Services that require a static IP address have IP's assigned by AWS Elastic IP association. These services are principally the Salt Master, the LDAP directories, and the CPR machines.
The common domain is commonidtrust.org.
The CPR machines answer for account.commonidtrust.org.
The IdP machines answer for both www.commonidtrust.org and login.commonidtrust.org but currently only login.commonidtrust.org is routable due to Internet2 web hosting changes.
/etc/hosts is used to maintain common names for some services that have elastic IP's, such as the LDAP directories. This is necessary principally because of peculiarities of certificate validation in various pieces of software.
/etc/hosts is managed by Salt, but not through normal Salt mechanisms such as highstate. Instead, a control script located in root's home directory on the Salt Master is used to write the hosts file to various hosts through Salt. Whenever /etc/hosts needs to be changed or a new host dependent on /etc/hosts is added, this script must be run again.
Machines are able to associate themselves with an elastic IP using AWS API's invoked by Salt. The following mappings are needed:
Instance |
IP Address |
|---|---|
i-ae24e19b (CommIT LDAP 3) |
54.214.22.8 |
i-6ad3da58 (CommIT LDAP 1) |
54.214.22.9 |
i-ac24e199 (CommIT LDAP 2) |
54.214.22.10 |
i-ba4d4288 (Salt Master) |
54.244.127.183 |
i-f41113c6 (CommIT CPR VM 1) |
54.244.223.142 |
i-fa1113c8 (CommIT CPR VM 2) |
54.244.223.148 |
Unallocated |
54.244.223.182 |