AWS console(EC2 dashboard) shows public DNS name as ec2-99-xx-xx-xx.ca-central-1.compute.amazonaws.com for an EC2 instance.
But the same AWS EC2 has a different DNS name (shown below):
$ hostname -f ip-172-xx-xx-xx.ca-central-1.compute.internal compared to DNS name shown at AWS console.
EC2 is created in default VPC.
AWS documentation says... When you launch an instance, we allocate a primary private IPv4 address for the instance. Each instance is also given an internal DNS hostname that resolves to the primary private IPv4 address; for example, ip-10-251-50-12.ec2.internal. You can use the internal DNS hostname for communication between instances in the same VPC, but we can't resolve the internal DNS hostname outside of the VPC.
Each instance that receives a public IP address is also given an external DNS hostname; for example, ec2-203-0-113-25.compute-1.amazonaws.com. We resolve an external DNS hostname to the public IP address of the instance from outside its VPC, and to the private IPv4 address of the instance from inside its VPC. The public IP address is mapped to the primary private IP address through network address translation (NAT)
We need to submit CSR to create server certificate for docker daemon running on AWS EC2.
Not sure which one dns name to prefer, hostname -f or public dns name given in AWS console?
{ "CN": "somehostname.somepublicdns.com", "hosts": [ "somehostname.somepublicdns.com", "99.xx.xx.xx" ] } hostname -f has different domain compared to DNS name shown in AWS console.
1) Which DNS name should be assigned to CN attribute? ip-172-xx-xx-xx.ca-central-1.compute.internal or ec2-99-xx-xx-xx.ca-central-1.compute.amazonaws.com
2) If CN is ip-172-xx-xx-xx.ca-central-1.compute.internal then , does remote docker client connect with docker daemon after setting export DOCKER_HOST=tcp://ec2-99-xx-xx-xx.ca-central-1.compute.amazonaws.com DOCKER_TLS_VERIFY=1?
