{"id":610,"date":"2017-08-20T01:42:56","date_gmt":"2017-08-19T23:42:56","guid":{"rendered":"https:\/\/blog.unetresgrossebite.com\/?p=610"},"modified":"2017-08-20T02:10:13","modified_gmt":"2017-08-20T00:10:13","slug":"highwaytohell","status":"publish","type":"post","link":"https:\/\/blog.unetresgrossebite.com\/?p=610","title":{"rendered":"HighWayToHell"},"content":{"rendered":"<p>Quick post promoting <a href=\"https:\/\/github.com\/faust64\/highwaytohell\" target=\"_blank\">HighWayToHell<\/a>, a project I posted to GitHub recently, aiming to provide with a self-hosted Route53 alternative, that would include DNSSEC support.<\/p>\n<p>Assuming you may not be familiar with Route53, the main idea is to generate DNS zones configuration based on conditionals.<\/p>\n<div id=\"attachment_612\" style=\"width: 310px\" class=\"wp-caption alignright\"><a href=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-healthcheck.png\"><img aria-describedby=\"caption-attachment-612\" decoding=\"async\" loading=\"lazy\" src=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-healthcheck-300x132.png\" alt=\"edit health check\" width=\"300\" height=\"132\" class=\"size-medium wp-image-612\" srcset=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-healthcheck-300x132.png 300w, https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-healthcheck-768x339.png 768w, https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-healthcheck-1024x452.png 1024w, https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-healthcheck.png 1366w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><p id=\"caption-attachment-612\" class=\"wp-caption-text\">edit health check<\/p><\/div>\n<p>We would then try to provide with a lightweight web service to manage DNS zones, their records, health checks and notifications. Contrarily to Route53: we would implement DNSSEC support.<\/p>\n<div id=\"attachment_613\" style=\"width: 310px\" class=\"wp-caption alignleft\"><a href=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/hwth-distribution.png\"><img aria-describedby=\"caption-attachment-613\" decoding=\"async\" loading=\"lazy\" src=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/hwth-distribution-300x105.png\" alt=\"HighWayToHell distribution\" width=\"300\" height=\"105\" class=\"size-medium wp-image-613\" srcset=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/hwth-distribution-300x105.png 300w, https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/hwth-distribution-768x268.png 768w, https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/hwth-distribution-1024x357.png 1024w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><p id=\"caption-attachment-613\" class=\"wp-caption-text\">HighWayToHell distribution<\/p><\/div>\n<p>HighWayToHell works with a Cassandra cluster storing persistent records, and at least one Redis server (pubsub, job queues, ephemeral tokens). Operations are split in four workers: one in charge of running health checks, an other one of sending notifications based on health checks last returned values and user-defined thresholds, a third one is in charge of generating DNS (bind or NSD) zone include files and zones configurations, the last worker implements an API gateway providing with a lightweight web app.<\/p>\n<p>Theoretically, it could all run on one server, although hosting a DNS setup, you&#8217;ll definitely want to involve at least a pair of name servers, and probably want to use separate instances running your web frontend, or dealing with health checks.<\/p>\n<div id=\"attachment_622\" style=\"width: 310px\" class=\"wp-caption alignright\"><a href=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/list-records.png\"><img aria-describedby=\"caption-attachment-622\" decoding=\"async\" loading=\"lazy\" src=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/list-records-300x54.png\" alt=\"list records\" width=\"300\" height=\"54\" class=\"size-medium wp-image-622\" srcset=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/list-records-300x54.png 300w, https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/list-records-768x138.png 768w, https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/list-records-1024x184.png 1024w, https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/list-records.png 1366w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><p id=\"caption-attachment-622\" class=\"wp-caption-text\">list records<\/p><\/div>\n<p>Having created your first account, registered your first domain, you would be able to define your first health checks and DNS records.<\/p>\n<div id=\"attachment_616\" style=\"width: 310px\" class=\"wp-caption alignleft\"><a href=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-record.png\"><img aria-describedby=\"caption-attachment-616\" decoding=\"async\" loading=\"lazy\" src=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-record-300x131.png\" alt=\"add record\" width=\"300\" height=\"131\" class=\"size-medium wp-image-616\" srcset=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-record-300x131.png 300w, https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-record-768x336.png 768w, https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-record-1024x448.png 1024w, https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-record.png 1366w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><p id=\"caption-attachment-616\" class=\"wp-caption-text\">update record<\/p><\/div>\n<p>You may grant third-party users with a specific roles accessing resources from your domains. You may enable 2FA on your accounts using apps such as Authy. You may create and manage tokens &#8211; to be used alongside our curl-based shell client, &#8230;<\/p>\n<div id=\"attachment_627\" style=\"width: 310px\" class=\"wp-caption alignright\"><a href=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-authorization.png\"><img aria-describedby=\"caption-attachment-627\" decoding=\"async\" loading=\"lazy\" src=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-authorization-300x72.png\" alt=\"delegate management\" width=\"300\" height=\"72\" class=\"size-medium wp-image-627\" srcset=\"https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-authorization-300x72.png 300w, https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-authorization-768x186.png 768w, https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-authorization-1024x247.png 1024w, https:\/\/blog.unetresgrossebite.com\/wp-content\/uploads\/2017\/08\/add-edit-authorization.png 1366w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><p id=\"caption-attachment-627\" class=\"wp-caption-text\">delegate management<\/p><\/div>\n<p>This is a couple weeks old project I didn&#8217;t have much time to work on, yet it should be exhaustive and reliable enough to fulfill my original expectations. Eventually, I&#8217;ll probably add an API-less management CLI: there still is at least one step, starting your database, that still requires inserting records manually, &#8230;<\/p>\n<p>Curious to know more? See our <a href=\"https:\/\/github.com\/faust64\/highwaytohell\/blob\/master\/QUICKSTART.md\" target='top'>QuickStart<\/a> docs!<\/p>\n<p>Any remark, bug-report or PR most welcome. Especially CSS contributions &#8211; as this is one of the rare topic I can&#8217;t bear having to deal with.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Quick post promoting HighWayToHell, a project I posted to GitHub recently, aiming to provide with a self-hosted Route53 alternative, that would include DNSSEC support. Assuming you may not be familiar with Route53, the main idea is to generate DNS zones configuration based on conditionals. We would then try to provide with a lightweight web service [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[12,10,6,2],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=\/wp\/v2\/posts\/610"}],"collection":[{"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=610"}],"version-history":[{"count":14,"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=\/wp\/v2\/posts\/610\/revisions"}],"predecessor-version":[{"id":630,"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=\/wp\/v2\/posts\/610\/revisions\/630"}],"wp:attachment":[{"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=610"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=610"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.unetresgrossebite.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=610"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}