Red Hat Summit Red Hat SummitSuporteConsoleDesenvolvedoresComeçar um testeContato

Este conteúdo não está disponível no idioma selecionado.

Chapter 3. Install and Configure Bind9

These steps install Bind9, and then configure integration with DNSaaS.

3.1. Basic BIND Installation
Copiar o link

1. Install the BIND packages: 

# yum install bind bind-utils
Copy to Clipboard Toggle word wrap

2. Configure named to listen for incoming connections: 

# cp /etc/named.conf /etc/named.conf.orig
# sed -i -e "s/listen-on port.*/listen-on port 53 { 127.0.0.1; 192.168.100.20; };/" /etc/named.conf
Copy to Clipboard Toggle word wrap

3.2. Configure BIND
Copiar o link

1. Write to /etc/rndc.key: 

# rndc-confgen -a
Copy to Clipboard Toggle word wrap

2. Add the following before options 

# sed -i '/^options.*/i \
include "/etc/rndc.key"; \
controls { \
        inet 127.0.0.1 allow { localhost; } keys { "rndc-key"; }; \
};' /etc/named.conf
Copy to Clipboard Toggle word wrap

3. Remove a few existing options you will rewrite later: 

# sed -i '/allow-query.*/d' /etc/named.conf
# sed -i '/recursion.*/d' /etc/named.conf
Copy to Clipboard Toggle word wrap

4. Add the following after options: 

# sed -i '/^options.*/a \
        allow-new-zones yes; \
        allow-query { any; }; \
        recursion no;' /etc/named.conf
Copy to Clipboard Toggle word wrap

5. Create the rndc configuration. For the Compute node, the rndc configuration must point to the DNS server. For example: 

# cat << EOF > /etc/rndc.conf
include "/etc/rndc.key";
options {
        default-key "rndc-key";
        default-server 192.168.100.20;
        default-port 953;
};
EOF
Copy to Clipboard Toggle word wrap

6. Review the named configuration: 

# named-checkconf /etc/named.conf
Copy to Clipboard Toggle word wrap

7. Correct the file permissions: 

# setsebool -P named_write_master_zones on
# chmod g+w /var/named
# chown named:named /etc/rndc.conf
# chown named:named /etc/rndc.key
# chmod 600 /etc/rndc.key
Copy to Clipboard Toggle word wrap

8. Enable and start the named service: 

# systemctl enable named
# systemctl start named
Copy to Clipboard Toggle word wrap

9. Validate named and rndc: 

# dig @localhost localhost
# rndc status
Copy to Clipboard Toggle word wrap

3.3. Configure the DNSaaS Pool Target for BIND
Copiar o link

1. Set the pool target configuration: 

$ crudini --set /etc/designate/designate.conf pool_target:$target_id type bind9
$ crudini --set /etc/designate/designate.conf pool_target:$target_id options "rndc_host: 192.168.100.20, rndc_port: 953, rndc_config_file: /etc/rndc.conf, rndc_key_file: /etc/rndc.key"
$ crudini --set /etc/designate/designate.conf pool_target:$target_id masters 192.168.100.20:5354
Copy to Clipboard Toggle word wrap

2. Restart DNSaaS to apply your pool changes: 

# systemctl restart designate-api
# systemctl restart designate-central
# systemctl restart designate-mdns
# systemctl restart designate-pool-manager
# systemctl restart designate-sink
Copy to Clipboard Toggle word wrap

3.4. Test BIND
Copiar o link

1. Perform the diagnostic commands below: 

# netstat -tap | grep named
# netstat -tulpn | grep 53
# dig @192.168.100.20
Copy to Clipboard Toggle word wrap

2. Check the DNSaaS Logs for errors. Ignore errors in Sink for now, as you have not modified its configuration. 

# cd /var/log/designate
# tail api.log
# tail central.log
# tail mdns.log
# tail pool-manager.log
# tail sink.log
Copy to Clipboard Toggle word wrap

3.5. Test DNSaaS integration with BIND9
Copiar o link

1. Create an entry for your server: 

# designate server-create --name $(hostname).
Copy to Clipboard Toggle word wrap

2. Verify your DNS server record was previously created: 

# designate server-list
Copy to Clipboard Toggle word wrap

3. Create a domain (don’t forget the . at the end of the --name option) 

# designate domain-list
# designate domain-create --name example.com. --email root@example.com
# DOMAINID=$(designate domain-list | grep example.com | awk '{print $2}')
Copy to Clipboard Toggle word wrap
Note

When creating a domain from designate against BIND, it is basically running a command similiar to this: 

# rndc -s 192.168.122.41 -p 953 -c /etc/rndc.conf -k /etc/rndc.key addzone example.com '{ type slave; masters { 192.168.122.41 port 5354; }; file "slave.example.com.ff532e15-55a9-4966-8f1e-b3eddb2891ba"; };'
Copy to Clipboard Toggle word wrap

4. Create a record and test lookup (don’t forget the . at the end of the --name option) 

# designate record-create --name server1.example.com. --type A --data 1.2.3.4 $DOMAINID
# dig +short -p 53 @192.168.100.20 server1.example.com A
Copy to Clipboard Toggle word wrap

3.6. Configure auto-generation of DNS records (nova fixed and neutron floating)
Copiar o link

1. Modify the DNSaaS configuration for the example domain: 

$ crudini --set /etc/designate/designate.conf handler:nova_fixed domain_id $DOMAINID
$ crudini --set /etc/designate/designate.conf handler:neutron_floatingip domain_id $DOMAINID
# systemctl restart designate-api
# systemctl restart designate-central
# systemctl restart designate-mdns
# systemctl restart designate-pool-manager
# systemctl restart designate-sink
Copy to Clipboard Toggle word wrap

2. Test OpenStack Compute (nova) record creation: 

# glance image-list
# neutron net-list
# nova boot testserver --flavor m1.tiny --image cirros-0.3.4-x86_64 --key-name yourkey --security-groups default --nic net-id=<Private Net ID>
Copy to Clipboard Toggle word wrap

3. Check the Sink log:

Once the instance is up, you should see a create_record entry, if it has picked up the notification correctly: 

# tail /var/log/designate/sink.log
Copy to Clipboard Toggle word wrap

Check in BIND 

# dig +short @192.168.100.20 testserver.example.com
Copy to Clipboard Toggle word wrap

If this doesn’t work, you can also check the files in /var/named.

3.7. Test OpenStack Networking floating IP record creation
Copiar o link

1. Perform the diagnostic commands below (replace pubnet1 with a name appropriate for your environment): 

# FLOATINGIP=$(neutron floatingip-create pubnet1 | grep floating_ip_address | awk '{print $4}')
# nova add-floating-ip testserver $FLOATINGIP
# DNSRESULT=$(echo $FLOATINGIP |sed 's/\./-/g').example.com
# dig +short @192.168.100.20 $DNSRESULT
Copy to Clipboard Toggle word wrap

2. You should see a create_record event in the log file: 

# tail /var/log/designate/sink.log
Copy to Clipboard Toggle word wrap

3.8. Cleanup OpenStack Networking and Compute DNS entries
Copiar o link

1. Remove the test floating IP created previously: 

# nova remove-floating-ip testserver $FLOATINGIP
Copy to Clipboard Toggle word wrap

2. You should see a delete_record event in the log file: 

# tail /var/log/designate/sink.log
Copy to Clipboard Toggle word wrap

And the record should now be removed.

3. Remove the testserver created previously: 

# designate record-list $DOMAINID
# nova delete testserver
Copy to Clipboard Toggle word wrap

You should see another delete_record entry in the log file: 

# tail /var/log/designate/sink.log
Copy to Clipboard Toggle word wrap
Voltar ao topo
Red Hat logoGithubredditYoutubeTwitter

Aprender

Experimente, compre e venda

Comunidades

Sobre a documentação da Red Hat

Ajudamos os usuários da Red Hat a inovar e atingir seus objetivos com nossos produtos e serviços com conteúdo em que podem confiar. Explore nossas atualizações recentes.

Tornando o open source mais inclusivo

A Red Hat está comprometida em substituir a linguagem problemática em nosso código, documentação e propriedades da web. Para mais detalhes veja o Blog da Red Hat.

Sobre a Red Hat

Fornecemos soluções robustas que facilitam o trabalho das empresas em plataformas e ambientes, desde o data center principal até a borda da rede.

Theme

© 2025 Red Hat