I was wondering how developers go about using IBM Bluemix with custom domain names, and how you go about registering your DNS information.
Thanks!
Bluemix supports custom domains and SSL certs. You can even use wildcard and SAN certs as well.
To use a custom domain you need to register the domain in the Bluemix UI. Once you login click on your organization name on the left and click on "Manage Organizations".
Find your organization and click domains. Enter in the domain of your choosing.
The next step is creating a DNS record for Bluemix.
Create an A record for whatever host you want, for example . for the root domain of your domain. You can also create an A record for * so all requests all routed to Bluemix.
The A record needs to point to 75.126.81.68 for the US-South Instance.
For the EU-GB region in London you need to create an A record that points to 5.10.124.141.
The good news is Bluemix supports custom domains which you have to configure in the Bluemix management dashboard. To do this you should follow these easy steps:
Login to the Bluemix admin dashboard
Go to the 'Manage Your Organization' tab in the dashboard
Click on the domains admin link to open the domain management UI
Enter your domain name (you need to have registered this domain already and have access to the DNS settings).
Login to your DNS management dashboard and set your DNS settings:
a. Create an A-RECORD for the home domain *.domain.com
b. Set the A-RECORD to your instance IP (you can find this on the admin page)
c. Commit and save the changes
This will take up to 48-hours to propagate, but you can test it within 30-min.
Related
What needs to be configured in Google Domains domain in GCP Account A that will allow zone management in another GCP account (GCP Account B)?
There is no relationship between the accounts and Account B corporate policy will not allow specific user permissions for a user on another account.
Clarification & Update:
Title updated. After investigation, it appears that the issue is configuring DNS delegation.
Now working on this assumption: "Child subdomain DNSKEY record hashed results are compared with the DS record stored in the parent zone. If there is a match, the resolver can trust all records in the child zone."
Assuming a domain registered as example.com (parent) and a subdomain dev.example.com setup in Cloud DNS in a separate account:
Turn on DNSSEC in the subdomain Cloud DNS zone
Click on Registrar Setup and enter the information in the parent zone NS and DS records. The parent zone acts as the 'registrar' for the subdomain
Now, the subdomain zone can answer authoritatively for queries for domains such as one.dev.example.com, two.dev.example.com etc.
I am new to Cloud Foundry.
Is there any way that only specific users can view and update an app deployed in Cloud Foundry?
1.I deployed an app in Cloud Foundry using “cf push”command.
2.After entering “cf push “command I’ve got an message below.
Using manifest file /home/stevemar/node-hello-world/manifest.yml
enter Creating app node-hello-world-example...
name: node-hello-world-example
requested state: started
routes: {route-information}
last uploaded: Mon 14 Sep 13:46:54 UTC 2020
stack: cflinuxfs3
buildpacks: sdk-for-nodejs
type: web
instances: 1/1
memory usage: 256M
3.Using the {route-information} above,I can see the app deployed via browser entering below URL.
https://{route-information}
By this way ,anyone can see app from browser, but I don’t want that to be seen by everyone and limit access to specific user.
I heard that this global IP will be allocated to {route-information} by default.
Is there any way to limit access to only between specific users?
(For example,is there any function like “private registry” at Kubernetes in Cloud Foundry which is not open to public)
Since I am using Cloud Foundry in IBM Cloud it would be better if there is solution using IBM Cloud.
I’ve already granted cloud foundry role to the other user.
Thank you.
The CloudFoundry platform itself does not provide any access controls for applications. If you assign a public route to your application, where the DNS is publicly resolvable and the foundation is on the public Internet, like IBM Bluemix, then anyone can access your app.
There's a number of things you can do to limit access, but they do require some work on your part.
Use a private DNS. You can add any domain you want to Cloud Foundry, even ones that don't resolve. That means you could add my-cool-domain.local which does not resolve anywhere. You could then add a record to /etc/hosts for this domain or perhaps run DNS on your local network to resolve this DNS domain and direct traffic to the CloudFoundry.
With this setup, most people cannot access your application because the DNS domain for the route to your application does not resolve anywhere. It's important to understand that this isn't really security, but obscurity. It would stop most traffic from making it to your app, but if someone knew the domain, they could add their own /etc/hosts header or send fake Host headers to access your application.
This type of setup can work well if you have light security requirements like you just want to hide something while you work on it, or it can work well paired with other options below.
You can set up access controls in your application. Many application servers & frameworks can do things like restrict access by IP address or require user access (Basic auth is easy and it is OK, if you're only allowing HTTPS traffic to your app which you should always do anyway).
You can use OAuth2 to secure apps too. Again, many app servers & frameworks have support for this and make it relatively simple to secure your apps. If you don't have a corporate OAuth2 solution, there are public providers you can use. Exactly how you do OAuth2 in your app is beyond the scope of this question, but there's plenty of material out there on how to do this. Google information for your application language/framework of choice.
You could set up an access Gateway. This would be an application that's job is to proxy traffic to other applications on the foundation. The Gateway could be something like Nginx, Apache HTTPD, or Spring Cloud Gateway. The idea is that the gateway would be publicly accessible, and would almost certainly apply access controls/restrictions (see #2, many of these proxies have access control options that only take a few lines of config). Your actual applications would not be deployed publicly though. When you deploy your actual applications, they would only be on the internal Cloud Foundry domain.
CloudFoundry has local domains, often apps.internal (run cf domains to see if that shows up), which you can use to easily route traffic across the internal container-to-container network. Using this domain and the C2C network, you can have apps deployed to CF that are not accessible to the public Internet, except through your Gateway.
Again, how you configure this exactly is outside the scope of this question, but check out the docs I linked to for info on using the C2C network & internal routes. Then check out your proxy server of choice's documentation.
After configuring the WHM/cPanel the landing page does not show the index.html in public_html rather it is showing the domain registrar details e.g: www.nexnaira.com.
I have deleted all the files in the public_html (cPanel) but it seems not to have any effect like the site is not pointing to the index.html I uploaded. Maybe I am doing it all wrong, please I need assistance
You need to change your default name servers of domain from domain control panel.
Also you need to create child name servers for your domain .
please follow the below tutorial to setup . Once you done setup in your WHM/cPanel, you need to create the same child nameservers using your domain control panel.
Create Child name servers
In order for your domain to display the content it has on your VPS, it is necessary to either register Private Nameservers or point your domain to BasicDNS and then add A record with the IP Address of your server in order to point it to your VPS.
To register Private Nameservers three steps should be taken:
1) register Private Nameservers on the Domain registrar's side;
https://www.namecheap.com/support/knowledgebase/article.aspx/768/10/how-do-i-register-personal-nameservers-for-my-domain
You can find the IP addressees for your Private Nameservers in. Your Virtual server access details should have been sent to your registered email.
2) set up Private Nameserves on the Hosting provider side ( SOA record which states the privary nameserver for your domain, A records for subdomains ns1 and ns2 and NS records) This guide is for your convenience:
https://www.namecheap.com/support/knowledgebase/article.aspx/207/48/how-to-set-up-private-nameservers-vps-and-dedicated-servers
3) point your domain to the Private Nameservers on the Domain registrar's side.
Mind you I am using these reference links because I am using Namecheap hosting services
I have two hosting accounts (Personal one and a work one). I am doing some testing and would like to create a subdomain of a work domain (manage.domain.com) and host it on my personal account. Currently, my personal host is through 1and1 and is dedicated while the work one is shared with GoDaddy.
Work
I have gone into go daddy and created the subdomain. I have also added DNS records such as A, AAAA AND NS (i did not record a CNAME). I have noticed that if is type manage.domain.com it is redirecting to my personal server. However, it is directing to the blank admin page of the root of the server (which is maintained using Plesk).
Personal
Using Plesk I added the website (domain.com) and created the subdomain (manage.domain.com). I have also updated the websites hosting access using Plesk and assigned it the default values of my personal account. Using Plesk I also set the subdomain to the particular location of the files I want to test. However, I cannot get my server to recognize the address and redirect it to the proper location.
Any help is greatly appreciated!
J
You can just create:
in personal account domain(not subdomain) manage.domain.com
on domain.com add DNS record of type A, name "manage" and IP address of personal hosting:
After that "manage.domain.com" will resolving to hosting of your personal account and can be accessed because such domain exists.
I figured it out
What i did above was correct expect do not change the name servers on the work DNS(godaddy).
Add the website to plesk - it will give you an error about not being able to control the DNS settings which you have already adjusted on the original server (godaddy)
Add a subdomain of the website.
*** Ensure the subdomain is pointed to the correct folder within your server
Done
Hello I have server with Centos 6.5 64bit Final i have noticed that my subdomains does not work properly for example if i create subdomain: example.domain.com everything is fine you can type that in your browser and it will work but if somebody will type www.example.domain.com it will fail to open instead of subdomain content that i have created it will open zpanelcp login page.
So my question is what i should do in order to get this working is it domain fault or is it server fault and i need something to fix in actual server?
to create a sub-domain on zPanel just follow this steps :
Login to ZPanel as user
Click "Sub Domains"
Enter sub-domain prefix and select the domain
Use create new home directory
Click "Create"
Now go to your domain dns manager not zPanel dns manager "ex : godaddy ..."
Under A (HOST) You will need to add new record for the prefix of your sub domain with your server ip address
Then click "Save Changes"
your dns resolution my take some time to reflect your changes
good luck.