2.1.1 前言介绍
- 安装DNS服务有多种方式,例如:Yum、源码编译
- Yum的方式相对简单,适合新手快速部署,但目录结构相对分散,且版本受限于官方base源
- 源码编译相对繁琐,但可以根据个人需求定义安装路径、编译参数等,适合有一定Linux基础的运维人员。
官方下载地址:https://www.isc.org/download/#
- DNS服务选择在 pg60-11.k8s.host.com(主) 、pg60-12.k8s.host.com(备) 虚机实例上部署。
2.1.2 源码编译安装bind9
shell> cd /usr/local/src
shell> wget https://downloads.isc.org/isc/bind9/9.11.18/bind-9.11.18.tar.gz
shell> tar -zxf bind-9.11.*.tar.gz
shell> cd bind-9.11.*
shell> ./configure --prefix=/opt/named/ --enable-threads --enable-querytrace --enable-full-report --without-python
shell> make && make install
shell> wget http://dlsw.91donkey.com/software/source/dns/named.root -O /opt/named/named.root
shell> wget http://dlsw.91donkey.com/software/source/dns/rndc.conf -O /opt/named/etc/rndc.conf
# 编译安装后,进行dns主从相关配置,配置过程略,完成后继续后续步骤。
shell> mkdir -p /export/named/data/{test,dev,public}
shell> touch /export/named/data/{dev,test,public}/query_cache.db
shell> touch /export/named/data/query_cache.db
shell> touch /export/named/data/idc_trans_query_cache.db
shell> mkdir -p /export/named/logs/
shell> mkdir -p /opt/named/etc/{public,test,dev}/
# 检查 named.conf 配置是否正确
shell> /opt/named/sbin/named-checkconf
shell> /opt/named/sbin/named -c /opt/named/etc/named.conf
# 如果出现 named-checkconf 检查不报错,但进程也仍然起不来的时候,查看 /var/log/messages 日志内容。
2.1.3 创建主机域host.com
- 区域配置文件
# master named.conf 部分节选
zone "host.com" IN {
type master;
allow-update { none; };
check-names ignore;
file "etc/public/host.com.zone";
};
# slave named.conf 部分节选
zone "host.com" IN {
type slave;
masters { 10.20.60.11; };
check-names ignore;
file "etc/public/host.com.zone";
masterfile-format text;
};
- 配置区域数据文件(只在master上配置)
- 配置主机域数据文件
shell> cat /opt/named/etc/public/host.com.zone
$TTL 300
host.com. 10 IN SOA ns1.host.com. root.ns1.host.com. ( 1551260864 1800 600 1w 300 )
host.com. 10 IN NS ns1.host.com.
host.com. 10 IN NS ns2.host.com.
ns1.host.com. 10 IN A 10.20.60.11
ns2.host.com. 10 IN A 10.20.60.12
pg60-11.k8s 10 IN A 10.20.60.11
pg60-12.k8s 10 IN A 10.20.60.12
pg60-21.k8s 10 IN A 10.20.60.21
pg60-22.k8s 10 IN A 10.20.60.22
pg60-23.k8s 10 IN A 10.20.60.23
pg60-200.k8s 10 IN A 10.20.60.200
- 重新加载主和从上的dns服务
shell> /opt/named/sbin/rndc reload
2.1.4 创建业务域91donkey.com
- 区域配置文件
# master named.conf 部分节选
zone "91donkey.com" IN {
type master;
allow-update { none; };
check-names ignore;
file "etc/public/91donkey.com.zone";
};
# slave named.conf 部分节选
zone "91donkey.com" IN {
type slave;
masters { 10.20.60.11; };
check-names ignore;
file "etc/public/91donkey.com.zone";
masterfile-format text;
};
- 配置区域数据文件(只在master上配置)
- 配置业务域数据文件
shell> cat /opt/named/etc/public/91donkey.com.zone
$TTL 300
91donkey.com. 10 IN SOA ns1.91donkey.com. root.ns1.91donkey.com. ( 1551260863 1800 600 1w 300 )
91donkey.com. 10 IN NS ns1.91donkey.com.
91donkey.com. 10 IN NS ns2.91donkey.com.
ns1.91donkey.com. 10 IN A 10.20.60.11
ns2.91donkey.com. 10 IN A 10.20.60.12
harbor.k8s 10 IN A 10.20.60.200
- 重新加载主和从上的dns服务
shell> /opt/named/sbin/rndc reload
2.1.5 测试配置是否生效
shell> dig -t A pg60-11.k8s.host.com @10.20.60.11 +short
10.20.60.11
2.1.6 客户端配置指向自建DNS
- 在各虚机的 ifcfg-eth0 中增加配置项
shell> echo -e "DNS1=10.20.60.11\nDNS2=10.20.60.12" >> /etc/sysconfig/network-scripts/ifcfg-eth0
shell> systemctl restart network