Ansible高级应用--创建DDNS (动态域名解析)

Ansible高级应用–创建DDNS

运行环境bind-dns docker
[root@localhost bind]# more start-docker.sh
#!/bin/bash
sudo ls
current_file_path=$(cd"$(dirname “$0”)"; pwd)
cd ${current_file_path}

docker stop bind
docker rm bind
sudo firewall-cmd --permanent --zone=public --add-port=53/tcp
sudo firewall-cmd --permanent --zone=public --add-port=53/udp
sudo firewall-cmd --permanent --zone=public --add-port=80/tcp
sudo firewall-cmd --permanent --zone=public --add-port=443/tcp
sudo firewall-cmd --permanent --zone=public --add-port=1000/tcp
sudo firewall-cmd --reload

docker run --name bind -d --restart=always
–publish 53:53/tcp
–publish 53:53/udp
–publish 1000:10000/tcp
–dns 114.114.114.114
-h dnsserver
-v /etc/localtime:/etc/localtime
-v pwd/tsig:/var/tsig
-v pwd/data:/data
sameersbn/bind:9.11.3-20180713

#注意 启动后需要手动生成对应域名的update key，具体请见bind相关文档。

## - name: “#动态创建/修改DNS 记录 (DDNS) 当域名没有解析或解析不正确时才添加解析. the current host is {{ansible_hostname}}. create A record {{ item.name }}–>ip:{{ item.ip }}”
## nsupdate:
## key_name: “{{dnsconfig[‘key_name’]}}”
## key_secret: “{{dnsconfig[‘dns_update_key’]}}”
## server: “{{commonsetting[‘citybox_work_network’][‘dnsserver1’]}}”
## zone: “{{dnsconfig[‘zone’]}}”
## record: “{{item.name.split(’.’)[0]}}”
## value: “{{ item.ip }}”
## with_items: “{{ hostdict[‘hadoop-namenode-hosts’] }} + {{ hostdict[‘hadoop-datanode-hosts’] }} + {{ hostdict[‘zookeeper-hosts’] }}”
## when: lookup(‘dig’, item.name) != item.ip

或者更精简方式: 请参考上一篇 Ansible高级应用–使用动态hosts, 关于如何根据input.yml 动态创建动态hosts

- name: "动态修改DNS记录(DDNS)当域名没有解析或解析不正确时才添加解析 the current host is {{ansible_hostname}}. create A record {{ item.name }}-->ip:{{ item.ip }}"
  nsupdate:
    key_name: "{{dnsconfig['key_name']}}"
    key_secret: "{{dnsconfig['dns_update_key']}}"
    server: "{{commonsetting['citybox_work_network']['dnsserver1']}}"
    zone: "{{dnsconfig['zone']}}"
    record: "{{item.split(':')[1].split('.')[0]}}"
    value: "{{item.split(':')[2]}}"
  with_items: "{{group_domain_ip_user_password_list}}"
  when:  lookup('dig', item.split(':')[1]) != item.split(':')[2]
  #当域名没有解析或解析不正确时才添加解析