  8. hosts:          files juju dns
  9. networks:       files
  11. protocols:      db files
  12. services:       db files
  13. ethers:         db files
  14. rpc:            db files
  15. netgroup:       nis

You can verify the module is working using getent(1).

  1. $ getent hosts juju-ip-192-168-20-1
  2. 192.168.20.1    juju-ip-192-168-20-1

And if you had a machine with that address on your network you can
ping it by name:

  1. $ ping -c 4 juju-ip-192-168-20-1
  2. PING juju-ip-192-168-20-1 (192.168.20.1) 56(84) bytes of data.
  3. 64 bytes from 192.168.20.1: icmp_seq=1 ttl=64 time=0.069 ms
  4. 64 bytes from 192.168.20.1: icmp_seq=2 ttl=64 time=0.052 ms
  5. 64 bytes from 192.168.20.1: icmp_seq=3 ttl=64 time=0.048 ms
  6. 64 bytes from 192.168.20.1: icmp_seq=4 ttl=64 time=0.048 ms

Please read the HACKING companion to this file.