#dns_server | Explore Tumblr posts and blogs

kasradoc · 4 years ago

Photo

‏‎. DNS : دی ان اس از کلمات Domain Name System اقتباس و یک پروتکل شناخته شده در عرصه شبکه های کامپوتری خصوصا اینترنت می باشد، سرویسی است توسط اکثر اپلیکشن ها استفاده میگردد،دیتا های این پروتکل بطور کلی مورد اطمینان هستند. Wins (Windows Internet Name Service شرکت مایکروسافت در ابتدا نسخه اختصاصی سرویس دهنده dns خود را با این نام وارد بازار کرد و چون مبتنی برسیستم قدیمی بود در سال ۱۹۸۴ به سمت dns گام برداشت، و یک بانک اطلاعاتی توزیع شده را طراحی کرد. ساناد سرواژه سامانه نام دامنه ترجمه صفحات وب ، که به اختصار DNS خوانده می‌شود یک سیستم سلسه‌ مراتبی نام‌گذاری برای کامپیوترها، سرویس‌ها، یا منابع دیگر است که به شبکه اینترنت یا یک شبکه خصوصی (LAN) متصل هستند. وقتی می‌خواهید وارد وبگاهی شوید، باید نشانی کارساز وبش را بدانید. نشانی کارساز وب با نشانی آی‌ پی مشخص می‌شود. اما به خاطر سپردن نشانی آی‌ پی، دشوار است. می‌توان به جای نشانی آی‌ پی، از نام‌ های دامنه استفاده کرد. برای هر نشانی آی‌پی یک نام دامنه در نظر گرفته شده‌است. مثلاً نشانی آی‌پی وبگاه گوگل ۱۷۳٫۱۹۴٫۳۳٫۱۰۴ است. برای دسترسی به گوگل، می‌توانید از این نشانی آی‌پی یا نام دامنه آن یعنی www.google.com استفاده کنید. در ساناد، کل نشانی‌های اینترنت درون بانک‌های اطلاعاتی توزیع شده‌ای هستند که هیچ تمرکزی روی نقطه‌ای خاص از شبکه ندارند. روش ترجمه نام بدین صورت است که وقتی یک برنامهٔ کاربردی مجبور است برای برقراری یک ارتباط، معادل نشانی آی‌پی از یک ماشین با نامی مثل cs.ucsb.edu را بدست بیاورد، قبل از هر کاری یک تابع کتابخانه‌ای (Library Function) را صدا می‌زند، به این تابع کتابخانه‌ای تابع تحلیلگر، نام (Name Resolver) گفته می‌شود. دانلود نمایید: https://www.kasradoc.com/product/domain-name-system/ #powerpoint #Document #Kasradoc #ppt #DNS #Dns_server #Domain_Name_System #HTTPS #OSI_layer #Domain_name_space #internationalization #Name_servers #Address_resolution_mechanism #DNS_protocol_transport #پاورپوینت #مقاله #پروژه #کسری_داک #پروتکل #دی_ان_اس #سامانه_نام_دامنه #ساناد #پروتکل_امن_انتقال_ابرمتن #حمله_مرد_میانی #گوگل #بنیاد_موزیلا #فایرفاکس #لایه_کاربرد #تی‌_ال‌_اس #دی‌_ان‌_اس‌_کریپت‎‏ (در ‏‎Kasradoc‎‏) https://www.instagram.com/p/COuTNlap0lB/?igshid=k6fpkm2x68bw

0 notes

agilealm · 5 years ago

Text

Terraform Azure Series: Parameters and Modules

As you may recall that I have started to publish my Terraform notes for Azure while I am experiencing it as future another obsolete reference :) Please refer my first introductory article if you haven't read the basics of infrastructure as code - IAC

Purpose of this article is to teach you basic concepts like variables, modules, state files through very basic provisioning of a virtual server from the Azure environment.

Variables & Modules:

Terraform stores bits and pieces of infra in *.tf files where you might have only one long tf file or multiple *.tf files to manage a large number of assets and for flexibility and modularity. You can use representative names for above-mentioned tf files such as securityGroups.tf, servers.tf, resourceGroups.tf, resourcemanaegrs.tf etc. All of these files combined into one large tf file behind the scenes once terraform command such as plan, apply or destroy is called.

The proper naming convention will give you a clear overview of the setting and objects to be created. As you can see in the above image, various settings and resources are stored in different files. For example, variables are stored in variables.tf, where "azure_region" is a variable and its default value, is set to "North Europe". Now see the below snippet that uses a variable defined in another file (variables.tf):

resource "azurerm_public_ip" "public_ip_for_prototypeVM" { name = "public_ip" location = "${var.azure_region}" resource_group_name = "${azurerm_resource_group.azure_resource_group.name}" allocation_method = "Dynamic" tags = { environment = "Public Ip Azure Demo" }

The code above (ipAddresses.tf) uses ${var.xxxxx} definition from variables.tf file and variables stored in this separate file can be reached from any tf file stored under the project folder.

location = "${var.azure_region}"

State Files:

State files such as terraform.tfstate keeps track of the id's of created resources to manage in later stages. Remember that state file might contain sensitive information such as plain passwords, secrets, connection strings, tenant id's and more so MUST NOT be committed to terraform the main repository.

Now is time to complete the mission: " spin a virtual server in the Azure Cloud" Here are the basic prerequisites:

Network/Sub Networks with private/public IP addresses.

Basic Security Group to control in/out traffic.

Network Interface - NIC to assign to our VM.

Let's start with the first item network and subnetwork as follows:

resource "azurerm_virtual_network" "azureVPC" { address_space = ["10.0.0.0/16"] location = "${var.azure_region}" name = "azureVPC" resource_group_name = "${azurerm_resource_group.azure_resource_group.name}" dns_servers = ["10.0.0.4","10.0.0.5"] } resource "azurerm_subnet" "subnetOne_for_AzureVPC" { address_prefix = "10.0.1.0/24" name = "subnetOne" resource_group_name = "${azurerm_resource_group.azure_resource_group.name}" virtual_network_name = "${azurerm_virtual_network.azureVPC.name}" } resource "azurerm_subnet" "subnetTwo_for_AzureVPC" { address_prefix = "10.0.2.0/24" name = "subnetOne" resource_group_name = "${azurerm_resource_group.azure_resource_group.name}" virtual_network_name = "${azurerm_virtual_network.azureVPC.name}"

}

The above code is self-explanatory: it creates a new virtual network called "azureVPC' with address space of 10.0.0.0/16 under main resource group. Similar to the virtual network, subnetworks are created accordingly subnetOne and subnetTwo. Below is our basic security group:

resource "azurerm_network_security_group" "security_group_standartPorts" { name = "standartPorts-SSH-Web" location = "${var.azure_region}" resource_group_name = "${azurerm_resource_group.azure_resource_group.name}" security_rule { name = "SSH" priority = 1001 direction = "Inbound" access = "Allow" protocol = "Tcp" source_port_range = "*" destination_port_range = "22" source_address_prefix = "*" destination_address_prefix = "*" }

}

Our security group only contains one inbound rule for the SSH port 22 that accepts any port and IP as a source address. Now it is time to define our NIC but before we need an IP address to assign it:

}

it is dynamically allocated IP address managed under same Azure resource group. Time to create a NIC and assign our fresh IP address to it:

resource "azurerm_network_interface" "interface1" { name = "interface1" location = "${var.azure_region}" resource_group_name = "${azurerm_resource_group.azure_resource_group.name}" network_security_group_id = "${azurerm_network_security_group.security_group_standartPorts.id}" ip_configuration { name = "myNicConfiguration" subnet_id = "${azurerm_subnet.subnetOne_for_AzureVPC.id}" private_ip_address_allocation = "Dynamic" public_ip_address_id = "${azurerm_public_ip.public_ip_for_prototypeVM.id}" }

}

Our NIC called interface1 uses public IP address created in the previous step. Now showtime: Ask for our first VM:

resource "azurerm_virtual_machine" "demo_VM" { name = "DemoVM" location = "${var.azure_region}" resource_group_name = "${azurerm_resource_group.azure_resource_group.name}" network_interface_ids = ["${azurerm_network_interface.interface1.id}"] vm_size = "Standard_B1s" storage_os_disk { name = "mainDisk" caching = "ReadWrite" create_option = "FromImage" managed_disk_type = "Standard_LRS" } storage_image_reference { publisher = "Canonical" offer = "UbuntuServer" sku = "16.04.0-LTS" version = "latest" } os_profile { computer_name = "DemoVM" admin_username = "azureuser" } os_profile_linux_config { disable_password_authentication = true ssh_keys { path = "/home/azureuser/.ssh/authorized_keys" key_data = file("~/.ssh/id_rsa.pub") } }

}

Our Linux VM is very tiny as Standart B1s type with Standard main disk. Don't forget you can separate image references, os related information into a centeralized file for further flexibilit.y you can find the list of VM types and their details at:

https://docs.microsoft.com/en-us/azure/virtual-machines/windows/sizes-general

Our tiny ubuntu uses ssh key (read from a local system as a file("~/.ssh/id_rsa.pub") ) to login rather password-based authentication. I am sure that you know to generate a key as (MAC) or use Putty for MS. Windows systems:

ssh-keygen -t rsa -b 4096

Time to see everything is ok and you already know which command to run!

terraform plan

See if there aren't any errors. Fix them and be ready to spin your first VM with:

terraform apply

I assume you reply "yes" after the above command. You can now see the created resources:

Apply complete! Resources: 8 added, 0 changed, 0 destroyed.

Find out your IP address and login to your new Linux using ssh as:

ssh [email protected]

Congratulations! Your first VM is ready now enjoy but delete all components for additional charges (terraform destroy)

Let me have some break and continue with another article such as deploy dockerized container or k8s using Terraform.

p.s. : Please let me know if you stuck at any step due to miss explanations again everything in a rush.

#terraform #azure #iac

0 notes

agilealm · 5 years ago

Text

Ansible, Puppet, Chef, Terraform - IAC Your First Terraform Project

For the last decade, majority of companies adopted or built their systems (development, production, test and more) by practicing Infrastructure as code - IAC; managing and provisioning of the various resources such as networks, VMS, load balancers, etc. via definition/configuration files. Ansible, Puppet, Chef, Terraform, AWS CloudFormation are all used for the same purpose: From manual configurations/procedures to scripted error-proof automation for reducing configuration drifts, inconsistencies and human errors meanwhile reducing time to production.

In this article, I would like to share my notes for the newbies to learn the basics of the IAC using Terraform. I am sure that there are strengths and weaknesses of all the tools mentioned above but I personally found that Terraform is easy to learn, platform independent, fast, support for revisions and most importantly ability to generate immutable infrastructure (clean servers every time to avoid configuration drift), and prefer orchestration to repetitive configuration. But managing larger state files (tfstate) and merging them can be very challenging. I will be following only one cloud platform: Azure for resource provisioning and infrastructure design but remember that you have the same options for all cloud providers such as AWS and GCloud. Procedures are almost same but few differences due to terminology and the underlying architecture of various providers. Considering that I am an AWS certified cloud architect; this series also my notes for the Azure environment. (The reason is my current client uses Microsoft Azure)

Cut to the chase and roll the wheels.(Careful; bold texts are commands to be used in the terminal window or line to add your configuration files) We will start building a very basic network as a first step. Please see below:

Install Terraform: google it! Basically, you download Terraform zip, extract it and set an environmental variable for example for Mac edit profile as vim ~/.bash_profile and add:

export PATH=$PATH:/Users/yourname/TerraformBinaryFolder

Don't forget to source your new PATH variable using source ~/.bash_profile I suggest you keep the zip under the same folder to see the currently installed version. You can also see by entering:

terraform version

You need to install Azure CLI (similar in AWS, Gcloud) to set up your Azure credentials, secrets, client and tenant id. The easiest way for mac is to use brew as:

brew update && brew install azure-cli

and test it by login-in using az login in your terminal window. Now it is time to gets our hands dirty. To create a Terraform project ??? Yes, we call our first project as a Terraform project because it will contain configuration and connection and other files to be edited near soon. Thus it might be wise to use code repository like Github to store your project assets also remember that Github has a nice boilerplate future for Terraform files. So you already know it (or google it again) Goto Githup create a new repo but remember to select Terraform as below to add some of the configuration files to be ignored by Github (of course you can change manually if you forget to select)

Now clone your Terraform repo to your local directory to work with your favorite editor that is intellij IDEA for my case and open your local project folder via GUI or by idea . in your terminal window. Edit your .gitignofile to exclude some of the special files and folders

# Local .terraform directories **/.terraform/* # .tfstate files *.tfstate *.tfstate.* # .tfvars files *.tfvars # Module directory .terraform/ .DS_Store .idea

Add a new file called connections.tf to configure Azure connection parameters, leave parameter values as it is, later we will be substituting with Azure credentials/. this is only required to fulfill the basic requirements.

provider "azurerm" { subscription_id="dummy" client_id="0" client_secret="passworddummy" tenant_id="1001" }

Now we can go terminal screen and run the terraform init command under the project directory where connection.tf is read and proper files are automatically downloaded based on the provider keyword "azurerm" Please check that you have now a hidden folder namely .terraform that contains required binaries and MUST NOT be committed to repo (added to gitignore above)

We are now ready to get our Azure subscription and related client, tenant ids and secret. Use your terminal window and enter

az account list

must output screen like below:

FIRATs-MacBook-Pro:Code firatdogan$ az account list [ { "cloudName": "AzureCloud", "id": "this is your subcription id a1f532f0-529bf5dc-xxxxxx", "isDefault": true, "name": "Life time Free", "state": "Enabled", "tenantId": "this is your tenant id bv1f532f0-529bf5dc-xxxxxx", "user": { "name": "[email protected]", "type": "user" } } ]

Use the id above and type (terminal window again) :

az account set --subscription="this is your subcrip id32f0-529c-xxxxx" az ad sp create-for-rbac --role="Contributor" --scopes="subscriptions/you id here again"

must output your app, tenant subscription ids and your secret (password) Our aim is to use these values as our environmental variables and read them to our previously created connection.tf file. Thus edit your .bash_profile file and add the following lines:

export TF_VAR_subscription_id="this is your id " export TF_VAR_client_id="app id" export TF_VAR_secret="password" export TF_VAR_tenant_id="tenant id"

Don't forget above ids are removed due to security concerns replace with your own values. Now we can re-edit our connection.tf file and read environmental variables as follows:

variable "subscription_id" {} variable "client_id" {} variable "secret" {} variable "tenant_id" {} provider "azurerm" { subscription_id="${var.subscription_id}" client_id="${var.client_id}" client_secret="${var.secret}" tenant_id="${var.tenant_id}" }

All set ! let see everything works so far by entering:

terraform plan

Now time to configure some resources let start with the network by adding resources.tf (add new file to your project) file as follows:

resource "azurerm_resource_group" "test_network" { location = "North Europe" name = "Devresourcegroup" } resource "azurerm_virtual_network" "azureVPC" { address_space = ["10.0.0.0/16"] location = "North Europe" name = "azureVPC" resource_group_name = "${azurerm_resource_group.test_network.name}" dns_servers = ["10.0.0.4","10.0.0.5"] subnet { address_prefix = "10.0.1.0/24" name = "subnetOne" } subnet { address_prefix = "10.0.2.0/24" name = "subnetTwo" } }

Run terraform plan to see no typos or logical errors exists. You must now see the very first picture in this article that shows your future network to be created. It is now time to generate it:

terraform apply Apply complete! Resources: 2 added, 0 changed, 0 destroyed.

Answer yes and go! you congratulations you have now added your first resources via terraform orchestration.

I will be sharing with you how to add other resources to our network probably near soon.

p.s: sorry for the typos, I am really in a hurry due to very loaded project schedules.

#terraform #azure #iac #infrastructure #infrastructureascode

0 notes