主从dns+nfs+nginx综合实验
目录
1.实验要求
2.配置主DNS1
安装bind软件
编辑主配置文件
编辑区域数据文件
检查配置文件和区域文件是否有误
重启服务
测试dns1是否生效
3.配置从DNS2
安装bind
编辑从DNS2的主配置文件
防火墙放行
测试dns2
4.配置nfs服务
创建共享目录写入指定内容,并编辑共享配置文件
5.web服务配置
下载nginx软件
挂载共享目录到nginx的默认页面
6.客服端配置
安装bind-utils
客户端测试
7.配置时间同步(所有虚拟机)
安装软件chrony
编辑 /etc/chrony.conf 文件修改为公共时间服务器
重启并设置开机自启服务
检查时间同步
8.开启防火墙并允许相关服务(所有虚拟机)
开启防火墙并设置开机自启
允许nginx服务
允许nfs服务
允许dns服务
重载防火墙
服务搭建完成
1.实验要求
2.配置主DNS1
安装bind软件
[root@dns1 etc]# yum install -y bind编辑主配置文件
监听端口为本机,以及allow-query 为所有人any,添加区域块zone "nihao.com" IN
[root@dns1 var]# cd /etc
[root@dns1 etc]# cat named.conf
options {
listen-on port 53 { 192.168.193.18; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
secroots-file "/var/named/data/named.secroots";
recursing-file "/var/named/data/named.recursing";
allow-query { any; };
zone "nihao.com" IN {
type master;
file "named.nihao.com";
};
编辑区域数据文件
将模板文件:/var/named/named.localhost复制一份新的进行编写
[root@dns1 named]# cp -a named.localhost named.nihao.com
[root@dns1 etc]# cd /var/named
[root@dns1 named]# ls
data named.ca named.localhost named.nihao.com
dynamic named.empty named.loopback slaves
[root@dns1 named]# cat named.nihao.com
$TTL 1D
@ IN SOA dns1.nihao.com. admin.nihao.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS dns1.nihao.com.
@ IN NS dns2.nihao.com.
dns1 IN A 192.168.193.18
dns2 IN A 192.168.193.28
www IN A 192.168.193.8
检查配置文件和区域文件是否有误
[root@dns1 named]# named-checkconf
[root@dns1 named]# named-checkzone named.nihao.com /var/named/named.nihao.com
zone named.nihao.com/IN: loaded serial 0
OK
重启服务
[root@dns1 ~]# systemctl restart named
测试dns1是否生效
[root@dns1 etc]# dig -t NS nihao.com @192.168.193.18
; <<>> DiG 9.16.23-RH <<>> -t NS nihao.com @192.168.193.18
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41747
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 87f6e41bf9ea9c290100000067d93f6dffbce0e7f3b734d1 (good)
;; QUESTION SECTION:
;nihao.com. IN NS
;; ANSWER SECTION:
nihao.com. 86400 IN NS dns2.nihao.com.
nihao.com. 86400 IN NS dns1.nihao.com.
;; ADDITIONAL SECTION:
dns1.nihao.com. 86400 IN A 192.168.193.18
dns2.nihao.com. 86400 IN A 192.168.193.28
;; Query time: 0 msec
;; SERVER: 192.168.193.18#53(192.168.193.18)
;; WHEN: Tue Mar 18 17:39:57 CST 2025
;; MSG SIZE rcvd: 136
3.配置从DNS2
安装bind
[root@dns2 ~]# yum install -y bind
编辑从DNS2的主配置文件
[root@dns2 etc]# cat named.conf
options {
listen-on port 53 { 192.168.193.28; };
listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
secroots-file "/var/named/data/named.secroots";
recursing-file "/var/named/data/named.recursing";
allow-query { any; };
zone "nihao.com" IN {
type slave;
masters { 192.168.193.18; };
file "slave.nihao.com";
};
防火墙放行
[root@dns2 ~]# firewall-cmd --permanent --add-service=dns
success
[root@dns2 ~]# firewall-cmd --reload
success
测试dns2
[root@dns2 ~]# dig -t NS nihao.com @192.168.193.28
; <<>> DiG 9.16.23-RH <<>> -t NS nihao.com @192.168.193.28
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63228
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 3
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 1232
; COOKIE: 033b7539337d95e50100000067d94014d933a1eb48f87ac5 (good)
;; QUESTION SECTION:
;nihao.com. IN NS
;; ANSWER SECTION:
nihao.com. 86400 IN NS dns1.nihao.com.
nihao.com. 86400 IN NS dns2.nihao.com.
;; ADDITIONAL SECTION:
dns1.nihao.com. 86400 IN A 192.168.193.18
dns2.nihao.com. 86400 IN A 192.168.193.28
;; Query time: 1 msec
;; SERVER: 192.168.193.28#53(192.168.193.28)
;; WHEN: Tue Mar 18 17:42:44 CST 2025
;; MSG SIZE rcvd: 136
4.配置nfs服务
创建共享目录写入指定内容,并编辑共享配置文件
[root@nfs ~]# mkdir /shared
[root@nfs ~]# echo "Very good, you have successfully set up the system. " >/shared/index.html
[root@nfs ~]# cat /shared/index.html
Very good, you have successfully set up the system.
[root@nfs ~]# vi /etc/exports
[root@nfs ~]# cat /etc/exports
/shared 192.168.193.8(rw,sync)
[root@nfs ~]# exportfs -r
[root@nfs ~]# showmount -e localhost
Export list for localhost:
/shared 192.168.193.8
[root@nfs ~]# systemctl restart nfs-server.service
5.web服务配置
下载nginx软件
[root@web ~]# yum install -y nginx
挂载共享目录到nginx的默认页面
[root@web ~]# mount -t nfs 192.168.193.9:/shared /usr/share/nginx/html/
[root@web ~]# cd /usr/share/nginx/html/
[root@web html]# ls
index.html
[root@web html]# cat index.html
Very good, you have successfully set up the system.6.客服端配置
安装bind-utils
可临时修改dns地址(/etc/resolv.conf文件),也可以使用nmcli永久修改
[root@client ~]# yum install -y bind-utils
[root@client ~]# vi /etc/resolv.conf
[root@client ~]# cat /etc/resolv.conf
# Generated by NetworkManager
nameserver 192.168.193.18
nameserver 192.168.193.28
客户端测试
[root@client ~]# nslookup www.nihao.com
Server: 192.168.193.18
Address: 192.168.193.18#53
Name: www.nihao.com
Address: 192.168.193.8
[root@client ~]# curl www.nihao.com
Very good, you have successfully set up the system. 7.配置时间同步(所有虚拟机)
安装软件chrony
yum install -y chrony编辑 /etc/chrony.conf 文件修改为公共时间服务器
[root@dns1 ~]# vi /etc/chrony.con
[root@dns1 ~]# cat /etc/chrony.con
server 0.centos.pool.ntp.org iburst
server 1.centos.pool.ntp.org iburs
server 2.centos.pool.ntp.org iburst
server 3.centos.pool.ntp.org iburst
重启并设置开机自启服务
[root@dns1 ~]# systemctl restart chronyd
[root@dns1 ~]# systemctl enable chronyd
检查时间同步
chronyc sources -v
8.开启防火墙并允许相关服务(所有虚拟机)
开启防火墙并设置开机自启
[root@dns1 ~]# systemctl start firewalld
[root@dns1 ~]# systemctl enable firewalld
允许nginx服务
firewall-cmd --permanent --add-service=http允许nfs服务
firewall-cmd --permanent --add-service=nfs允许dns服务
firewall-cmd --permanent --add-service=dns重载防火墙
firewall-cmd --reload