This Name Service Switch (NSS) module provides internet address resolution for Juju encoded hostnames.

Some charms require a hostname in lieu of an IP address to work properly. To support this you can use network-get --primary-hostname in a charm hook to get an always-resolvable hostname. Internet address resolution is provided by this plugin.

The encoding of the name is TBD but this proof of concept currently supports the following patterns:

• IPv4

  juju-ip-172-31-38-207

• IPv6

  juju-ip-2001-470-1f1d-8d8-c0db-9559-9417-2416

IPv6 names must be fully expanded (i.e., no collapsed 0's (zeros)).

$ network-get --primary-hostname
juju-ip-192-168-20-1

$ getent hosts juju-ip-192-168-20-1
192.168.20.1    juju-ip-192-168-20-1

$ ping -c 4 juju-ip-192-168-20-1
PING juju-ip-192-168-20-1 (192.168.20.1) 56(84) bytes of data.
64 bytes from 192.168.20.1: icmp_seq=1 ttl=64 time=0.069 ms
64 bytes from 192.168.20.1: icmp_seq=2 ttl=64 time=0.052 ms
64 bytes from 192.168.20.1: icmp_seq=3 ttl=64 time=0.048 ms
64 bytes from 192.168.20.1: icmp_seq=4 ttl=64 time=0.048 ms

The module itself cannot be authoritative for arbitrary IP addresses, particularly if the module is listed before the dns entry. It can, however, rely on the host to do reverse lookup.

$ hostname
ip-172-31-0-139

$ network-get --primary-hostname
juju-ip-172-31-0-139

$ getent hosts juju-ip-172-31-0-139
172.31.0.139    juju-ip-172-31-0-139

# Reverse lookup
$ dig -x 172.31.0.139 +short
ip-172-31-0-139.ec2.internal.

# Forward lookup
$ dig ip-172-31-0-139.ec2.internal. +short
172.31.0.139

Works and behaves the same way as AWS does.

Reverse lookup does not work for private addresses.

Because the IP address is encoded in the name it is not (currently) possible to get both an IPv4 and IPv6 address associated for one hostname. Arguably, this can be fixed by encoding both addresses in the name, but it doesn't read terribly well and may well break hostname limits.

$ juju-ip-172-31-38-207-2001-470-1f1d-8d8-c0db-9559-9417-2416

Build from source requires the following packages be installed:

$ sudo sh ./prerequisites.sh

Configure and build using autoconf:

$ ./autogen.sh
$ ./configure --prefix=/usr
$ make
$ sudo make install
$ sudo ldconfig /usr/lib

To activate the NSS module, add juju to the line starting with hosts in /etc/nsswitch.conf. It is recommended to place juju early in the list, but after the files entry.

For example:

$ cat /etc/nsswitch.conf

passwd:         compat
group:          compat
shadow:         compat
gshadow:        files

hosts:          files juju dns
networks:       files

protocols:      db files
services:       db files
ethers:         db files
rpc:            db files
netgroup:       nis

You can verify the module is working using getent(1).

$ getent hosts juju-ip-192-168-20-1
192.168.20.1    juju-ip-192-168-20-1

And if you had a machine with that address on your network you can ping it by name:

$ ping -c 4 juju-ip-192-168-20-1
PING juju-ip-192-168-20-1 (192.168.20.1) 56(84) bytes of data.
64 bytes from 192.168.20.1: icmp_seq=1 ttl=64 time=0.069 ms
64 bytes from 192.168.20.1: icmp_seq=2 ttl=64 time=0.052 ms
64 bytes from 192.168.20.1: icmp_seq=3 ttl=64 time=0.048 ms
64 bytes from 192.168.20.1: icmp_seq=4 ttl=64 time=0.048 ms

Please read the HACKING companion to this file.