Help Center/ Cloud Eye/ User Guide/ Cloud Resource Monitoring/ Server Monitoring/ Cloud Eye Plug-in (Agent)/ Modifying the DNS Server Address and Adding Security Group Rules
Updated on 2025-08-07 GMT+08:00
View PDF
Share

Modifying the DNS Server Address and Adding Security Group Rules

When installing the Cloud Eye Agent, you need to configure Huawei Cloud DNS to resolve the OBS domain name. The Agent also uses Huawei Cloud DNS to resolve the Cloud Eye backend domain name, allowing intranet access for reporting metrics and its status.

This section describes how to configure domain name resolution in Huawei Cloud DNS and private DNS scenarios.

In Huawei Cloud DNS scenarios, you need to add the DNS server address and security group rules to a server for successful downloading of the Agent installation package and monitoring data collection. In Modifying DNS Configurations (Linux), Modifying DNS Configurations (Windows), and Modifying the ECS Security Group Rules (Management Console), ECSs are used as an example. The operations for BMSs are similar.

Constraints

DNS and security group configurations are intended for the primary NIC.

Modifying DNS Configurations (Linux)

You can add DNS server addresses for an ECS by running commands or through the management console.

The following describes how to add DNS server addresses to the resolv.conf file by running commands in the CN North-Beijing1 region.

To use the management console, see Modifying the DNS Server Addresses (Management Console).

The nameserver value varies depending on the region. For details, see What Are Huawei Cloud Private DNS Server Addresses?

  1. Log in to an ECS as user root.
  2. Open the resolv.conf file. 
    vi /etc/resolv.conf
  3. Add the DNS server addresses to the file, press Esc to exit the editing mode, enter :wq, and press Enter to save the settings and exit. 
    nameserver 100.125.1.250
nameserver 100.125.21.250
    Figure 1 Adding DNS server addresses (Linux)

This section describes how to modify the DNS server addresses of an ECS on the management console . Here, ECSs are used as an example. The operations for BMSs are similar.

  1. Log in to the ECS console.
  2. In the ECS list, click an ECS name to view its details.
  3. In the ECS Information area of the Summary tab, click the VPC name. See Figure 2.
    The Virtual Private Cloud page is displayed.
    Figure 2 Virtual Private Cloud
  4. Locate the target VPC and click the number of subnets.
  5. In the subnet list, locate the target subnet and click its name.

    The subnet details page is displayed.

  6. In the Gateway and DNS Information area, click after the DNS Server Address.
  7. Enter the DNS server addresses. Use commas (,) to separate multiple IP addresses.

    The nameserver value varies depending on the region. For details, see What Are Huawei Cloud Private DNS Server Addresses?

    Figure 3 Changing DNS server addresses
  8. Click OK.
  9. Restart the ECS or BMS. For details, see Restarting an ECS or Restarting a BMS.

Modifying DNS Configurations (Windows)

You can modify DNS configurations of an ECS on the Windows GUI or management console.

The following describes how to use the Windows GUI to add DNS server addresses.

  1. Log in to the ECS console.
  2. Use VNC to log in to a Windows ECS.
  3. Choose Control Panel > Network and Sharing Center, and click Change adapter settings.
  4. Right-click the used network, choose Settings from the shortcut menu, and configure the DNS.

    The nameserver value varies depending on the region. For details, see What Are Huawei Cloud Private DNS Server Addresses?

    Figure 4 Adding DNS server addresses (Windows)
  5. Click OK.

The following describes how to modify a DNS server address of an ECS on the management console. Here, ECSs are used as an example. The operations for BMSs are similar.

  1. Log in to the ECS console.
  2. In the ECS list, click an ECS name to view its details.
  3. In the ECS Information area of the Summary tab, click the VPC name.
    The Virtual Private Cloud page is displayed.
    Figure 5 Virtual Private Cloud
  4. Locate the target VPC and click the number of subnets.
  5. In the subnet list, locate the target subnet and click its name.

    The Subnets page is displayed.

  6. In the Gateway and DNS Information area, click after the DNS Server Address.
  7. Enter the DNS server addresses. Use commas (,) to separate multiple IP addresses.

    The nameserver value varies depending on the region. For details, see What Are Huawei Cloud Private DNS Server Addresses?

    Figure 6 Changing DNS server addresses
  8. Click OK.
  1. Restart the ECS or BMS. For details, see Restarting an ECS or Restarting a BMS.

Modifying the ECS Security Group Rules (Management Console)

The following describes how to modify security group rules for an ECS on the management console. This section takes an ECS as an example. The operations for BMSs are similar.

  1. On the ECS details page, select the Security Groups tab.

    The security group list is displayed.

  2. Click a security group name.
  3. Click Modify Security Group Rule.

    The security group details page is displayed.

    For BMSs:

    1. Click the security group ID on the upper left corner of the list.
    2. Click Manage Rule in the Operation column of the security group.
  4. Click the Outbound Rules tab and click Add Rule.
  5. Add rules based on Table 1.
    Table 1 Security group rules

    Priority

    Action

    Type

    Protocol & Port

    Destination

    Description

    1

    Allow

    IPv4

    TCP

    80

    100.125.0.0/16

    Used to download the Agent installation package from an OBS bucket to an ECS or BMS and obtain the ECS or BMS metadata and authentication information.

    1

    Allow

    IPv4

    TCP

    53

    100.125.0.0/16

    Used by DNS to resolve domain names, for example, the OBS domain name for downloading the Agent installation package, and the Cloud Eye endpoint for sending monitoring data to Cloud Eye.

    1

    Allow

    IPv4

    UDP

    53

    100.125.0.0/16

    Used by DNS to resolve domain names, for example, the OBS domain name for downloading the Agent installation package, and the Cloud Eye endpoint for sending monitoring data to Cloud Eye.

    1

    Allow

    IPv4

    TCP

    443

    100.125.0.0/16

    Used to collect monitoring data and send the data to Cloud Eye.

Configuring host resolution in the private DNS scenario

If an instance uses an on-premises DNS, the Cloud Eye Agent installation package cannot be downloaded, and the metrics and plug-in status cannot be reported because the OBS and Cloud Eye backend domain names can't be resolved. In this case, you need to configure host resolution for the OBS and Cloud Eye backend domain names.

This section uses an ECS as an example to describe how to configure host resolution in the private DNS scenario. The procedure for a BMS is similar.

  1. Check the OBS and Cloud Eye backend domain names in the current region.
    1. Log in to the Cloud Eye console.
    2. In the navigation pane, choose Server Monitoring > Elastic Cloud Server.
    3. Click Usage Guide in the upper right corner of the Server Monitoring page. On the displayed page, click manually install the Agent.
      Figure 7 Agent installation guide
    4. Obtain the Agent installation command in Procedure.
      The installation address of CN North-Beijing4 is used as an example. In the installation command, uniagent-cn-north-4.obs.cn-north-4.myhuaweicloud.com is the OBS domain name. Check whether the -d parameter is found in the installation command. If yes, the domain name following -d is the Cloud Eye backend domain name of the current region. If no, the default value agent.ces.myhuaweicloud.com is used. 
      cd /usr/local && curl -k -O https://uniagent-cn-north-4.obs.cn-north-4.myhuaweicloud.com/package/agent_install.sh && bash agent_install.sh -r cn-north-4 -u 0.2.1 -t 2.7.5 -o myhuaweicloud.com
  2. Check the resolution addresses of the OBS and Cloud Eye backend domain names.
    1. Log in to the ECS and run the ping command to obtain the OBS and CES backend domain names. For CN North-Beijing4:
      Resolution address of the OBS domain name 
      ping uniagent-cn-north-4.obs.cn-north-4.myhuaweicloud.com

      Resolution address of the Cloud Eye backend domain name

      ping agent.ces.myhuaweicloud.com

      If there is no response after you run the ping command, the current host may fail to resolve the IP address. In this case, purchase an ECS with any Huawei Cloud official image and perform DNS resolution.

      Figure 8 Running the ping command
  3. Modify the hosts file to configure host resolution for the OBS and Cloud Eye backend domain names.

    Configuring host resolution for Linux ECSs

    1. Log in to the ECS for installing the Agent as user root.
    2. Open and edit the hosts file. 
      vi /etc/hosts
    3. Add the IP address and domain name obtained in step 2 to the file. The following uses CN North-Beijing4 as an example. 
      100.125.81.190 uniagent-cn-north-4.obs.cn-north-4.myhuaweicloud.com
100.125.21.250 agent.ces.myhuaweicloud.com
    4. Enter :wq and press Enter to save the settings and exit.
      Figure 9 Configuring host resolution for Linux ECSs

    Configuring host resolution for Windows ECSs

    1. Go to the C:\Windows\System32\drivers\etc directory.
    2. Edit the hosts file, add the IP address and domain name obtained in step 2 to the file. The following uses CN North-Beijing4 as an example.
    100.125.81.190 uniagent-cn-north-4.obs.cn-north-4.myhuaweicloud.com
100.125.21.250 agent.ces.myhuaweicloud.com
Parent Topic: Cloud Eye Plug-in (Agent)