Red Hat Summit第4章 Configuring Capsule Server with External Services
If you do not want to configure the DNS, DHCP, and TFTP services on Capsule Server, use this section to configure your Capsule Server to work with external DNS, DHCP and TFTP services.
4.1. Configuring Capsule Server with External DNS
You can configure Capsule Server with external DNS. Capsule Server uses the nsupdate utility to update DNS records on the remote server.
To make any changes persistent, you must enter the satellite-installer command with the options appropriate for your environment.
Prerequisites
- You must have a configured external DNS server.
Procedure
Install the
bind-utilspackage:# yum install bind bind-utilsCopy the
/etc/rndc.keyfile from the external DNS server to Capsule Server:# scp root@dns.example.com:/etc/rndc.key /etc/rndc.keyConfigure the ownership, permissions, and SELinux context:
# restorecon -v /etc/rndc.key # chown -v root:named /etc/rndc.key # chmod -v 640 /etc/rndc.keyTo test the
nsupdateutility, add a host remotely:# echo -e "server DNS_IP_Address\n \ update add aaa.virtual.lan 3600 IN A Host_IP_Address\n \ send\n" | nsupdate -k /etc/rndc.key # nslookup aaa.virtual.lan DNS_IP_Address # echo -e "server DNS_IP_Address\n \ update delete aaa.virtual.lan 3600 IN A Host_IP_Address\n \ send\n" | nsupdate -k /etc/rndc.keyAssign the
foreman-proxyuser to thenamedgroup manually. Normally, satellite-installer ensures that theforeman-proxyuser belongs to thenamedUNIX group, however, in this scenario Satellite does not manage users and groups, therefore you need to assign theforeman-proxyuser to thenamedgroup manually.# usermod -a -G named foreman-proxyEnter the
satellite-installercommand to make the following persistent changes to the/etc/foreman-proxy/settings.d/dns.ymlfile:# satellite-installer --foreman-proxy-dns=true \ --foreman-proxy-dns-managed=false \ --foreman-proxy-dns-provider=nsupdate \ --foreman-proxy-dns-server="DNS_IP_Address" \ --foreman-proxy-keyfile=/etc/rndc.key \ --foreman-proxy-dns-ttl=86400Restart the foreman-proxy service:
# systemctl restart foreman-proxy- Log in to the Satellite Server web UI.
- Navigate to Infrastructure > Capsules, locate the Capsule Server, and from the list in the Actions column, select Refresh.
- Associate the DNS service with the appropriate subnets and domain.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}