主页
产品
Red Hat Enterprise Linux
10
Working with DNS in Identity Management
8.5. Ensuring the presence of multiple DNS records in IdM using Ansible

8.5. Ensuring the presence of multiple DNS records in IdM using Ansible

Follow this procedure to use an Ansible playbook to ensure that multiple values are associated with a particular IdM DNS record. In the example used in the procedure below, an IdM administrator ensures the presence of multiple A records for host1 in the idm.example.com DNS zone.

Prerequisites

You have configured your Ansible control node to meet the following requirements:
- You are using Ansible version 2.15 or later.
- You have installed the ansible-freeipa package.
- The example assumes that in the ~/MyPlaybooks/ directory, you have created an Ansible inventory file with the fully-qualified domain name (FQDN) of the IdM server.
- The example assumes that the secret.yml Ansible vault stores your ipaadmin_password and that you have access to a file that stores the password protecting the secret.yml file.
The target node, that is the node on which the freeipa.ansible_freeipa module is executed, is part of the IdM domain as an IdM client, server or replica.
The idm.example.com zone exists and is managed by IdM DNS. For more information about adding a primary DNS zone in IdM DNS, see Using Ansible playbooks to manage IdM DNS zones.

Procedure

Navigate to the /usr/share/ansible/collections/ansible_collections/freeipa/ansible_freeipa/playbooks/dnsrecord directory:
```
$ cd /usr/share/ansible/collections/ansible_collections/freeipa/ansible_freeipa/playbooks/dnsrecord
```
Make a copy of the ensure-presence-multiple-records.yml Ansible playbook file. For example:
```
$ cp ensure-presence-multiple-records.yml ensure-presence-multiple-records-copy.yml
```
Open the ensure-presence-multiple-records-copy.yml file for editing.
Adapt the file by setting the following variables in the freeipa.ansible_freeipa.ipadnsrecord task section:
- Indicate that the value of the ipaadmin_password variable is defined in the secret.yml Ansible vault file.
- In the records section, set the name variable to host1.
- In the records section, set the zone_name variable to idm.example.com.
- In the records section, set the a_rec variable to 192.168.122.112 and to 192.168.122.122.
- Define a second record in the records section:
  - Set the name variable to host1.
  - Set the zone_name variable to idm.example.com.
  - Set the aaaa_rec variable to ::1.
  This is the modified Ansible playbook file for the current example:
```
---
- name: Test multiple DNS Records are present.
  hosts: ipaserver
  become: true
  gather_facts: false

  tasks:
  # Ensure that multiple dns records are present
  - freeipa.ansible_freeipa.ipadnsrecord:
      ipaadmin_password: "{{ ipaadmin_password }}"
      records:
        - name: host1
          zone_name: idm.example.com
          a_rec: 192.168.122.112
          a_rec: 192.168.122.122
        - name: host1
          zone_name: idm.example.com
          aaaa_rec: ::1
```
Save the file.
For details about variables and example playbooks in the FreeIPA Ansible collection, see the /usr/share/ansible/collections/ansible_collections/freeipa/ansible_freeipa/README-dnsrecord.md file and the /usr/share/ansible/collections/ansible_collections/freeipa/ansible_freeipa/playbooks/dnsrecord directory on the control node.

Run the playbook:

$ ansible-playbook --vault-password-file=password_file -v -i inventory.file ensure-presence-multiple-records-copy.yml

8.5. Ensuring the presence of multiple DNS records in IdM using Ansible

学习

尝试、购买和销售

社区

关于红帽文档

让开源更具包容性

關於紅帽

Theme

Red Hat legal and privacy links

Red Hat legal and privacy links