Before installing Cloud Resolver, ensure that the following requirements are met:
Environment requirements
In addition to installing Cloud Resolver, you must also have the following
environments:
- You must have a valid AWS or Azure subscription.
- You must have a BlueCat Edge environment.
Cloud Resolver uses the default system DNS resolver to access the API endpoints of Cloud Service Providers (CSPs). For Linux installations, it uses the /etc/resolv.conf file and for Docker installations, it uses the Docker network settings.
When Cloud Resolver is deployed in Azure, the default DNS resolver is the Azure DNS IP address of 168.63.129.16.
When Cloud Resolver is deployed in AWS, the default DNS resolver is the .2 IP address of the VPC.
Platform requirements
Cloud Resolver can be deployed on one of the following platforms:
- One of the following Linux-based server operating system:
- Debian 10 (Buster) or later
- Ubuntu 20.04 LTS or later
- RedHat Enterprise Linux (RHEL) 7 or later
- CentOS 7 or later
Note: The platform can be physical, virtual, or cloud-based, such as an EC2 instance or VM. - Any platform that supports the deployment of Docker containers.
Installation requirements
The platform that has Cloud Resolver installed must have the following:
- It must be capable of resolving and routing traffic to the cloud provider API endpoints. Endpoints vary based on the Cloud Service Provider and can be accessible through a proxy.
- It must be capable of resolving and routing to public internet locations. These can be accessible through a proxy.
- The Linux platform must allow for the installation of an OS-appropriate
installation package as root. The installation packages are as follows:
- .deb package for Debian/Ubuntu
- .rpm package for RHEL/CentOS
- The Docker container platform must allow for the retrieval of a Docker image from a public Docker registry.
Network requirements
Ensure that the following ports are open on the host machine or firewall to Cloud Resolver:
Source | Destination | Source Port | Destination Port | Protocol | Notes |
---|---|---|---|---|---|
BlueCat Cloud Resolver | Cloud DNS server | Ephemeral port | 53 | TCP | For outbound DNS traffic. |
Cloud DNS server | BlueCat Cloud Resolver | Ephemeral port | 53 | TCP | For inbound DNS traffic. |
BlueCat Cloud Resolver | Cloud DNS server | Ephemeral port | 443 | TCP | For API access to the Cloud environment. |
Client device | BlueCat Cloud Resolver | Ephemeral port | 8080 | TCP | For simple TCP checks to determine whether the service is live. |
Client device | BlueCat Cloud Resolver | Ephemeral port | 8090 | TCP | For verifying whether Kubernetes service is ready. |
Client device | BlueCat Cloud Resolver | Ephemeral port | 9000 | TCP | For accessing the Cloud Resolver web delivered diagnostics. For more information on Cloud Resolver diagnostics, refer to Viewing the Cloud Resolver diagnostics endpoint. |
Client device | BlueCat Cloud Resolver | Ephemeral port | 9050 | TCP | For creating a snapshot of the current DNS zone and resource record information, and configuration information of Cloud Resolver. For more information on snapshots, refer to Creating a snapshot. |
Client device | BlueCat Cloud Resolver | Ephemeral port | 9090 | TCP | For pulling data to Prometheus. |