Join Log in
Score:0
avatar Server

How do I create DNS entries for private addresses on AWS?

ng flag
oligofren

To do any ops work on our servers, we first need to ssh into a DMZ server with a public IP, before ssh-ing on to the app servers, with ips such as 172.16.3.239. I would rather have memorable hostnames, to do something like ssh app.staging, but I am unsure how this works on AWS. I have only setup DNS for globally accessible ips with my registrar, and since the AWS private subnet is for a private range of addresses, this will not work, of course.

I am also sure if I can use any random hostname (that does not clash with a "real" public hostname), or if it would need to resolve to something that would be globally unique (outside of my private subnet).

77
1 + 6
Michael Hampton avatar
cz flag
Michael Hampton
Nothing about the DNS prevents you from creating address records with RFC1918 addresses. You do it the same way as any other address record.
0
Reply
ng flag
oligofren
So you are suggesting I just create the dns entries with my local provider? That's fine. But is it possibly to create dns entries in AWS that are "short-hand", like `app-staging` that would only apply in AWS when I ssh around?
0
Reply
Tim avatar
gp flag
Tim
If you have a small number of servers it would be easier to put them in your hosts file, but that won't scale to many servers / operations staff.
0
Reply
Oscar De León avatar
la flag
Oscar De León
Have you looked into a private hosted DNS zone and Route53 Resolver?
0
Reply
ng flag
oligofren
@Tim Might well be the most cost/time effective solution :D
0
Reply
ng flag
oligofren
@OscarDeLeón No. Or more like: this is Greek to me. I am not very well versed in AWS infra. What do you mean by "private hosted DNS zone"? Like setting up BIND myself?
0
Reply
Score:0
Tim avatar Server
gp flag
Tim

Two options are:

  • AWS Route 53 is a hosted DNS service. Create a hosted zone (DNS service) for your servers with the private IPs. You can also create a private hosted zone (private DNS) but then you will need to delegate DNS to the AWS name servers. This is especially useful if you're using load balancers who's IPs change regularly.
  • Hard code the server names in your computer(s) hosts files. This won't scale well to large numbers of servers, large numbers of operations staff, or if IPs change regularly
0 + 1
ng flag
oligofren
Not sure about that first option, since the terms were unknown, but I found some context to fill in the blanks: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/hosted-zones-private.html
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.