This Name Service Switch (NSS) module provides internet address resolution for Juju encoded hostnames.
Some charms require a hostname in lieu of an IP address to work
properly. To support this you can use network-get --primary-hostname
in a charm hook to get an always-resolvable
hostname. Internet address resolution is provided by this plugin.
The encoding of the name is TBD but this proof of concept currently supports the following patterns:
-
IPv4
juju-ip-172-31-38-207
-
IPv6
juju-ip-2001-470-1f1d-8d8-c0db-9559-9417-2416
IPv6 names must be fully expanded (i.e., no collapsed 0's (zeros)).
$ network-get --primary-hostname
juju-ip-192-168-20-1
$ getent hosts juju-ip-192-168-20-1
192.168.20.1 juju-ip-192-168-20-1
$ ping -c 4 juju-ip-192-168-20-1
PING juju-ip-192-168-20-1 (192.168.20.1) 56(84) bytes of data.
64 bytes from 192.168.20.1: icmp_seq=1 ttl=64 time=0.069 ms
64 bytes from 192.168.20.1: icmp_seq=2 ttl=64 time=0.052 ms
64 bytes from 192.168.20.1: icmp_seq=3 ttl=64 time=0.048 ms
64 bytes from 192.168.20.1: icmp_seq=4 ttl=64 time=0.048 ms
Reverse address resolution is by default provided for RFC1918 local networks and fc00::/7. If a file "/etc/nss-juju-nets.conf" exists it's read instead - it should contain whitespace separated list of networks for which the reverse resolution should be provided:
$ getent hosts juju-ip-172-19-0-84
172.19.0.84 juju-ip-172-19-0-84
$ ping -c 3 juju-ip-172-19-0-84
PING juju-ip-172-19-0-84 (172.19.0.84) 56(84) bytes of data.
64 bytes from juju-ip-172-19-0-84 (172.19.0.84): icmp_seq=1 ttl=64 time=0.043 ms
64 bytes from juju-ip-172-19-0-84 (172.19.0.84): icmp_seq=2 ttl=64 time=0.035 ms
64 bytes from juju-ip-172-19-0-84 (172.19.0.84): icmp_seq=3 ttl=64 time=0.075 ms
The module itself cannot be authoritative for arbitrary IP addresses,
particularly if the module is listed before the dns
entry. It
can, however, rely on the host to do reverse lookup.
$ hostname
ip-172-31-0-139
$ network-get --primary-hostname
juju-ip-172-31-0-139
$ getent hosts juju-ip-172-31-0-139
172.31.0.139 juju-ip-172-31-0-139
# Reverse lookup
$ dig -x 172.31.0.139 +short
ip-172-31-0-139.ec2.internal.
# Forward lookup
$ dig ip-172-31-0-139.ec2.internal. +short
172.31.0.139
Works and behaves the same way as AWS does.
Reverse lookup does not work for private addresses.
Because the IP address is encoded in the name it is not (currently) possible to get both an IPv4 and IPv6 address associated for one hostname. Arguably, this can be fixed by encoding both addresses in the name, but it doesn't read terribly well and may well break hostname limits.
$ juju-ip-172-31-38-207-2001-470-1f1d-8d8-c0db-9559-9417-2416
Build from source requires the following packages be installed:
$ sudo sh ./prerequisites.sh
Configure and build using autoconf:
$ ./autogen.sh
$ ./configure --prefix=/usr
$ make
$ sudo make install
$ sudo ldconfig /usr/lib
To activate the NSS module, add juju
to the line starting with
hosts
in /etc/nsswitch.conf
. It is recommended to place
juju
early in the list, but after the files
entry.
For example:
$ cat /etc/nsswitch.conf
passwd: compat
group: compat
shadow: compat
gshadow: files
hosts: files juju dns
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis
You can verify the module is working using getent(1)
.
$ getent hosts juju-ip-192-168-20-1
192.168.20.1 juju-ip-192-168-20-1
And if you had a machine with that address on your network you can ping it by name:
$ ping -c 4 juju-ip-192-168-20-1
PING juju-ip-192-168-20-1 (192.168.20.1) 56(84) bytes of data.
64 bytes from 192.168.20.1: icmp_seq=1 ttl=64 time=0.069 ms
64 bytes from 192.168.20.1: icmp_seq=2 ttl=64 time=0.052 ms
64 bytes from 192.168.20.1: icmp_seq=3 ttl=64 time=0.048 ms
64 bytes from 192.168.20.1: icmp_seq=4 ttl=64 time=0.048 ms
Please read the HACKING companion to this file.