Re: [xcat-user] Makedns wiping out DNS records
I fixed the issue that 'makedns -e' always started the 'named' on the xCAT MN. You can get the fix ddns.pm here: https://sourceforge.net/p/xcat/xcat-core/ci/master/tree/xCAT-server/lib/xcat/plugins/ddns.pm I also changed the doc for the description that how to use the External DNS. https://sourceforge.net/apps/mediawiki/xcat/index.php?title=Cluster_Name_Resolution#Option_.232:_Use_a_DNS_That_is_Outside_of_the_Cluster Thanks Best Regards -- Wang Xiaopeng (王晓朋) IBM China System Technology Laboratory Tel: 86-10-82453455 Email: w...@cn.ibm.com Address: 28,ZhongGuanCun Software Park,No.8 Dong Bei Wang West Road, Haidian District Beijing P.R.China 100193 From: Christopher Samuel sam...@unimelb.edu.au To: xcat-user@lists.sourceforge.net, Date: 2014/04/08 08:39 Subject:Re: [xcat-user] Makedns wiping out DNS records -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/04/14 23:51, Josh Nielsen wrote: Okay, as long as makedns -e updates the external named server just like it would a local named instance. Certainly seems to do so here. The reason I had asked that is because the documentation was rather ambiguously worded on that point. So now I'm just trying to figure out the best way to make xCAT only update the external DNS instance. Good luck! Since you said that you have the problem of the local deamon starting up regardless when you run makedns -e, have you ever noticed whether it is actually updating local records also? To be honest I've never checked.. Is your /var/named/ directory on the xCAT server populated with zone files? ... it has some, but they all date from last year and given we've added hosts in the last few weeks it doesn't appear to be regenerating those. Also did you remove the MN's local host IP (whether loopback or assigned) from its /etc/resolv.conf and make it point only to the external DNS server's IP? Correct, it only points to both of our external DNS servers. Since I'm trying to transition without an outage I think I will have to have a brief period where I have both the MN and the external server running identical named configs. Then I can slowly begin to move my compute cluster nodes to resolve to the external server in 10 node increments or so, so that I can troubleshoot any problems and undo it to resolve back to the MN again if need be. I just want to be as careful as possible. Sounds like a plan, but be aware that you may need to run a separate makedns to populate the local zone files as well as makedns -e to do the external name servers. Best of luck! Chris - -- Christopher SamuelSenior Systems Administrator VLSCI - Victorian Life Sciences Computation Initiative Email: sam...@unimelb.edu.au Phone: +61 (0)3 903 55545 http://www.vlsci.org.au/ http://twitter.com/vlsci -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlNDRVQACgkQO2KABBYQAh+o9wCgkdDd17Dbt79FP73ndRMZKn4I uwMAn0+ZpVf5meq9HuNGGEyQvPb4UcJV =A4QE -END PGP SIGNATURE- -- Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees ___ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user inline: graycol.gif-- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/NeoTech___ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user
Re: [xcat-user] Makedns wiping out DNS records
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/04/14 23:51, Josh Nielsen wrote: Okay, as long as makedns -e updates the external named server just like it would a local named instance. Certainly seems to do so here. The reason I had asked that is because the documentation was rather ambiguously worded on that point. So now I'm just trying to figure out the best way to make xCAT only update the external DNS instance. Good luck! Since you said that you have the problem of the local deamon starting up regardless when you run makedns -e, have you ever noticed whether it is actually updating local records also? To be honest I've never checked.. Is your /var/named/ directory on the xCAT server populated with zone files? ... it has some, but they all date from last year and given we've added hosts in the last few weeks it doesn't appear to be regenerating those. Also did you remove the MN's local host IP (whether loopback or assigned) from its /etc/resolv.conf and make it point only to the external DNS server's IP? Correct, it only points to both of our external DNS servers. Since I'm trying to transition without an outage I think I will have to have a brief period where I have both the MN and the external server running identical named configs. Then I can slowly begin to move my compute cluster nodes to resolve to the external server in 10 node increments or so, so that I can troubleshoot any problems and undo it to resolve back to the MN again if need be. I just want to be as careful as possible. Sounds like a plan, but be aware that you may need to run a separate makedns to populate the local zone files as well as makedns -e to do the external name servers. Best of luck! Chris - -- Christopher SamuelSenior Systems Administrator VLSCI - Victorian Life Sciences Computation Initiative Email: sam...@unimelb.edu.au Phone: +61 (0)3 903 55545 http://www.vlsci.org.au/ http://twitter.com/vlsci -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlNDRVQACgkQO2KABBYQAh+o9wCgkdDd17Dbt79FP73ndRMZKn4I uwMAn0+ZpVf5meq9HuNGGEyQvPb4UcJV =A4QE -END PGP SIGNATURE- -- Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees ___ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user
Re: [xcat-user] Makedns wiping out DNS records
The purpose of makedns is to setup a domain name server where it is run. If you don't want that, I would suggest you manually setup your MN to use the external name server and configure /etc/hosts with nodes you don't want in the external server with makehosts.We have many clusters that do that because having name resolution from /etc/hosts is much faster. Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 From: Josh Nielsen jniel...@hudsonalpha.org To: xCAT Users Mailing list xcat-user@lists.sourceforge.net, Date: 04/02/2014 06:18 PM Subject:Re: [xcat-user] Makedns wiping out DNS records As Christopher notes, it is an additional attack surface. Also I would like to not have to worry about an additional named instance running in my network which I am not using. If it is not currently possible to prevent the local named daemon on the MN from starting when makedns is run, can that behavior be changed in a future xCAT version if you want an external master only? I'm still curious as to whether the /var/named/ directory would have any zone files locally on the MN in the case where named is running locally but you are pushing updates to an external DNS server, or whether it only pushes zone entries out to the DNS server specified with 'makedns -e' (as it should). -Josh On Mon, Mar 31, 2014 at 8:17 PM, Xiao Peng Wang w...@cn.ibm.com wrote: Enable the local DNS on xCAT MN does not hurt anything except the cpu/memory to run makedns in your case, right? Thanks Best Regards -- Wang Xiaopeng (王晓朋) IBM China System Technology Laboratory Tel: 86-10-82453455 Email: w...@cn.ibm.com Address: 28,ZhongGuanCun Software Park,No.8 Dong Bei Wang West Road, Haidian District Beijing P.R.China 100193 Inactive hide details for Josh Nielsen ---2014/04/01 00:00:13---By default, makedns sets up the named service and updates theJosh Nielsen ---2014/04/01 00:00:13---By default, makedns sets up the named service and updates the DNS records on the local system (man From: Josh Nielsen jniel...@hudsonalpha.org To: xCAT Users Mailing list xcat-user@lists.sourceforge.net, sam...@unimelb.edu.au, Date: 2014/04/01 00:00 Subject: Re: [xcat-user] Makedns wiping out DNS records By default, makedns sets up the named service and updates the DNS records on the local system (management node). If the -e flag is specified, it will also update the DNS records on any external DNS server that is listed in the /etc/resolv.conf on the management node. Interesting, so even if I use an external DNS server I can't get rid of/turn off the DNS service on the MN? I suppose I could do a 'chkconfig named off' but makedns starts the named daemon anyway when you run it (I think). I want to make the external server the sole Master DNS server, and every other server its slave (I have only two other slave DNS servers, which are my Service Nodes). I'm in the same boat as Christopher who noted One kink I think we've noticed there is that even with makedns -e xCAT seems to start up bind on the local system which isn't what we want at all. I also would prefer the local BIND/named daemon to not start at all, and rather make the external DNS the sole master. However, as you indicated makedns by default (which I'm assuming is a behavior that can't be changed [yet]?) sets up the local named service when it is run. Can xCAT be modified to accommodate the external only master scenario? Regards, Josh Nielsen On Thu, Mar 27, 2014 at 12:38 PM, Lissa Valletta lis...@us.ibm.com wrote: It is saying if your site has an external name server and you want to use it , you need to add that external name server into the /etc/resolv.conf file. You also have to add the correct nameservers in the site table before you run makedns. This is the manual part. chdef -t site nameservers=50.1.2.254 for example. The makedns -e will take the external nameservers that you have listed in /etc/resolv.conf and update their DNS records, assuming you have the authority to change that server. From man makedns By default, makedns sets up the named service and updates the DNS records on the local system (management node). If the -e flag is specified, it will also update the DNS records on any external DNS server that is listed in the /etc/resolv.conf on the management node. (Assuming the external DNS server can recognize the xCAT key as authentication.) Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 Inactive hide details for Josh Nielsen ---03/26/2014 03:15:37 PM---Sorry to revive this, but I have a question about external D Josh Nielsen
Re: [xcat-user] Makedns wiping out DNS records
As Christopher notes, it is an additional attack surface. Also I would like to not have to worry about an additional named instance running in my network which I am not using. If it is not currently possible to prevent the local named daemon on the MN from starting when makedns is run, can that behavior be changed in a future xCAT version if you want an external master only? I'm still curious as to whether the /var/named/ directory would have any zone files locally on the MN in the case where named is running locally but you are pushing updates to an external DNS server, or whether it only pushes zone entries out to the DNS server specified with 'makedns -e' (as it should). -Josh On Mon, Mar 31, 2014 at 8:17 PM, Xiao Peng Wang w...@cn.ibm.com wrote: Enable the local DNS on xCAT MN does not hurt anything except the cpu/memory to run makedns in your case, right? Thanks Best Regards -- Wang Xiaopeng (王晓朋) IBM China System Technology Laboratory Tel: 86-10-82453455 Email: w...@cn.ibm.com Address: 28,ZhongGuanCun Software Park,No.8 Dong Bei Wang West Road, Haidian District Beijing P.R.China 100193 [image: Inactive hide details for Josh Nielsen ---2014/04/01 00:00:13---By default, makedns sets up the named service and updates the]Josh Nielsen ---2014/04/01 00:00:13---By default, makedns sets up the named service and updates the DNS records on the local system (man From: Josh Nielsen jniel...@hudsonalpha.org To: xCAT Users Mailing list xcat-user@lists.sourceforge.net, sam...@unimelb.edu.au, Date: 2014/04/01 00:00 Subject: Re: [xcat-user] Makedns wiping out DNS records -- By default, makedns sets up the named service and updates the DNS records on the local system (management node). If the -e flag is specified, it will also update the DNS records on any external DNS server that is listed in the /etc/resolv.conf on the management node. Interesting, so even if I use an external DNS server I can't get rid of/turn off the DNS service on the MN? I suppose I could do a 'chkconfig named off' but makedns starts the named daemon anyway when you run it (I think). I want to make the external server the sole Master DNS server, and every other server its slave (I have only two other slave DNS servers, which are my Service Nodes). I'm in the same boat as Christopher who noted One kink I think we've noticed there is that even with makedns -e xCAT seems to start up bind on the local system which isn't what we want at all. I also would prefer the local BIND/named daemon to not start at all, and rather make the external DNS the sole master. However, as you indicated makedns by default (which I'm assuming is a behavior that can't be changed [yet]?) sets up the local named service when it is run. Can xCAT be modified to accommodate the external only master scenario? Regards, Josh Nielsen On Thu, Mar 27, 2014 at 12:38 PM, Lissa Valletta *lis...@us.ibm.com*lis...@us.ibm.com wrote: It is saying if your site has an external name server and you want to use it , you need to add that external name server into the /etc/resolv.conf file.You also have to add the correct nameservers in the site table before you run makedns. This is the manual part. chdef -t site nameservers=50.1.2.254 for example. The makedns -e will take the external nameservers that you have listed in /etc/resolv.conf and update their DNS records, assuming you have the authority to change that server. From man makedns By default, makedns sets up the named service and updates the DNS records on the local system (management node). If the -e flag is specified, it will also update the DNS records on any external DNS server that is listed in the /etc/resolv.conf on the management node. (Assuming the external DNS server can recognize the xCAT key as authentication.) Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 [image: Inactive hide details for Josh Nielsen ---03/26/2014 03:15:37 PM---Sorry to revive this, but I have a question about external D]Josh Nielsen ---03/26/2014 03:15:37 PM---Sorry to revive this, but I have a question about external DNS since I am thinking of trying it now. From: Josh Nielsen *jniel...@hudsonalpha.org*jniel...@hudsonalpha.org To: xCAT Users Mailing list *xcat-user@lists.sourceforge.net*xcat-user@lists.sourceforge.net, Date: 03/26/2014 03:15 PM Subject: Re: [xcat-user] Makedns wiping out DNS records -- Sorry to revive this, but I have a question about external DNS since I am thinking of trying it now. On the Cluster Name Resolution wiki page ( *http://sourceforge.net/apps/mediawiki/xcat/index.php?title=Cluster_Name_Resolution*http://sourceforge.net/apps
Re: [xcat-user] Makedns wiping out DNS records
Okay, as long as makedns -e updates the external named server just like it would a local named instance. The reason I had asked that is because the documentation was rather ambiguously worded on that point. So now I'm just trying to figure out the best way to make xCAT only update the external DNS instance. Since you said that you have the problem of the local deamon starting up regardless when you run makedns -e, have you ever noticed whether it is actually updating local records also? Is your /var/named/ directory on the xCAT server populated with zone files? Also did you remove the MN's local host IP (whether loopback or assigned) from its /etc/resolv.conf and make it point only to the external DNS server's IP? Since I'm trying to transition without an outage I think I will have to have a brief period where I have both the MN and the external server running identical named configs. Then I can slowly begin to move my compute cluster nodes to resolve to the external server in 10 node increments or so, so that I can troubleshoot any problems and undo it to resolve back to the MN again if need be. I just want to be as careful as possible. Thanks, Josh On Mon, Mar 31, 2014 at 10:17 PM, Christopher Samuel sam...@unimelb.edu.auwrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 27/03/14 06:11, Josh Nielsen wrote: What does it mean that you must manually configure the hostnames and IP addresses? Does 'makedns -e' not do that for you, just like it would if DNS were running locally on the MN itself by just parsing /etc/hosts and adding/pushing it to the (remote) DNS zone files for you? We've occasionally pushed records into the DNS server by hand when they're things external to xCAT, but I we've gone from that to defining them in xCAT on our infrastructure management node and pushing from there. So we've got 4 xCAT management nodes updating the same external DNS servers with makedns -e. cheers, Chris - -- Christopher SamuelSenior Systems Administrator VLSCI - Victorian Life Sciences Computation Initiative Email: sam...@unimelb.edu.au Phone: +61 (0)3 903 55545 http://www.vlsci.org.au/ http://twitter.com/vlsci -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlM6L7UACgkQO2KABBYQAh+SRgCbBrVkrOB53IUqj1+OSWpmlMe9 9HMAn0Zf3hFtebzDfoyfUs/4ctdE8C/g =2YjS -END PGP SIGNATURE- -- ___ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user -- ___ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user
Re: [xcat-user] Makedns wiping out DNS records
Enable the local DNS on xCAT MN does not hurt anything except the cpu/memory to run makedns in your case, right? Thanks Best Regards -- Wang Xiaopeng (王晓朋) IBM China System Technology Laboratory Tel: 86-10-82453455 Email: w...@cn.ibm.com Address: 28,ZhongGuanCun Software Park,No.8 Dong Bei Wang West Road, Haidian District Beijing P.R.China 100193 From: Josh Nielsen jniel...@hudsonalpha.org To: xCAT Users Mailing list xcat-user@lists.sourceforge.net, sam...@unimelb.edu.au, Date: 2014/04/01 00:00 Subject:Re: [xcat-user] Makedns wiping out DNS records By default, makedns sets up the named service and updates the DNS records on the local system (management node). If the -e flag is specified, it will also update the DNS records on any external DNS server that is listed in the /etc/resolv.conf on the management node. Interesting, so even if I use an external DNS server I can't get rid of/turn off the DNS service on the MN? I suppose I could do a 'chkconfig named off' but makedns starts the named daemon anyway when you run it (I think). I want to make the external server the sole Master DNS server, and every other server its slave (I have only two other slave DNS servers, which are my Service Nodes). I'm in the same boat as Christopher who noted One kink I think we've noticed there is that even with makedns -e xCAT seems to start up bind on the local system which isn't what we want at all. I also would prefer the local BIND/named daemon to not start at all, and rather make the external DNS the sole master. However, as you indicated makedns by default (which I'm assuming is a behavior that can't be changed [yet]?) sets up the local named service when it is run. Can xCAT be modified to accommodate the external only master scenario? Regards, Josh Nielsen On Thu, Mar 27, 2014 at 12:38 PM, Lissa Valletta lis...@us.ibm.com wrote: It is saying if your site has an external name server and you want to use it , you need to add that external name server into the /etc/resolv.conf file. You also have to add the correct nameservers in the site table before you run makedns. This is the manual part. chdef -t site nameservers=50.1.2.254 for example. The makedns -e will take the external nameservers that you have listed in /etc/resolv.conf and update their DNS records, assuming you have the authority to change that server. From man makedns By default, makedns sets up the named service and updates the DNS records on the local system (management node). If the -e flag is specified, it will also update the DNS records on any external DNS server that is listed in the /etc/resolv.conf on the management node. (Assuming the external DNS server can recognize the xCAT key as authentication.) Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 Inactive hide details for Josh Nielsen ---03/26/2014 03:15:37 PM---Sorry to revive this, but I have a question about external DJosh Nielsen ---03/26/2014 03:15:37 PM---Sorry to revive this, but I have a question about external DNS since I am thinking of trying it now. From: Josh Nielsen jniel...@hudsonalpha.org To: xCAT Users Mailing list xcat-user@lists.sourceforge.net, Date: 03/26/2014 03:15 PM Subject: Re: [xcat-user] Makedns wiping out DNS records Sorry to revive this, but I have a question about external DNS since I am thinking of trying it now. On the Cluster Name Resolution wiki page ( http://sourceforge.net/apps/mediawiki/xcat/index.php?title=Cluster_Name_Resolution ) under 'Option #2: Use a DNS That is Outside of the Cluster' it says: If you already have a DNS on your site network and you want to use that for your cluster node names too, you can point all of the nodes to it. You must ensure that your nodes have IP connectivity to the DNS, and you must manually configure your DNS with the node hostnames and IP addresses. What does it mean that you must manually configure the hostnames and IP addresses? Does 'makedns -e' not do that for you, just like it would if DNS were running locally on the MN itself by just parsing /etc/hosts and adding/pushing it to the (remote) DNS zone files for you? In my case I may even be migrating my existing DNS zone files and /etc/named.conf config onto a new VM and bring up DNS there and just add any new hosts. But I would be surprised if makedns -e doesn't add the hostnames and IPs for you. Can anyone who has used the external DNS option with xCAT speak to that? Thanks, Josh On Thu, Jan 16, 2014 at 5:13 PM, Christopher Samuel sam...@unimelb.edu.au wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 17/01/14 04:00, Josh Nielsen wrote: If it just something with our installation or does makedns do this foe other people as well
Re: [xcat-user] Makedns wiping out DNS records
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 01/04/14 12:17, Xiao Peng Wang wrote: Enable the local DNS on xCAT MN does not hurt anything except the cpu/memory to run makedns in your case, right? It's an extra bit of attack surface that's not needed and never used by anything (when you're only using external DNS). cheers, Chris - -- Christopher SamuelSenior Systems Administrator VLSCI - Victorian Life Sciences Computation Initiative Email: sam...@unimelb.edu.au Phone: +61 (0)3 903 55545 http://www.vlsci.org.au/ http://twitter.com/vlsci -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlM6LjUACgkQO2KABBYQAh8b+QCgjNJVM33RI2QNFpf6hJCQICoE iQYAnjUHl5Op7S3/IhGSSO9DvXJOTvap =pqot -END PGP SIGNATURE- -- ___ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user
Re: [xcat-user] Makedns wiping out DNS records
It is saying if your site has an external name server and you want to use it , you need to add that external name server into the /etc/resolv.conf file.You also have to add the correct nameservers in the site table before you run makedns. This is the manual part. chdef -t site nameservers=50.1.2.254 for example. The makedns -e will take the external nameservers that you have listed in /etc/resolv.conf and update their DNS records, assuming you have the authority to change that server. From man makedns By default, makedns sets up the named service and updates the DNS records on the local system (management node). If the -e flag is specified, it will also update the DNS records on any external DNS server that is listed in the /etc/resolv.conf on the management node. (Assuming the external DNS server can recognize the xCAT key as authentication.) Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 From: Josh Nielsen jniel...@hudsonalpha.org To: xCAT Users Mailing list xcat-user@lists.sourceforge.net, Date: 03/26/2014 03:15 PM Subject:Re: [xcat-user] Makedns wiping out DNS records Sorry to revive this, but I have a question about external DNS since I am thinking of trying it now. On the Cluster Name Resolution wiki page ( http://sourceforge.net/apps/mediawiki/xcat/index.php?title=Cluster_Name_Resolution ) under 'Option #2: Use a DNS That is Outside of the Cluster' it says: If you already have a DNS on your site network and you want to use that for your cluster node names too, you can point all of the nodes to it. You must ensure that your nodes have IP connectivity to the DNS, and you must manually configure your DNS with the node hostnames and IP addresses. What does it mean that you must manually configure the hostnames and IP addresses? Does 'makedns -e' not do that for you, just like it would if DNS were running locally on the MN itself by just parsing /etc/hosts and adding/pushing it to the (remote) DNS zone files for you? In my case I may even be migrating my existing DNS zone files and /etc/named.conf config onto a new VM and bring up DNS there and just add any new hosts. But I would be surprised if makedns -e doesn't add the hostnames and IPs for you. Can anyone who has used the external DNS option with xCAT speak to that? Thanks, Josh On Thu, Jan 16, 2014 at 5:13 PM, Christopher Samuel sam...@unimelb.edu.au wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 17/01/14 04:00, Josh Nielsen wrote: If it just something with our installation or does makedns do this foe other people as well? FWIW we do not run DNS on the management nodes at all, we have 4 separate xCAT built clusters (3 HPC clusters and 1 for our GPFS/TSM infrastructure and our BG/Q service and front ends) and so to let them all populate DNS with a single, consistent view we have two external DNS servers that they all send updates to with makedns -e. One kink I think we've noticed there is that even with makedns -e xCAT seems to start up bind on the local system which isn't what we want at all. Good luck! Chris - -- Christopher Samuel Senior Systems Administrator VLSCI - Victorian Life Sciences Computation Initiative Email: sam...@unimelb.edu.au Phone: +61 (0)3 903 55545 http://www.vlsci.org.au/ http://twitter.com/vlsci -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlLYZ4sACgkQO2KABBYQAh8pwACfSEi4RePX5F2hG5E1AtrAdy77 PtMAni1KEwsOM/az4z0U7o4aZZOEuO/+ =fPWd -END PGP SIGNATURE- -- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431iu=/4140/ostg.clktrk ___ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech ___ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user inline: graycol.gif-- ___ xCAT-user mailing list xCAT-user@lists.sourceforge.net https
Re: [xcat-user] Makedns wiping out DNS records
Sorry to revive this, but I have a question about external DNS since I am thinking of trying it now. On the Cluster Name Resolution wiki page ( http://sourceforge.net/apps/mediawiki/xcat/index.php?title=Cluster_Name_Resolution) under 'Option #2: Use a DNS That is Outside of the Cluster' it says: If you already have a DNS on your site network and you want to use that for your cluster node names too, you can point all of the nodes to it. You must ensure that your nodes have IP connectivity to the DNS, and you must manually configure your DNS with the node hostnames and IP addresses. What does it mean that you must manually configure the hostnames and IP addresses? Does 'makedns -e' not do that for you, just like it would if DNS were running locally on the MN itself by just parsing /etc/hosts and adding/pushing it to the (remote) DNS zone files for you? In my case I may even be migrating my existing DNS zone files and /etc/named.conf config onto a new VM and bring up DNS there and just add any new hosts. But I would be surprised if makedns -e doesn't add the hostnames and IPs for you. Can anyone who has used the external DNS option with xCAT speak to that? Thanks, Josh On Thu, Jan 16, 2014 at 5:13 PM, Christopher Samuel sam...@unimelb.edu.auwrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 17/01/14 04:00, Josh Nielsen wrote: If it just something with our installation or does makedns do this foe other people as well? FWIW we do not run DNS on the management nodes at all, we have 4 separate xCAT built clusters (3 HPC clusters and 1 for our GPFS/TSM infrastructure and our BG/Q service and front ends) and so to let them all populate DNS with a single, consistent view we have two external DNS servers that they all send updates to with makedns -e. One kink I think we've noticed there is that even with makedns -e xCAT seems to start up bind on the local system which isn't what we want at all. Good luck! Chris - -- Christopher SamuelSenior Systems Administrator VLSCI - Victorian Life Sciences Computation Initiative Email: sam...@unimelb.edu.au Phone: +61 (0)3 903 55545 http://www.vlsci.org.au/ http://twitter.com/vlsci -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlLYZ4sACgkQO2KABBYQAh8pwACfSEi4RePX5F2hG5E1AtrAdy77 PtMAni1KEwsOM/az4z0U7o4aZZOEuO/+ =fPWd -END PGP SIGNATURE- -- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431iu=/4140/ostg.clktrk ___ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user -- Learn Graph Databases - Download FREE O'Reilly Book Graph Databases is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech___ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user
Re: [xcat-user] Makedns wiping out DNS records
Also, if I externalize DNS but leave DHCP on the MN nothing has to change in the DHCP config, except changes propagated from xcat via makedhcp, does it? As long as I specify site.nameservers=X.X.X.X as the IP of my external DNS master and update /etc/dhcpd.conf with makedhcp only the domain-name-servers line should change, right? I know that I need to change the MN's resolv.conf to point to the external DNS server too to make this work. Also as thishttps://www.mail-archive.com/xcat-user@lists.sourceforge.net/msg00451.htmlarchived list email suggests I should also make sure the TSIG key for DNS is defined in /etc/named.conf on both the MN and the external DNS server (assuming I allow DNS updates only with the xcat_key signature). Does that mean the MN still needs its named daemon running to push out updates though? Overall, in addition to the things mentioned above, is there anything else that I have missed that will be necessary to do to make external DNS work with xCAT? Thanks, Josh On Wed, Mar 26, 2014 at 2:11 PM, Josh Nielsen jniel...@hudsonalpha.orgwrote: Sorry to revive this, but I have a question about external DNS since I am thinking of trying it now. On the Cluster Name Resolution wiki page ( http://sourceforge.net/apps/mediawiki/xcat/index.php?title=Cluster_Name_Resolution) under 'Option #2: Use a DNS That is Outside of the Cluster' it says: If you already have a DNS on your site network and you want to use that for your cluster node names too, you can point all of the nodes to it. You must ensure that your nodes have IP connectivity to the DNS, and you must manually configure your DNS with the node hostnames and IP addresses. What does it mean that you must manually configure the hostnames and IP addresses? Does 'makedns -e' not do that for you, just like it would if DNS were running locally on the MN itself by just parsing /etc/hosts and adding/pushing it to the (remote) DNS zone files for you? In my case I may even be migrating my existing DNS zone files and /etc/named.conf config onto a new VM and bring up DNS there and just add any new hosts. But I would be surprised if makedns -e doesn't add the hostnames and IPs for you. Can anyone who has used the external DNS option with xCAT speak to that? Thanks, Josh On Thu, Jan 16, 2014 at 5:13 PM, Christopher Samuel sam...@unimelb.edu.au wrote: -BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 17/01/14 04:00, Josh Nielsen wrote: If it just something with our installation or does makedns do this foe other people as well? FWIW we do not run DNS on the management nodes at all, we have 4 separate xCAT built clusters (3 HPC clusters and 1 for our GPFS/TSM infrastructure and our BG/Q service and front ends) and so to let them all populate DNS with a single, consistent view we have two external DNS servers that they all send updates to with makedns -e. One kink I think we've noticed there is that even with makedns -e xCAT seems to start up bind on the local system which isn't what we want at all. Good luck! Chris - -- Christopher SamuelSenior Systems Administrator VLSCI - Victorian Life Sciences Computation Initiative Email: sam...@unimelb.edu.au Phone: +61 (0)3 903 55545 http://www.vlsci.org.au/ http://twitter.com/vlsci -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlLYZ4sACgkQO2KABBYQAh8pwACfSEi4RePX5F2hG5E1AtrAdy77 PtMAni1KEwsOM/az4z0U7o4aZZOEuO/+ =fPWd -END PGP SIGNATURE- -- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431iu=/4140/ostg.clktrk ___ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user -- ___ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user
[xcat-user] Makedns wiping out DNS records
Regardless of the version of xCAT we have used in the past, my coworkers and I have noticed that running makedns with any following options can be dangerous for us, because something happens where it will wipe out all the records in DNS. If we run makedns with no options generally any new nodes that have been added to /etc/hosts will be parsed and added appropriately. Maybe I am misunderstanding what happens when the command is run. Here is a recent example. My entry for a new node xcat-serv1 for some reason didn't have the reverse lookup from the IP in the DNS file for that subnet (db.10.20), and so I decided to try to remove just the DNS entry for that node and then re-add it. Here is what I ran: # makedns -d xcat-serv1 Handling xcat-serv1 in /etc/hosts. Getting reverse zones, this may take several minutes for a large cluster. Completed getting reverse zones. Updating zones. Completed updating zones. Updating DNS records, this may take several minutes for a large cluster. Completed updating DNS records. Then I ran it with the -n parameter to re-add that node (with XCATBYPASS=1): # export XCATBYPASS=1 [root@x3650-head01 centos]# makedns -n xcat-serv1 Unrecognized escape \h passed through at /opt/xcat/lib/perl/xCAT/zvmUtils.pm line 2408. Subroutine handled_commands redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 28. Subroutine delnode redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pmline 33. Subroutine addnode redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pmline 58. Subroutine build_line redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pmline 117. Subroutine addotherinterfaces redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 182. Subroutine delotherinterfaces redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 209. Subroutine add_hosts_content redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 234. Subroutine process_request redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 305. Subroutine writeout redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pmline 511. Subroutine donics redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pm line 545. Subroutine getIPdomain redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pmline 801. Handling xcat-serv1 in /etc/hosts. Getting reverse zones, this may take several minutes for a large cluster. Completed getting reverse zones. Stopping named: . [ OK ] Updating zones. Completed updating zones. Restarting named Restarting named complete Updating DNS records, this may take several minutes for a large cluster. Completed updating DNS records. DNS setup is completed When I did an 'ls' in /var/named many records were missing and the ones still left we virtually empty except one entry for the headnode: BEFORE: # ls /var/named data db.10.29 db.10.40 db.127.0.0db.172.26.41 db.172.29 db.192.168.100 db.haig db.morgan.haib.org.jnl db.10.29.jnl db.10.60 db.172.20 db.172.26.42 db.172.30 db.cache db.morgan slaves db.10.20 db.10.30 db.10.60.jnl db.172.26.40 db.172.26.43 db.172.40 db.haib db.morgan.haib.org AFTER: # ls /var/named data db.10.20.jnl db.10.29.jnl db.10.30.jnl db.10.40.jnl db.10.60.jnl db.172.26.41 db.172.26.43db.morgan.haib.org.jnl db.10.20 db.10.29 db.10.30 db.10.40 db.10.60 db.172.26.40 db.172.26.42 db.morgan.haib.org slaves As you can see several files are missing, Luckily I made a full backup yesterday and was able to restore the old files. From /var/log/messages you can see the initial deletion message for xcat-serv1: Jan 16 10:32:55 x3650-head01 named[8249]: client 10.20.0.1#56080: updating zone '40.10.IN-ADDR.ARPA/IN': adding an RR at '11.102.40.10.IN-ADDR.ARPA' PTR Jan 16 10:32:55 x3650-head01 named[8249]: client 10.20.0.1#56080: updating zone '40.10.IN-ADDR.ARPA/IN': adding an RR at '7.101.40.10.IN-ADDR.ARPA' PTR Jan 16 10:32:55 x3650-head01 named[8249]: client 10.20.0.1#56080: updating zone '40.10.IN-ADDR.ARPA/IN': adding an RR at '10.102.40.10.IN-ADDR.ARPA' PTR Jan 16 10:32:55 x3650-head01 named[8249]: client 10.20.0.1#56080: updating zone '40.10.IN-ADDR.ARPA/IN': adding an RR at '27.102.40.10.IN-ADDR.ARPA' PTR Jan 16 10:32:55 x3650-head01 named[8249]: client 10.20.0.1#56080: updating zone '40.10.IN-ADDR.ARPA/IN': adding an RR at '33.101.40.10.IN-ADDR.ARPA' PTR Jan 16 10:32:55 x3650-head01 named[8249]: client 10.20.0.1#56080: updating zone '40.10.IN-ADDR.ARPA/IN': adding an RR at '1.102.40.10.IN-ADDR.ARPA' PTR Jan 16 10:32:55 x3650-head01 named[8249]: client 10.20.0.1#56080: updating zone Then for the makedens -a xcat-serv you actually see it update EVERY ZONE: Jan 16 10:32:42 x3650-head01 named[8249]: client 10.20.0.1#43788: updating zone '30.10.IN-ADDR.ARPA/IN': adding an RR at '1.50.30.10.IN-ADDR.ARPA' PTR Jan 16 10:32:42 x3650-head01 named[8249]: client 10.20.0.1#43788: updating zone '30.10.IN-ADDR.ARPA/IN':
Re: [xcat-user] Makedns wiping out DNS records
We have an entire doc on name resolution also I would not make it a common practice to use XCATBYPASS mode. Running with the xcatd is much more secure and some things do not work well in XCATBYPASS mode. https://sourceforge.net/apps/mediawiki/xcat/index.php?title=Cluster_Name_Resolution Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 From: Josh Nielsen jniel...@hudsonalpha.org To: xCAT Users Mailing list xcat-user@lists.sourceforge.net, Date: 01/16/2014 12:03 PM Subject:[xcat-user] Makedns wiping out DNS records Regardless of the version of xCAT we have used in the past, my coworkers and I have noticed that running makedns with any following options can be dangerous for us, because something happens where it will wipe out all the records in DNS. If we run makedns with no options generally any new nodes that have been added to /etc/hosts will be parsed and added appropriately. Maybe I am misunderstanding what happens when the command is run. Here is a recent example. My entry for a new node xcat-serv1 for some reason didn't have the reverse lookup from the IP in the DNS file for that subnet (db.10.20), and so I decided to try to remove just the DNS entry for that node and then re-add it. Here is what I ran: # makedns -d xcat-serv1 Handling xcat-serv1 in /etc/hosts. Getting reverse zones, this may take several minutes for a large cluster. Completed getting reverse zones. Updating zones. Completed updating zones. Updating DNS records, this may take several minutes for a large cluster. Completed updating DNS records. Then I ran it with the -n parameter to re-add that node (with XCATBYPASS=1): # export XCATBYPASS=1 [root@x3650-head01 centos]# makedns -n xcat-serv1 Unrecognized escape \h passed through at /opt/xcat/lib/perl/xCAT/zvmUtils.pm line 2408. Subroutine handled_commands redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 28. Subroutine delnode redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pm line 33. Subroutine addnode redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pm line 58. Subroutine build_line redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pm line 117. Subroutine addotherinterfaces redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 182. Subroutine delotherinterfaces redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 209. Subroutine add_hosts_content redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 234. Subroutine process_request redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 305. Subroutine writeout redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pm line 511. Subroutine donics redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pm line 545. Subroutine getIPdomain redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pm line 801. Handling xcat-serv1 in /etc/hosts. Getting reverse zones, this may take several minutes for a large cluster. Completed getting reverse zones. Stopping named: . [ OK ] Updating zones. Completed updating zones. Restarting named Restarting named complete Updating DNS records, this may take several minutes for a large cluster. Completed updating DNS records. DNS setup is completed When I did an 'ls' in /var/named many records were missing and the ones still left we virtually empty except one entry for the headnode: BEFORE: # ls /var/named data db.10.29 db.10.40 db.127.0.0 db.172.26.41 db.172.29 db.192.168.100 db.haig db.morgan.haib.org.jnl db.10.29.jnl db.10.60 db.172.20 db.172.26.42 db.172.30 db.cache db.morgan slaves db.10.20 db.10.30 db.10.60.jnl db.172.26.40 db.172.26.43 db.172.40 db.haib db.morgan.haib.org AFTER: # ls /var/named data db.10.20.jnl db.10.29.jnl db.10.30.jnl db.10.40.jnl db.10.60.jnl db.172.26.41 db.172.26.43 db.morgan.haib.org.jnl db.10.20 db.10.29 db.10.30 db.10.40 db.10.60 db.172.26.40 db.172.26.42 db.morgan.haib.org slaves As you can see several files are missing, Luckily I made a full backup yesterday and was able to restore the old files. From /var/log/messages you can see the initial deletion message for xcat-serv1: Jan 16 10:32:55 x3650-head01 named[8249]: client 10.20.0.1#56080: updating zone '40.10.IN-ADDR.ARPA/IN': adding an RR at '11.102.40.10.IN-ADDR.ARPA' PTR Jan 16 10:32:55 x3650-head01 named[8249]: client 10.20.0.1#56080: updating zone '40.10.IN-ADDR.ARPA/IN': adding an RR at '7.101.40.10.IN-ADDR.ARPA' PTR Jan 16 10:32:55 x3650-head01 named[8249]: client 10.20.0.1#56080: updating zone '40.10.IN-ADDR.ARPA/IN': adding an RR at '10.102.40.10.IN-ADDR.ARPA' PTR Jan 16 10:32:55 x3650-head01 named[8249]: client 10.20.0.1#56080: updating zone '40.10.IN-ADDR.ARPA/IN': adding an RR at '27.102.40.10.IN-ADDR.ARPA' PTR Jan 16 10:32:55 x3650-head01 named[8249]: client 10.20.0.1#56080: updating zone '40.10.IN-ADDR.ARPA/IN': adding an RR at '33.101.40.10.IN-ADDR.ARPA' PTR Jan
Re: [xcat-user] Makedns wiping out DNS records
Okay, I will look through that document. This is the first and only time I've used XCATBYPASS with that command (to get more clarity into what was going on in the background). Makedns has been presenting us with the problem(s) I mentioned for well over a year now, with previous versions of xCAT as well. I'm guessing that if this doesn't happen for other people that it must have been some setting when xCAT was originally installed which was misconfigured, or maybe something funny in one of the xCAT db tables like 'site'. I just wanted to see if anyone has had problems with using the -n or -d options deleting more than they are supposed to. -Josh On Thu, Jan 16, 2014 at 11:23 AM, Lissa Valletta lis...@us.ibm.com wrote: We have an entire doc on name resolution also I would not make it a common practice to use XCATBYPASS mode. Running with the xcatd is much more secure and some things do not work well in XCATBYPASS mode. https://sourceforge.net/apps/mediawiki/xcat/index.php?title=Cluster_Name_Resolution Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 [image: Inactive hide details for Josh Nielsen ---01/16/2014 12:03:28 PM---Regardless of the version of xCAT we have used in the past,]Josh Nielsen ---01/16/2014 12:03:28 PM---Regardless of the version of xCAT we have used in the past, my coworkers and I have noticed that run From: Josh Nielsen jniel...@hudsonalpha.org To: xCAT Users Mailing list xcat-user@lists.sourceforge.net, Date: 01/16/2014 12:03 PM Subject: [xcat-user] Makedns wiping out DNS records -- Regardless of the version of xCAT we have used in the past, my coworkers and I have noticed that running makedns with any following options can be dangerous for us, because something happens where it will wipe out all the records in DNS. If we run makedns with no options generally any new nodes that have been added to /etc/hosts will be parsed and added appropriately. Maybe I am misunderstanding what happens when the command is run. Here is a recent example. My entry for a new node xcat-serv1 for some reason didn't have the reverse lookup from the IP in the DNS file for that subnet (db.10.20), and so I decided to try to remove just the DNS entry for that node and then re-add it. Here is what I ran: # makedns -d xcat-serv1 Handling xcat-serv1 in /etc/hosts. Getting reverse zones, this may take several minutes for a large cluster. Completed getting reverse zones. Updating zones. Completed updating zones. Updating DNS records, this may take several minutes for a large cluster. Completed updating DNS records. Then I ran it with the -n parameter to re-add that node (with XCATBYPASS=1): # export XCATBYPASS=1 [root@x3650-head01 centos]# makedns -n xcat-serv1 Unrecognized escape \h passed through at /opt/xcat/lib/perl/xCAT/zvmUtils.pm line 2408. Subroutine handled_commands redefined at /opt/xcat/lib/perl/xCAT_plugin/ *hosts.pm* http://hosts.pm/ line 28. Subroutine delnode redefined at /opt/xcat/lib/perl/xCAT_plugin/*hosts.pm*http://hosts.pm/ line 33. Subroutine addnode redefined at /opt/xcat/lib/perl/xCAT_plugin/*hosts.pm*http://hosts.pm/ line 58. Subroutine build_line redefined at /opt/xcat/lib/perl/xCAT_plugin/ *hosts.pm* http://hosts.pm/ line 117. Subroutine addotherinterfaces redefined at /opt/xcat/lib/perl/xCAT_plugin/ *hosts.pm* http://hosts.pm/ line 182. Subroutine delotherinterfaces redefined at /opt/xcat/lib/perl/xCAT_plugin/ *hosts.pm* http://hosts.pm/ line 209. Subroutine add_hosts_content redefined at /opt/xcat/lib/perl/xCAT_plugin/ *hosts.pm* http://hosts.pm/ line 234. Subroutine process_request redefined at /opt/xcat/lib/perl/xCAT_plugin/ *hosts.pm* http://hosts.pm/ line 305. Subroutine writeout redefined at /opt/xcat/lib/perl/xCAT_plugin/*hosts.pm*http://hosts.pm/ line 511. Subroutine donics redefined at /opt/xcat/lib/perl/xCAT_plugin/*hosts.pm*http://hosts.pm/ line 545. Subroutine getIPdomain redefined at /opt/xcat/lib/perl/xCAT_plugin/ *hosts.pm* http://hosts.pm/ line 801. Handling xcat-serv1 in /etc/hosts. Getting reverse zones, this may take several minutes for a large cluster. Completed getting reverse zones. Stopping named: . [ OK ] Updating zones. Completed updating zones. Restarting named Restarting named complete Updating DNS records, this may take several minutes for a large cluster. Completed updating DNS records. DNS setup is completed When I did an 'ls' in /var/named many records were missing and the ones still left we virtually empty except one entry for the headnode: BEFORE: # ls /var/named data db.10.29 db.10.40 db.127.0.0db.172.26.41 db.172.29 db.192.168.100 db.haig db.morgan.haib.org.jnl db.10.29.jnl db.10.60 db.172.20 db.172.26.42 db.172.30 db.cachedb.morgan slaves db.10.20 db.10.30 db
Re: [xcat-user] Makedns wiping out DNS records
You will see in the document that makedns is very dependent on what you do to setup you Management node. Your /etc/hosts /etc/resolv.conf, etc Setting that must be added to the database for your cluster such as in the site table, defining your network in the networks table. You can use that document to check your database configuration. Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 From: Josh Nielsen jniel...@hudsonalpha.org To: xCAT Users Mailing list xcat-user@lists.sourceforge.net, Date: 01/16/2014 12:44 PM Subject:Re: [xcat-user] Makedns wiping out DNS records Okay, I will look through that document. This is the first and only time I've used XCATBYPASS with that command (to get more clarity into what was going on in the background). Makedns has been presenting us with the problem(s) I mentioned for well over a year now, with previous versions of xCAT as well. I'm guessing that if this doesn't happen for other people that it must have been some setting when xCAT was originally installed which was misconfigured, or maybe something funny in one of the xCAT db tables like 'site'. I just wanted to see if anyone has had problems with using the -n or -d options deleting more than they are supposed to. -Josh On Thu, Jan 16, 2014 at 11:23 AM, Lissa Valletta lis...@us.ibm.com wrote: We have an entire doc on name resolution also I would not make it a common practice to use XCATBYPASS mode. Running with the xcatd is much more secure and some things do not work well in XCATBYPASS mode. https://sourceforge.net/apps/mediawiki/xcat/index.php?title=Cluster_Name_Resolution Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 Inactive hide details for Josh Nielsen ---01/16/2014 12:03:28 PM---Regardless of the version of xCAT we have used in the past, Josh Nielsen ---01/16/2014 12:03:28 PM---Regardless of the version of xCAT we have used in the past, my coworkers and I have noticed that run From: Josh Nielsen jniel...@hudsonalpha.org To: xCAT Users Mailing list xcat-user@lists.sourceforge.net, Date: 01/16/2014 12:03 PM Subject: [xcat-user] Makedns wiping out DNS records Regardless of the version of xCAT we have used in the past, my coworkers and I have noticed that running makedns with any following options can be dangerous for us, because something happens where it will wipe out all the records in DNS. If we run makedns with no options generally any new nodes that have been added to /etc/hosts will be parsed and added appropriately. Maybe I am misunderstanding what happens when the command is run. Here is a recent example. My entry for a new node xcat-serv1 for some reason didn't have the reverse lookup from the IP in the DNS file for that subnet (db.10.20), and so I decided to try to remove just the DNS entry for that node and then re-add it. Here is what I ran: # makedns -d xcat-serv1 Handling xcat-serv1 in /etc/hosts. Getting reverse zones, this may take several minutes for a large cluster. Completed getting reverse zones. Updating zones. Completed updating zones. Updating DNS records, this may take several minutes for a large cluster. Completed updating DNS records. Then I ran it with the -n parameter to re-add that node (with XCATBYPASS=1): # export XCATBYPASS=1 [root@x3650-head01 centos]# makedns -n xcat-serv1 Unrecognized escape \h passed through at /opt/xcat/lib/perl/xCAT/zvmUtils.pm line 2408. Subroutine handled_commands redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 28. Subroutine delnode redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pm line 33. Subroutine addnode redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pm line 58. Subroutine build_line redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 117. Subroutine addotherinterfaces redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pm line 182. Subroutine delotherinterfaces redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pm line 209. Subroutine add_hosts_content redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 234. Subroutine process_request redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 305. Subroutine writeout redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pm line 511. Subroutine donics redefined at /opt/xcat/lib/perl/xCAT_plugin/hosts.pm line 545. Subroutine getIPdomain redefined at /opt/xcat/lib/perl/xCAT_plugin/ hosts.pm line 801. Handling xcat-serv1 in /etc/hosts. Getting reverse zones, this may take several minutes for a large cluster. Completed getting reverse zones. Stopping named: . [ OK ] Updating zones. Completed updating zones. Restarting named Restarting named complete Updating DNS records, this may take several minutes for a large cluster. Completed updating DNS records. DNS setup is completed
Re: [xcat-user] Makedns wiping out DNS records
Just a tip and something that bit me before - bind updates its data
in the journal and won't dump new data to the zone files
immediately. You can force it do dump the data so that you can see
it by restarting bind.
You can also test to make sure DNS is being added by digging for the
record. IE, dig @localhost dayhoff.morgan.haib.org. If you get an A
record back, your DNS is working fine.
On 1/16/2014 12:39 PM, Josh Nielsen
wrote:
Is there any way to debug what exactly the makedns
command does to named/bind, as in what command it issues? Or
does it directly edit the named files? I could run the named
daemon with "-d 9" for debugging level 9 but I've done that
before and the output is daunting and nearly incomprehensible
for the non-veteran in DNS. As I said, running "makedns" by it
self works fine, but using -d or -n causes problems. I have no
way of knowing what xCAT does in the background with those
options.
I checked and /etc/hosts is correct, and /etc/resolv.conf is as
well. The site table has all five possible dns attributes
(domain, dnshandler, forwarders, master, and nameservers) set
correctly, and the networks are defined for every subnet we use.
There is nothing that I can see that would cause it to parse
incorrectly, especially since it echoed to /var/log/messages
that it was going through /etc/hosts and creating entries (but
really it didn't) for each host. I did have to add one entry
manually into /etc/hosts though for a SAN storage system. Would
seeing an unrecognized node cause problems? And if so why is
there nothing in the logs about it? I saw it say that it was
adding an entry for that node (even though it didn't - like
every other entry):
"Jan 16 10:32:53 x3650-head01 named[8249]: client
10.20.0.1#56079: updating zone 'morgan.haib.org/IN':
adding an RR at 'dayhoff.morgan.haib.org'
A"
If I can find out what xCAT is doing to make the changes perhaps
I can reproduce it manually in a test environment and see what
is causing it to wipe out the entries.
-Josh
On Thu, Jan 16, 2014 at 12:01 PM,
Lissa Valletta lis...@us.ibm.com wrote:
You will see in the document
that makedns is very dependent on what you do to
setup you Management node. Your /etc/hosts
/etc/resolv.conf, etc Setting that must be added
to the database for your cluster such as in the
site table, defining your network in the networks
table. You can use that document to check your
database configuration.
Lissa K. Valletta
8-3/B10
Poughkeepsie, NY 12601
(tie 293) 433-3102
Josh Nielsen
---01/16/2014 12:44:27 PM---Okay, I will look
through that document. This is the first and only
time I've used XCATBYPASS with t
From:
Josh Nielsen
jniel...@hudsonalpha.org
To: xCAT Users Mailing list
xcat-user@lists.sourceforge.net,
Date:
01/16/2014
12:44 PM
Subject:
Re:
[xcat-user] Makedns wiping out DNS records
Okay, I will look through
that document. This is the first and only time I've
used XCATBYPASS with that command (to get more clarity
into what was going on in the background). Makedns has
been presenting us with the problem(s) I mentioned for
well over a year now, with previous versions of xCAT
as well. I'm guessing that if this doesn't happen for
other people that it must have been some setting when
xCAT was originally installed which was misconfigured,
or maybe something funny in one of the xCAT db tables
like 'site'. I just wanted to see if anyone has had
problems with using the "-n" or "-d" options deleting
more than they are supposed to.
-Josh
On Thu, Jan 16,
Re: [xcat-user] Makedns wiping out DNS records
Are you running makedns or makedns -n? Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 From: Russell Jones russell-l...@jonesmail.me To: xcat-user@lists.sourceforge.net, Date: 01/16/2014 01:53 PM Subject:Re: [xcat-user] Makedns wiping out DNS records Just a tip and something that bit me before - bind updates its data in the journal and won't dump new data to the zone files immediately. You can force it do dump the data so that you can see it by restarting bind. You can also test to make sure DNS is being added by digging for the record. IE, dig @localhost dayhoff.morgan.haib.org. If you get an A record back, your DNS is working fine. On 1/16/2014 12:39 PM, Josh Nielsen wrote: Is there any way to debug what exactly the makedns command does to named/bind, as in what command it issues? Or does it directly edit the named files? I could run the named daemon with -d 9 for debugging level 9 but I've done that before and the output is daunting and nearly incomprehensible for the non-veteran in DNS. As I said, running makedns by it self works fine, but using -d or -n causes problems. I have no way of knowing what xCAT does in the background with those options. I checked and /etc/hosts is correct, and /etc/resolv.conf is as well. The site table has all five possible dns attributes (domain, dnshandler, forwarders, master, and nameservers) set correctly, and the networks are defined for every subnet we use. There is nothing that I can see that would cause it to parse incorrectly, especially since it echoed to /var/log/messages that it was going through /etc/hosts and creating entries (but really it didn't) for each host. I did have to add one entry manually into /etc/hosts though for a SAN storage system. Would seeing an unrecognized node cause problems? And if so why is there nothing in the logs about it? I saw it say that it was adding an entry for that node (even though it didn't - like every other entry): Jan 16 10:32:53 x3650-head01 named[8249]: client 10.20.0.1#56079: updating zone 'morgan.haib.org/IN': adding an RR at ' dayhoff.morgan.haib.org' A If I can find out what xCAT is doing to make the changes perhaps I can reproduce it manually in a test environment and see what is causing it to wipe out the entries. -Josh On Thu, Jan 16, 2014 at 12:01 PM, Lissa Valletta lis...@us.ibm.com wrote: You will see in the document that makedns is very dependent on what you do to setup you Management node. Your /etc/hosts /etc/resolv.conf, etc Setting that must be added to the database for your cluster such as in the site table, defining your network in the networks table. You can use that document to check your database configuration. Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 Inactive hide details for Josh Nielsen ---01/16/2014 12:44:27 PM---Okay, I will look through that document. This is the first aJosh Nielsen ---01/16/2014 12:44:27 PM---Okay, I will look through that document. This is the first and only time I've used XCATBYPASS with t From: Josh Nielsen jniel...@hudsonalpha.org To: xCAT Users Mailing list xcat-user@lists.sourceforge.net, Date: 01/16/2014 12:44 PM Subject: Re: [xcat-user] Makedns wiping out DNS records Okay, I will look through that document. This is the first and only time I've used XCATBYPASS with that command (to get more clarity into what was going on in the background). Makedns has been presenting us with the problem(s) I mentioned for well over a year now, with previous versions of xCAT as well. I'm guessing that if this doesn't happen for other people that it must have been some setting when xCAT was originally installed which was misconfigured, or maybe something funny in one of the xCAT db tables like 'site'. I just wanted to see if anyone has had problems with using the -n or -d options deleting more than they are supposed to. -Josh On Thu, Jan 16, 2014 at 11:23 AM, Lissa Valletta lis...@us.ibm.com wrote: We have an entire doc on name resolution also I would not make it a common practice to use XCATBYPASS mode. Running with the xcatd is much more secure and some things do not work well in XCATBYPASS mode. https://sourceforge.net/apps/mediawiki/xcat/index.php?title=Cluster_Name_Resolution Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 Inactive hide details for Josh Nielsen ---01/16
Re: [xcat-user] Makedns wiping out DNS records
If you ran makedns -n node1 it is only going to set up DNS for node1. Check the examples in man makedns. The makedns -d node1 should only have removed node1. It you want to set up a new DNS for all nodes in /etc/hosts run makedns -n Examples 1.To set up DNS for all the hosts in /etc/hosts file. makedns 2.To set up DNS for node1. makedns node1 3.To create a new named configuration and db files for all hosts in /etc/hosts. makedns -n 4.To delete the DNS records for node1. makedns -d node1 Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 From: Lissa Valletta/Poughkeepsie/IBM@IBMUS To: xCAT Users Mailing list xcat-user@lists.sourceforge.net, Cc: xcat-user@lists.sourceforge.net Date: 01/16/2014 02:22 PM Subject:Re: [xcat-user] Makedns wiping out DNS records Are you running makedns or makedns -n? Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 Inactive hide details for Russell Jones ---01/16/2014 01:53:16 PM---Just a tip and something that bit me before - bind updates Russell Jones ---01/16/2014 01:53:16 PM---Just a tip and something that bit me before - bind updates its data in the journal and won't dump n From: Russell Jones russell-l...@jonesmail.me To: xcat-user@lists.sourceforge.net, Date: 01/16/2014 01:53 PM Subject: Re: [xcat-user] Makedns wiping out DNS records Just a tip and something that bit me before - bind updates its data in the journal and won't dump new data to the zone files immediately. You can force it do dump the data so that you can see it by restarting bind. You can also test to make sure DNS is being added by digging for the record. IE, dig @localhost dayhoff.morgan.haib.org. If you get an A record back, your DNS is working fine. On 1/16/2014 12:39 PM, Josh Nielsen wrote: Is there any way to debug what exactly the makedns command does to named/bind, as in what command it issues? Or does it directly edit the named files? I could run the named daemon with -d 9 for debugging level 9 but I've done that before and the output is daunting and nearly incomprehensible for the non-veteran in DNS. As I said, running makedns by it self works fine, but using -d or -n causes problems. I have no way of knowing what xCAT does in the background with those options. I checked and /etc/hosts is correct, and /etc/resolv.conf is as well. The site table has all five possible dns attributes (domain, dnshandler, forwarders, master, and nameservers) set correctly, and the networks are defined for every subnet we use. There is nothing that I can see that would cause it to parse incorrectly, especially since it echoed to /var/log/messages that it was going through /etc/hosts and creating entries (but really it didn't) for each host. I did have to add one entry manually into /etc/hosts though for a SAN storage system. Would seeing an unrecognized node cause problems? And if so why is there nothing in the logs about it? I saw it say that it was adding an entry for that node (even though it didn't - like every other entry): Jan 16 10:32:53 x3650-head01 named[8249]: client 10.20.0.1#56079: updating zone 'morgan.haib.org/IN': adding an RR at ' dayhoff.morgan.haib.org' A If I can find out what xCAT is doing to make the changes perhaps I can reproduce it manually in a test environment and see what is causing it to wipe out the entries. -Josh On Thu, Jan 16, 2014 at 12:01 PM, Lissa Valletta lis...@us.ibm.com wrote: You will see in the document that makedns is very dependent on what you do to setup you Management node. Your /etc/hosts /etc/resolv.conf, etc Setting that must be added to the database for your cluster such as in the site table, defining your network in the networks table. You can use that document to check your database configuration. Lissa K. Valletta 8-3/B10 Poughkeepsie, NY 12601 (tie 293) 433-3102 Inactive hide details for Josh Nielsen ---01/16/2014 12:44:27 PM---Okay, I will look through that document. This is the first aJosh Nielsen ---01/16/2014 12:44:27 PM---Okay, I will look through that document. This is the first and only time I've used XCATBYPASS with t From: Josh Nielsen jniel...@hudsonalpha.org To: xCAT Users Mailing list xcat-user@lists.sourceforge.net, Date: 01/16/2014 12:44 PM Subject: Re: [xcat-user] Makedns wiping out DNS records Okay, I will look through that document. This is the first and only time I've used XCATBYPASS with that command (to get more
Re: [xcat-user] Makedns wiping out DNS records
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 17/01/14 04:00, Josh Nielsen wrote: If it just something with our installation or does makedns do this foe other people as well? FWIW we do not run DNS on the management nodes at all, we have 4 separate xCAT built clusters (3 HPC clusters and 1 for our GPFS/TSM infrastructure and our BG/Q service and front ends) and so to let them all populate DNS with a single, consistent view we have two external DNS servers that they all send updates to with makedns -e. One kink I think we've noticed there is that even with makedns -e xCAT seems to start up bind on the local system which isn't what we want at all. Good luck! Chris - -- Christopher SamuelSenior Systems Administrator VLSCI - Victorian Life Sciences Computation Initiative Email: sam...@unimelb.edu.au Phone: +61 (0)3 903 55545 http://www.vlsci.org.au/ http://twitter.com/vlsci -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.14 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlLYZ4sACgkQO2KABBYQAh8pwACfSEi4RePX5F2hG5E1AtrAdy77 PtMAni1KEwsOM/az4z0U7o4aZZOEuO/+ =fPWd -END PGP SIGNATURE- -- CenturyLink Cloud: The Leader in Enterprise Cloud Services. Learn Why More Businesses Are Choosing CenturyLink Cloud For Critical Workloads, Development Environments Everything In Between. Get a Quote or Start a Free Trial Today. http://pubads.g.doubleclick.net/gampad/clk?id=119420431iu=/4140/ostg.clktrk ___ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user
