Thanks for the response (Lissa too, sorry about not acknowledging that in last note)
#1 might be the way we use going forward, though the conversion from 2.5.2 xCAT (bind) to 2.6.8 seems like I'd need to either run thru all the nodes or add outside xCAT, neither of which is entirely repeatable or deirable. #2 I think I didn't explain very well. MN is nameserver for cluster ops only, neither the clients nor MN use MN as resolver day to day. The name resolution on MN is not correct, in terms of actual IPs vs what we use to install. Therefore, MN can't use itself as a resolver (and if in resolv.conf can cause problems by giving wrong IP's back to MN's queries) and cannot get answers from forwarders, as those could be unusable by clients, it's better for us if name lookup fails completely on MN to client during install than getting resolution that's actually correct. To put it another way, DNS on MN is entirely fictional in our model, nothing can rely upon MN for resolution outside of clients , and only in predetermined time aspects. But it's critical that the fictional DNS is there and used during those periods by the clients and that MN knows the real resolutions, but doesn't pass those on to the clients... _________________________________ Douglas Myers, IBM Special Events _________________________________ "It's not an opportunity if it doesn't scare you a little bit" |------------> | From: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |Jing CDL Sun <[email protected]> | >--------------------------------------------------------------------------------------------------------------------------------------------------| |------------> | To: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |xCAT Users Mailing list <[email protected]> | >--------------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Cc: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |xCAT Users Mailing list <[email protected]> | >--------------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Date: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |11/13/2011 06:00 PM | >--------------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Subject: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |Re: [xcat-user] ddns problem | >--------------------------------------------------------------------------------------------------------------------------------------------------| Hi Douglas, ddns is different from bind, it has the capability to dynamically update dns records without restarting dns service based on the Net::DNS::Resolver module, so it's based on the dns configuraton (/etc/resolv.conf) on your management node(your nameserver). If my understanding is correct, maybe we could try the settings below to see if the ddns can work for your situation? 1. since you only want the specific hosts (the three db files) managed by your mn dns, you could try "makedns -n <noderange>", this command will only add the dns records for the specified noderange to your dns server(your mn), then check /var/lib/named/db.x.x.x.jnl files to see if they are what you want. 2. since your mn is required to nameresolve other servers/domain besides the three db files, you could set site.forwarders to your external dns server name before the makedns command is issued, then when you nameresolve other servers on your mn, the dns request will be forwarded to the dns forwarders as set in site.forwarders. Any questions please feel free to let me know. Best Regards, ----------------------------- Sun Jing(孙靖) IBM China Software Development Laboratory Tel: (86-10) 82453625 E-mail: [email protected] Address: Building 28, ZhongGuanCun Software Park, No.8, Dong Bei Wang West Road, Haidian District Beijing 100193, PRC 北京市海淀区东北旺西路8号中关村软件园28号楼 邮编: 100193 Douglas Myers <[email protected]> To 2011-11-14 00:56 xCAT Users Mailing list <[email protected] e.net> Please respond to cc xCAT Users Mailing list <[email protected]> Subject Re: [xcat-user] ddns problem while I do have a nameserver line in resolv.conf, there's other nameservers as well. Search has multiple domains too, including the base domain required for cluster mgmt. We don't want anything beyond the install cluster and MN as nameserver for DNS, as it's not part of our DNS cluster. Don't really want forwarders either, now that I think about it. We basically want the three db files that are erroring out, and nothing else on MN DNS. Thing is, the other servers/domains are required for the MN to work as a server in our env, but at the same time it it used as dns server for clients only during installs and/or statelite boots, and includes some entries from /etc/hosts that are factually incorrect but required for installs, and only to the completion of xcatpost, where we correct based on things such as security zones. Before switch to ddns this wasn't an issue (MN was never a nameserver to itself) and makedns worked fine. All that being said, doing the steps below does work around most of the issue, but it's not viable for us... _________________________________ Douglas Myers, IBM Special Events _________________________________ "It's not an opportunity if it doesn't scare you a little bit" |------------> | From: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |Lissa Valletta/Poughkeepsie/IBM@IBMUS | >--------------------------------------------------------------------------------------------------------------------------------------------------| |------------> | To: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |xCAT Users Mailing list <[email protected]> | >--------------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Cc: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |xCAT Users Mailing list <[email protected]> | >--------------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Date: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |11/13/2011 04:05 AM | >--------------------------------------------------------------------------------------------------------------------------------------------------| |------------> | Subject: | |------------> >--------------------------------------------------------------------------------------------------------------------------------------------------| |Re: [xcat-user] ddns problem | >--------------------------------------------------------------------------------------------------------------------------------------------------| Check /etc/resolv.conf and see that it has a line for your MN and cluster search cluster.com nameserver 10.2.0.100 The domain should match, site.domain and nameserver should match site.nameserver. service xcatd stop ps -ef | grep xcatd - kill any hung processes service xcatd start makedns -n should create everything new In /var/lib/named you should not only have the db.x.x.x file but also a db.x.x.x.jnl file. It is binary and where all the important information is now kept. Lissa K. Valletta 2-3/T12 Poughkeepsie, NY 12601 (tie 293) 433-3102 From: Douglas Myers/Schaumburg/IBM@IBMUS To: xCAT Users Mailing list <[email protected]> Date: 11/11/2011 05:58 PM Subject: [xcat-user] ddns problem Running SLES11 sp1 master on X86_64, xCAT 2.6.8 upgraded from 2.5.2 via zypper. While most cluster actions seem to be working ok, when we added a new node and tried to run makedns it runs thru the /etc/hosts entries then we get: Getting reverse zones, this may take several minutes in scaling cluster. Completed getting reverse zones. Updating zones. Completed updating zones. Restarting named Restarting named complete Updating DNS records, this may take several minutes in scaling cluster. Error: Failure encountered updating .event.ibm.com., error was REFUSED Error: Failure encountered updating 180.42.9.IN-ADDR.ARPA., error was REFUSED Error: Failure encountered updating 10.IN-ADDR.ARPA., error was REFUSED Completed updating DNS records. DNS setup is completed And the db files are essentially empty, jsut the header info no names or reverses. Looking into the docs I see that in 2.6.2 there was a switch to ddns.pm for makedns, something seems to have gone badly on our update from 2.5 to 2.6, so I have two problems: 1) how do I fix this cluster? 2) how do I avoid this when updating my other clusters? _________________________________ Douglas Myers, IBM Special Events _________________________________ "It's not an opportunity if it doesn't scare you a little bit" ------------------------------------------------------------------------------ RSA(R) Conference 2012 Save $700 by Nov 18 Register now http://p.sf.net/sfu/rsa-sfdev2dev1 _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user ------------------------------------------------------------------------------ RSA(R) Conference 2012 Save $700 by Nov 18 Register now http://p.sf.net/sfu/rsa-sfdev2dev1 _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user ------------------------------------------------------------------------------ RSA(R) Conference 2012 Save $700 by Nov 18 Register now http://p.sf.net/sfu/rsa-sfdev2dev1 _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user ------------------------------------------------------------------------------ RSA(R) Conference 2012 Save $700 by Nov 18 Register now http://p.sf.net/sfu/rsa-sfdev2dev1 _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user ------------------------------------------------------------------------------ RSA(R) Conference 2012 Save $700 by Nov 18 Register now http://p.sf.net/sfu/rsa-sfdev2dev1 _______________________________________________ xCAT-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/xcat-user
