Red Hat Summit第4章 Configuring Capsule Server with External Services
If you do not want to configure the DNS, DHCP, and TFTP services on Capsule Server, use this section to configure your Capsule Server to work with external DNS, DHCP and TFTP services.
4.1. Configuring Capsule Server with External DNS
You can configure Capsule Server with external DNS. Capsule Server uses the nsupdate utility to update DNS records on the remote server.
To make any changes persistent, you must enter the satellite-installer command with the options appropriate for your environment.
Prerequisites
- You must have a configured external DNS server.
Procedure
Install the
bind-utilspackage:yum install bind bind-utils
# yum install bind bind-utilsCopy to Clipboard Copied! Toggle word wrap Toggle overflow Copy the
/etc/rndc.keyfile from the external DNS server to Capsule Server:scp root@dns.example.com:/etc/rndc.key /etc/rndc.key
# scp root@dns.example.com:/etc/rndc.key /etc/rndc.keyCopy to Clipboard Copied! Toggle word wrap Toggle overflow Configure the ownership, permissions, and SELinux context:
restorecon -v /etc/rndc.key chown -v root:named /etc/rndc.key chmod -v 640 /etc/rndc.key
# restorecon -v /etc/rndc.key # chown -v root:named /etc/rndc.key # chmod -v 640 /etc/rndc.keyCopy to Clipboard Copied! Toggle word wrap Toggle overflow To test the
nsupdateutility, add a host remotely:Copy to Clipboard Copied! Toggle word wrap Toggle overflow Assign the
foreman-proxyuser to thenamedgroup manually. Normally, satellite-installer ensures that theforeman-proxyuser belongs to thenamedUNIX group, however, in this scenario Satellite does not manage users and groups, therefore you need to assign theforeman-proxyuser to thenamedgroup manually.usermod -a -G named foreman-proxy
# usermod -a -G named foreman-proxyCopy to Clipboard Copied! Toggle word wrap Toggle overflow Enter the
satellite-installercommand to make the following persistent changes to the/etc/foreman-proxy/settings.d/dns.ymlfile:Copy to Clipboard Copied! Toggle word wrap Toggle overflow Restart the foreman-proxy service:
systemctl restart foreman-proxy
# systemctl restart foreman-proxyCopy to Clipboard Copied! Toggle word wrap Toggle overflow - Log in to the Satellite Server web UI.
- Navigate to Infrastructure > Capsules, locate the Capsule Server, and from the list in the Actions column, select Refresh.
- Associate the DNS service with the appropriate subnets and domain.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}