Modifying the DNS Server Address and Adding Security Group Rules (Linux)
Scenarios
This topic describes how to add the DNS server address and security group rules to a Linux ECS or BMS to ensure successful downloading of the Agent installation package and successful monitoring data collection. This topic takes an ECS as an example. The operations for BMSs are similar.
You can modify the DNS server address of an ECS via command lines or the management console.
DNS and security group configuration are intended for the primary NIC.
Modifying the DNS Server Address (Command Lines)
The following describes how to add the DNS server address to the resolv.conf file using command lines.
To use the management console, see Modifying the DNS Server Address (Management Console).
- Log in to an ECS as user root.
- Run the vi /etc/resolv.conf command to open the file.
- Add the DNS server address, for example, nameserver 100.125.1.250 and nameserver 100.125.21.250 to the file. Enter :wq and press Enter to save the change.
Figure 1 Adding the DNS server address (Linux)
The nameserver value varies depending on the region. For details, see What Are the Private DNS Servers Provided by the Huawei Cloud?
Modifying the DNS Server Address (Management Console)
The following describes how to modify the DNS server address of an ECS on the management console. This topic takes an ECS as an example. The operations for BMSs are similar.
- In the upper left corner, select a region and project.
- Click Service List in the upper left corner. Under Compute, select Elastic Cloud Server.
On the ECS console, click the name of the target ECS to view its details.
- On the displayed Summary tab page, click the VPC name.
The Virtual Private Cloud page is displayed.
- Click the name of the target VPC.
- In the Networking Components area, click the number following Subnets.
The Subnets page is displayed.
- In the subnet list, click the name of target subnet.
- In the Gateway and DNS Information area, click following DNS Server Address.
Set the DNS server address to the value of nameserver in 3.
- Click OK.
The new DNS server address takes effect after the ECS or BMS is restarted.
Modifying the ECS Security Group Rules (Management Console)
The following describes how to modify security group rules for an ECS on the management console. This topic takes an ECS as an example. The operations for BMSs are similar.
- On the ECS details page, click the Security Groups tab.
The security group list is displayed.
- Click the security group name.
- Click Modify Security Group Rule.
The security group details page is displayed.
Procedure for BMS:
- Click the security group ID on the upper left.
- Click Manage Rule in the Operation column of the security group.
- Click the Outbound Rules tab, and click Add Rule.
- Add rules based on Table 1.
Table 1 Security group rules Protocol
Port
Type
Destination
Description
TCP
80
IPv4
100.125.0.0/16
Used to download the Agent installation package from an OBS bucket to an ECS or BMS and obtain the ECS or BMS metadata and authentication information.
TCP and UDP
53
IPv4
100.125.0.0/16
Used by DNS to resolve domain names, for example, resolve the OBS domain name when you are downloading the Agent installation package, and resolve the Cloud Eye endpoint when the Agent is sending monitoring data to Cloud Eye.
TCP
443
IPv4
100.125.0.0/16
Used to collect monitoring data and send the data to Cloud Eye.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.