Files
dd0c-site/dist/posts/foreman-hooks-aws-vpc/index.html
2026-03-22 22:51:23 +00:00

25 lines
6.2 KiB
HTML

<!DOCTYPE html><html lang="en" data-astro-cid-5hce7sga> <head><meta charset="utf-8"><meta name="viewport" content="width=device-width, initial-scale=1"><title>AWS VPC Buildout With Foreman Hooks for RDNS Creation — dd0c.net</title><link rel="icon" href="/favicon.ico"><style>[data-astro-cid-5hce7sga],[data-astro-cid-5hce7sga]:before,[data-astro-cid-5hce7sga]:after{box-sizing:border-box}body{font-family:system-ui,-apple-system,sans-serif;margin:0;background:#f8f9fa;color:#333;line-height:1.6}nav[data-astro-cid-5hce7sga]{background:#fff;border-bottom:2px solid #3294D2;padding:0 1.5rem;display:flex;align-items:center;gap:0}nav[data-astro-cid-5hce7sga] .brand[data-astro-cid-5hce7sga]{display:flex;align-items:center;gap:.5rem;text-decoration:none;margin-right:1.5rem;padding:.75rem 0}nav[data-astro-cid-5hce7sga] .brand[data-astro-cid-5hce7sga] img[data-astro-cid-5hce7sga]{height:32px;width:auto}nav[data-astro-cid-5hce7sga] a[data-astro-cid-5hce7sga]{color:#333;text-decoration:none;padding:.75rem .85rem;font-size:.95rem;transition:color .15s}nav[data-astro-cid-5hce7sga] a[data-astro-cid-5hce7sga]:hover{color:#3294d2}nav[data-astro-cid-5hce7sga] .spacer[data-astro-cid-5hce7sga]{flex:1}nav[data-astro-cid-5hce7sga] a[data-astro-cid-5hce7sga].external{color:#3294d2}main[data-astro-cid-5hce7sga]{max-width:760px;margin:2rem auto;padding:0 1.25rem}footer[data-astro-cid-5hce7sga]{margin-top:3rem;padding:1.25rem;text-align:center;font-size:.875rem;color:#666;border-top:1px solid #e0e0e0;background:#fff}footer[data-astro-cid-5hce7sga] a[data-astro-cid-5hce7sga]{color:#3294d2;text-decoration:none}footer[data-astro-cid-5hce7sga] a[data-astro-cid-5hce7sga]:hover{text-decoration:underline}h1[data-astro-cid-5hce7sga]{font-size:1.75rem;color:#1a1a1a}h2[data-astro-cid-5hce7sga]{font-size:1.2rem;margin-top:1.75rem;color:#1a1a1a}a[data-astro-cid-5hce7sga]{color:#3294d2}p[data-astro-cid-5hce7sga]{margin:.6rem 0}@media (max-width: 600px){nav[data-astro-cid-5hce7sga]{flex-wrap:wrap;padding:0 .75rem}nav[data-astro-cid-5hce7sga] .brand[data-astro-cid-5hce7sga]{margin-right:.5rem}nav[data-astro-cid-5hce7sga] a[data-astro-cid-5hce7sga]{padding:.6rem .5rem;font-size:.875rem}}
.post-meta[data-astro-cid-gjtny2mx]{color:#888;font-size:.875rem;margin-bottom:1.5rem}.post-body[data-astro-cid-gjtny2mx]{line-height:1.75}.post-body[data-astro-cid-gjtny2mx] iframe[data-astro-cid-gjtny2mx]{max-width:100%}.back[data-astro-cid-gjtny2mx]{display:inline-block;margin-bottom:1.25rem;font-size:.9rem;color:#3294d2;text-decoration:none}.back[data-astro-cid-gjtny2mx]:hover{text-decoration:underline}
</style></head> <body data-astro-cid-5hce7sga> <nav data-astro-cid-5hce7sga> <a class="brand" href="/" data-astro-cid-5hce7sga> <img src="/logo-white.svg" alt="dd0c.net" width="40" height="40" data-astro-cid-5hce7sga> </a> <a href="/" data-astro-cid-5hce7sga>Home</a> <a href="/about" data-astro-cid-5hce7sga>About</a> <a href="/services" data-astro-cid-5hce7sga>Services</a> <div class="spacer" data-astro-cid-5hce7sga></div> <a class="external" href="https://github.com/ddoc" target="_blank" rel="noopener" data-astro-cid-5hce7sga>GitHub</a> </nav> <main data-astro-cid-5hce7sga> <a class="back" href="/" data-astro-cid-gjtny2mx>← All posts</a> <h1 data-astro-cid-gjtny2mx>AWS VPC Buildout With Foreman Hooks for RDNS Creation</h1> <p class="post-meta" data-astro-cid-gjtny2mx>2014-01-15</p> <div class="post-body" data-astro-cid-gjtny2mx> <p>Originally posted on <a href="http://digital-ducttape.com/2013/10/23/aws-vpc-buildout-with-foreman_hooks-for-rdns-creation/">Digital Ducttape</a></p>
<p><a href="http://theforeman.org/">Foreman</a> is a tool I have used for a long time as an external node classifier for Puppet and its smart-proxy for integration with DNS. However when Foreman recently <a href="http://projects.theforeman.org/issues/1871">added support</a> for building EC2 instances inside a VPC, I thought it was a great opportunity to use the same tool for a new buildout.</p>
<p>Shortly after starting I discovered that reverse DNS is <a href="http://projects.theforeman.org/issues/3166">unfortunately broken</a> for EC2 VPC builds. Foreman does not map a relationship between VPC subnets and any DNS smart-proxy. Unswayed I took to #foreman and was guided to a potential solution.</p>
<p>Enter <a href="https://github.com/theforeman/foreman_hooks">foreman_hooks</a>. This plugin for foreman allows you to subscribe to create/update/destroy events and invoke any executable. Lucky for me this was a great workaround for the functionality lacking in the recent 1.3 release. Initially I wrote a script utilizing the smart-proxy API to create PTR records but it complained that the IP address was already assigned. Fair enough. Without further investigation I wrote instead a short shell script which does the same thing using nsupdate with tsigs and viola! Integrated forward and reverse DNS for EC2 VPC deployments. A few more lines of code added support for the destroy hook and now the feature is complete.</p>
<p>I named this script <code>rdns.sh</code> and placed it in <code>/usr/share/foreman/config/hooks.d</code> and created symlinks to it in both:</p>
<p><code>/usr/share/foreman/config/hooks/host/managed/destroy/</code><br>
<code>/usr/share/foreman/config/hooks/host/managed/create/</code></p>
<p><a href="https://gist.github.com/ddoc/8447483">source for rdns.sh</a></p>
<script src="https://gist.github.com/ddoc/8447483.js"></script>
<p><a href="https://gist.github.com/ddoc/8446722">source for utils.sh</a><br>
<a href="https://github.com/theforeman/foreman_hooks/blob/master/examples/hook_functions.sh">source for hook_functions.sh</a></p>
<p>Of course, after implementing this I saw many uses for foreman_hooks including:</p>
<ul>
<li>resizing an EC2 root volume at build time</li>
<li>attaching additional volumes</li>
<li>EIP associations and DNS</li>
<li>different hooks for different domains</li>
<li>adding and removing hosts to an external monitoring system</li>
</ul>
<p>I will post updates on these implementations at another time.</p> </div> </main> <footer data-astro-cid-5hce7sga> <a href="/privacy" data-astro-cid-5hce7sga>Privacy Policy</a> &nbsp;·&nbsp;
<a href="/terms" data-astro-cid-5hce7sga>Terms of Service</a> &nbsp;·&nbsp;
&copy; Brian Galura 2004&ndash;2026
</footer> </body></html>