Centos下DNS+NamedManager高可用部署方案完整记录（个人精华版）.doc-资料库

183c69f0-bc2e-4b7a-ac6e-48300a76fa27.doc.pdf-第1页.png

第1页 / 共37页

183c69f0-bc2e-4b7a-ac6e-48300a76fa27.doc.pdf-第2页.png

第2页 / 共37页

183c69f0-bc2e-4b7a-ac6e-48300a76fa27.doc.pdf-第3页.png

第3页 / 共37页

183c69f0-bc2e-4b7a-ac6e-48300a76fa27.doc.pdf-第4页.png

第4页 / 共37页

183c69f0-bc2e-4b7a-ac6e-48300a76fa27.doc.pdf-第5页.png

第5页 / 共37页

183c69f0-bc2e-4b7a-ac6e-48300a76fa27.doc.pdf-第6页.png

第6页 / 共37页

183c69f0-bc2e-4b7a-ac6e-48300a76fa27.doc.pdf-第7页.png

第7页 / 共37页

183c69f0-bc2e-4b7a-ac6e-48300a76fa27.doc.pdf-第8页.png

第8页 / 共37页

NamedManager 是一个基于 Web 的 DNS 管理系统，可用来添加、调整和删除 DNS 的 zones/records 数据。它使用 Bind 作为底层 DNS 服务，提供一个现代 Ajax 的 Web 界面，支持 IPv4 和 IPv6。该应用程序很稳定，在生产环境中使用没有任何问题。下面说下 DNS+NamedManager 双机高可用的配置方案： 1）机器环境主机名 ip 地址 192.168.10.202 192.168.10.203 dns01.kevin.cn dns02.kevin.cn VIP 地址：192.168.10.190 两台机器做好主机名及 hosts 绑定 [root@dns01 ~]# vim /etc/hosts ...... 192.168.10.202 192.168.10.203 192.168.10.190 dns01.kevin.cn dns02.kevin.cn dns.kevin.cn 四台机器都是 centos6.9 系统 [root@dns01 ~]# cat /etc/redhat-release CentOS release 6.9 (Final) 关闭四台机器的 iptables 和 selinux [root@dns01 ~]# /etc/init.d/iptables stop [root@dns01 ~]# setenforce 0 [root@dns01 ~]# vim /etc/sysconfig/selinux ...... SELINUX=disabled 同步四台机器的系统时间 [root@dns01 ~]# yum install -y ntpdate [root@dns01 ~]# ntpdate ntp1.aliyun.com 2）安装 namedmanager（在 192.168.10.202 和 192.168.10.203 两台机器上同样操作） [root@dns01 ~]# yum install perl httpd mod_ssl mysql-server php php-intl php-ldap php- mysql php-soap php-xml 修改/etc/httpd/conf/httpd.conf .......

ServerName dns.kevin.cn:80 [root@dns01 ~]# service mysqld start [root@dns01 ~]# service httpd start [root@dns01 ~]# lsof -i:3306 [root@dns01 ~]# lsof -i:80 [root@dns01 ~]# chkconfig mysqld on [root@dns01 ~]# chkconfig httpd on [root@dns02 ~]# mysqladmin -u root password 123456 [root@dns02 ~]# mysql -p123456 #验证下是否能登录进去下载并安装 namedmanager [root@dns01 ~]# cd /usr/local/src/ [root@dns01 src]# wget http://repos.jethrocarr.com/pub/amberdms/linux/centos/6/amberdms- custom/i386/namedmanager-www-1.8.0-1.el6.noarch.rpm [root@dns01 src]# rpm -Uvh namedmanager-www-1.8.0-1.el6.noarch.rpm --force [root@dns01 src]# cd /usr/share/namedmanager/resources/ [root@dns01 resources]# ./autoinstall.pl autoinstall.pl This script setups the NamedManager database components: * NamedManager MySQL user * NamedManager database * NamedManager configuration files #默认会创建登录 Mysql 的用户名 NamedManager #默认会创建 NamedManager 数据库名 #默认会创建 NamedManager 的配置文件 THIS SCRIPT ONLY NEEDS TO BE RUN FOR THE VERY FIRST INSTALL OF NAMEDMANAGER. DO NOT RUN FOR ANY OTHER REASON Please enter MySQL root password (if any): 123456 Searching ../sql/ for latest install schema... #输入上面设置的 mysql 密码

../sql//version_20131222_install.sql is the latest file and will be used for the install. Importing file ../sql//version_20131222_install.sql Creating user... Updating configuration file... DB installation complete! You can now login with the default username/password of setup/setup123 at http://localhost/namedmanager 3）安装和配置 bind9（在 192.168.10.202 和 192.168.10.203 两台机器上同样操作） [root@dns01 ~]# cd /usr/local/src/ [root@dns01 src]# yum install bind php-process [root@dns01 src]# wget http://repos.jethrocarr.com/pub/amberdms/linux/centos/6/amberdms- custom/i386/namedmanager-bind-1.8.0-1.el6.noarch.rpm [root@dns01 src]# rpm -Uvh namedmanager-bind-1.8.0-1.el6.noarch.rpm --force 修改/etc/named.conf [root@dns01 src]# cp /etc/named.conf /etc/named.conf.bak [root@dns01 src]# vim /etc/named.conf options { listen-on port 53 { any; }; directory "/var/named"; dump-file "/var/named/data/cache_dump.db"; statistics-file "/var/named/data/named_stats.txt"; memstatistics-file "/var/named/data/named_mem_stats.txt"; allow-query allow-query-cache recursion yes; forward first; forwarders { { any; }; { any; }; 223.5.5.5; 223.6.6.6; 8.8.8.8;

8.8.4.4; }; dnssec-enable yes; dnssec-validation yes; dnssec-lookaside auto; bindkeys-file "/etc/named.iscdlv.key"; managed-keys-directory "/var/named/dynamic"; }; logging { channel default_debug { file "data/named.run"; severity dynamic; }; }; zone "." { type hint; file "named.ca"; }; include "/etc/named.rfc1912.zones"; include "/etc/named.root.key"; include "/etc/named.namedmanager.conf"; 启动 named 服务 [root@dns01 src]# service named start Generating /etc/rndc.key: Starting named: [ [ OK OK ] ] --------------------------------------------------------------------------

上面已经提前关闭了 iptables 和 selinux。如果防火墙打开了，则需要开启下面策略： [root@dns01 src]# iptables -F [root@dns01 src]# iptables -P INPUT DROP [root@dns01 src]# iptables -P FORWARD DROP [root@dns01 src]# iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT [root@dns01 src]# iptables -A INPUT -i lo -p all -j ACCEPT [root@dns01 src]# iptables -A INPUT -p icmp -j ACCEPT [root@dns01 src]# iptables -A INPUT -p tcp --dport 22 -j ACCEPT [root@dns01 src]# iptables -A INPUT -p tcp --dport 53 -j ACCEPT [root@dns01 src]# iptables -A INPUT -p udp --dport 53 -j ACCEPT [root@dns01 src]# iptables -A INPUT -p tcp --dport 80 -j ACCEPT [root@dns01 src]# iptables -A INPUT -p tcp --dport 443 -j ACCEPT -------------------------------------------------------------------------- 禁用 IPV6。添加域名记录（正向解析与反向解析）。设置开机启动服务，并重启服务器。 [root@dns01 src]# vim /etc/modprobe.d/dist.conf ....... alias net-pf-10 off alias ipv6 off chkconfig ip6tables off [root@dns01 src]# chkconfig httpd on [root@dns01 src]# chkconfig mysqld on [root@dns01 src]# chkconfig named on [root@dns01 src]# init 6 #重启机器重启之后，登录机器验证下 httpd、mysqld 和 named 服务是否如实开机启动了 [root@dns01 ~]# ps -ef|grep mysql [root@dns01 ~]# ps -ef|grep http [root@dns01 ~]# ps -ef|grep named 测试登录 mysql [root@dns01 ~]# mysql -p123456

#这时就能顺利登录 mysql 数据库了 ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/lib/mysql/mysql.sock' (2) [root@dns01 ~]# ll /var/lib/mysql/mysql.sock ls: cannot access /var/lib/mysql/mysql.sock: No such file or directory [root@dns01 ~]# ln -s /usr/local/mysql/var/mysql.sock /var/lib/mysql/mysql.sock [root@dns01 ~]# ll /var/lib/mysql/mysql.sock lrwxrwxrwx. 1 root root 31 Jun 1 17:14 /var/lib/mysql/mysql.sock -> /usr/local/mysql/var/mysql.sock [root@dns01 ~]# mysql -p123456 4）安装 keepalived（192.168.10.202 和 192.168.10.203 两台机器上同样操作） [root@dns01 ~]# cd /usr/local/src/ [root@dns01 src]# wget http://www.keepalived.org/software/keepalived-1.3.2.tar.gz [root@dns01 src]# tar -zvxf keepalived-1.3.2.tar.gz [root@dns01 src]# cd keepalived-1.3.2 [root@dns01 keepalived-1.3.2]# ./configure && make && make install [root@dns01 keepalived-1.3.2]# cp /usr/local/src/keepalived- 1.3.2/keepalived/etc/init.d/keepalived /etc/rc.d/init.d/ [root@dns01 keepalived-1.3.2]# cp /usr/local/etc/sysconfig/keepalived /etc/sysconfig/ [root@dns01 keepalived-1.3.2]# mkdir /etc/keepalived [root@dns01 keepalived-1.3.2]# cp /usr/local/etc/keepalived/keepalived.conf /etc/keepalived/ [root@dns01 keepalived-1.3.2]# cp /usr/local/sbin/keepalived /usr/sbin/ [root@dns01 keepalived-1.3.2]# echo "/etc/init.d/keepalived start" >> /etc/rc.local keepalived.conf 配置 ------------------------------------------ 192.168.10.202 机器的 keepalived.conf 配置 [root@dns01 ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak [root@dns01 ~]# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived #全局定义 global_defs { notification_email { ops@kevin.cn

} notification_email_from ops@kevin.cn smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id master-node } vrrp_script chk_http_port { script "/opt/chk_http.sh" interval 2 weight -5 fall 2 rise 1 } vrrp_instance VI_1 { state MASTER interface eth0 mcast_src_ip 192.168.10.202 virtual_router_id 51 priority 101 advert_int 1 authentication { auth_type PASS auth_pass 1111 } virtual_ipaddress { 192.168.10.190 } track_script { chk_http_port }

} 编写 httpd 监控脚本 [root@dns01 ~]# vim /opt/chk_http.sh #!/bin/bash counter=$(netstat -na|grep "LISTEN"|grep "80"|wc -l) if [ "${counter}" = "0" ]; then service httpd start >/dev/null 2>&1 sleep 2 counter=$(netstat -na|grep "LISTEN"|grep "80"|wc -l) if [ "${counter}" = "0" ]; then /etc/init.d/keepalived stop fi fi 必须要给此脚本授予执行权限 [root@dns01 ~]# chmod 755 /opt/chk_http.sh ----------------------------------------- 192.168.10.203 机器的 keepalived.conf 配置 [root@dns02 ~]# cp /etc/keepalived/keepalived.conf /etc/keepalived/keepalived.conf.bak [root@dns02 ~]# vim /etc/keepalived/keepalived.conf ! Configuration File for keepalived global_defs { notification_email { ops@kevin.cn } notification_email_from ops@kevin.cn smtp_server 127.0.0.1 smtp_connect_timeout 30 router_id slave-node }

资料库

Centos下DNS+NamedManager高可用部署方案完整记录（个人精华版）.doc

相关推荐

操作系统

热门标签

最新资料