oci

Update ESXi hostname in OCI DNS for Oracle Cloud VMware Solution

animesh41Leave a comment

While working with Oracle Cloud VMware Solution (OCVS), I encountered a scenario where I need to update the ESXi hostname post the OCVS SDDC was deployed.

Now, updating ESXi hostname is fairly easy as we would see but as ESXi servers are native BareMetal Instances within OCI compute, it is also important that those hostnames are also updated to maintain consistency.

Now by default for every subnet within the VCN , a private DNS Zone is created within OCI. This is by design based on the VCN resolver and the format for the DNS Domain names and Zones is as follows:

  • VCN domain name: <VCN-DNS-label>.oraclevcn.com
  • Subnet domain name: <subnet-DNS-label>.<VCN-DNS-label>.oraclevcn.com
  • Instance FQDN: <hostname>.<subnet-DNS-label>.<VCN-DNS-label>.oraclevcn.com

For an instance, you may assign a hostname. It’s assigned to the VNIC that’s automatically created during instance launch (that is, the primary VNIC). Along with the subnet domain name, the hostname forms the instance’s fully qualified domain name (FQDN):

Once we deploy the OCVS SDDC it automatically creates Private DNS Zones for the SDDC subnet which is created . This SDDC subnet has all the ESXi instances connected to it and thus DNS entry for the ESXi instances based on the Instance FQDN format is also automatically created.

Navigate to OCI > Networking > DNS Management> Zones .

Ensure you are in the right compartment

Select the Private Zones > appropriate subnet domain name.

Example : sub01234567.demolab.oraclevcn.com

These entries are protected in nature and cannot be modified directly from the OCI DNS.

Also, once there is a change in the ESXi hostname and FQDN , it needs to reflect in vCenter for which it needs to be removed from the vCenter and re-added back. Thus, I have documented the steps required to be done on OCVS and OCI to update the hostname.

  1. Put the ESXi hosts in maintenance mode in vCenter and NSX-T.
  2. Disconnect the ESXi host from the vCenter
  3. Remove the host from vCenter inventory
  4. Update hostname on VMware ESXi
    1. esxcli system hostname set –host=<hostname>
    2. esxcli system hostname set –fqdn=<hostname>sub01234567.demolab.oraclevcn.com

5. Update the ESXi name in OCI SDDC

Navigate to OCI console > VMware Solution > Software Defined Data Center > Select your SDDC

Under Resources > Select ESXi hosts

Click on the three dot symbol on the right of the ESXi host and Edit ESXi host.

Update the new hostname

6. Update the ESXi BareMetal Instance name

Under OCI console > Compute > Instances > View Instance details for the ESXi Compute Instance

7. Update the vNIC hostname

Under the same instances > Attached vNics and update the hostname.

The above step completes the config changes required in OCI, and if you go back and check the DNS records under DNS Management > Zones > Appropriate subnet domain > The NS records would be updated with the updated FQDN

8. Add the ESXi host back in the vCenter > Cluster

You will have to provide the credentials for ESXi host . Its the same vCenter credential available under SDDC.

9. Add the ESXi host in DSwitch

10. Remove the host from maintenance mode. Check NSX-T, the host should have automatically prepared within NSX-T.

11. Validate the config across vCenter, NSX-T.

Hope this blog will be helpful !!

Add Custom HTTP Header to Oracle Cloud Load Balancer

animesh41Leave a comment

An application load balancer on Oracle Cloud Infrastructure works on layer 7, so it supports both HTTP and HTTPS. It can distribute HTTP and HTTPS traffic based on host-based or path-based rules. An application load balancer is a context-aware load distribution that can forward and manipulate requests based on HTTP headers. It also has a configurable range of health check status codes, and additionally based on the requirements on backend servers custom request and response headers can be inserted.

Today, we will be talking about adding custom http request or response header. There are customer requirements which requires to add custom headers based on how the backend application is designed.

How Custom Headers work

Custom request and response headers allow you to specify additional headers that the load balancer adds to requests and responses. These rules enable you to offer metadata to your backend servers, enabling you to do things like figure out which listener made a request, geographic location of the client’s IP address, notify WebLogic that the Load Balancer Terminated SSL and so on.

Application Load balancer adds certain headers by default to all HTTP(S) requests and responses that it proxies between backends and clients. For more information, see https://docs.oracle.com/en-us/iaas/Content/Balance/Reference/httpheaders.htm

In this example, customer wants to replicate their existing on-prem environment by adding a specific HTTP header as CLIENTIP with the value of actual client IP using X-Forwarded-For or X-REAL-IP.

Before we go through the steps, lets understand about What is a rule set?

A rule set is a named collection of rules connected with a load balancer and applied to one or more load balancer listeners. You must first establish the rule set that contains the rules before you can apply it to a listener. Rules are objects that represent actions taken by a load balancer listener on traffic. The load balancer’s setup includes the rule set. When you create or edit a load balancer listener, you may specify the rule set to use. A rule set can contain the following sorts of rules:

Below are steps to add customize request header to OCI LB:

  1. Login to the OCI console – https://cloud.oracle.com/
  2. Navigate to –

Networking > Load Balancers > Select your load balancer and view details

3. Scroll down on the left-hand side
  • Select Rule Sets > Select Create Rule set > Give a Name > Select Specify Request Header Rules and select the Action “Add Request Header”.
  • Type in the Header name as per the variable or name user wants and select the value as {X-Real-IP} or {X-Forwarded-For}.

See the screenshot below, note I have chosen different Header names to show different values

  1. Save changes to save the Ruleset.
  2. Select Listeners under the same page –

Edit the Listener > Scroll down to Rulesets and attach the Ruleset created in Step 4 to the Listener. This will apply the ruleset to the Load Balancer Listener.

Now the configuration is complete . Let’s check from the backend server instance, where we can see the inserted custom header being received on the instance with the actual client-Ip used to test the load-balancer. We have used the below tcpdump command to check the same: tcpdump -Xx -s 0 -i <INTERFACE> port <PORT_NUM> | grep <Filter> -A 2 -B 2

As we can see in the screenshots above, a new custom header with the value of CLIENTIP and CLIENTip with the value of X-Forwarded-For and X-Real-IP (actual client IP address) is passed to the backend server.

Hope, this information was helpful.

I will also like to Thank my colleague Piyush Jalan (https://www.linkedin.com/in/piyush-jalan/) for his contribution to this blog.