I'm starting to see an older conversation that I had back in January of this year in a different light now: http://permalink.gmane.org/gmane.comp.clustering.xcat.user/182
There it was suggested that I "be aware that you may need to run a separate makedns to populate the local zone files as well as makedns -e to do the external name servers." Does this mean that an xCAT installation is required on the external DNS server just to populate the zones initially? Wouldn't having two xCAT installations, whose records you have to keep in sync, get tedious after a while? Maybe I'm misunderstanding how the external DNS solution is supposed to work in connection with xCAT. Any clarifications are welcome. -Josh On Wed, Sep 24, 2014 at 4:03 PM, Josh Nielsen <jniel...@hudsonalpha.org> wrote: > Hello all, > > I am in the process of trying to move to an external DNS implementation for > name resolution with our compute cluster. The only requirement I see in the > man page for makedns is to have one (and only one?) IP of the external DNS > server that you want to update in /etc/resolv.conf and also a valid > xcat_key. > > Firstly, how do you specify the xcat_key to be used on the client server > that is pushing out the dns changes with makedns -e? For a local setup the > key definition in /etc/named.conf is sufficient, but since makedns -e isn't > dependent on the local config (or is it?), how is the xcat_key specified? > The local /etc/named.conf file doesn't even need to exist on the client does > it? > > Secondly, the server I am pushing to only has a 127.0.0 zone since it is a > fresh BIND install and I'm wanting 'makedns -e' to create the new zones (and > zone files under /var/named/) for me on the remote server. With a local DNS > setup, makedns would parse your settings and handle all the file updates and > creation for you. But when I try makedns -e I see the following but no > files or zone updates (is this an xcat_key problem?): > > (I ran the remote DNS BIND daemon in the foreground with -d 60 verbosity) > > 24-Sep-2014 15:30:14.686 client 172.26.42.60#56844: UDP request > 24-Sep-2014 15:30:14.686 client 172.26.42.60#56844: using view '_default' > 24-Sep-2014 15:30:14.686 client 172.26.42.60#56844: request is not signed > 24-Sep-2014 15:30:14.686 client 172.26.42.60#56844: recursion available > 24-Sep-2014 15:30:14.686 client 172.26.42.60#56844: query > 24-Sep-2014 15:30:14.686 client 172.26.42.60#56844 > (9.101.20.10.IN-ADDR.ARPA): ns_client_attach: ref = 1 > 24-Sep-2014 15:30:14.687 client 172.26.42.60#56844 > (9.101.20.10.IN-ADDR.ARPA): query '9.101.20.10.IN-ADDR.ARPA/NS/IN' approved > 24-Sep-2014 15:30:14.687 client 172.26.42.60#56844 > (9.101.20.10.IN-ADDR.ARPA): send > 24-Sep-2014 15:30:14.687 client 172.26.42.60#56844 > (9.101.20.10.IN-ADDR.ARPA): sendto > 24-Sep-2014 15:30:14.687 client 172.26.42.60#56844 > (9.101.20.10.IN-ADDR.ARPA): senddone > 24-Sep-2014 15:30:14.687 client 172.26.42.60#56844 > (9.101.20.10.IN-ADDR.ARPA): next > 24-Sep-2014 15:30:14.687 client 172.26.42.60#56844 > (9.101.20.10.IN-ADDR.ARPA): ns_client_detach: ref = 0 > 24-Sep-2014 15:30:14.687 client 172.26.42.60#56844 > (9.101.20.10.IN-ADDR.ARPA): endrequest > 24-Sep-2014 15:30:14.687 client @0x7f000c0d7710: udprecv > 24-Sep-2014 15:30:14.687 sockmgr 0x7f0017e06010: watcher got message -3 for > socket 514 > 24-Sep-2014 15:30:14.687 sockmgr 0x7f0017e06010: watcher got message -2 for > socket -1 > 24-Sep-2014 15:30:14.687 socket 0x7f0017e1ebc8: socket_recv: event > 0x7f0017c8c160 -> task 0x7f0017e369d0 > 24-Sep-2014 15:30:14.688 socket 0x7f0017e1ebc8: dispatch_recv: event > 0x7f0017c8c160 -> task 0x7f0017e369d0 > 24-Sep-2014 15:30:14.688 socket 0x7f0017e1ebc8: internal_recv: task > 0x7f0017e369d0 got event 0x7f0017e1ec88 > 24-Sep-2014 15:30:14.688 socket 0x7f0017e1ebc8 172.26.42.60#46141: packet > received correctly > > "9.101.20.10.IN-ADDR.ARPA/NS/IN" must be my test node definition in the > client's /etc/hosts file "10.20.101.9 node0009 node0009.mydomain.org", but I > have no zone definition for 10.20 in /etc/named.conf on the external DNS > server yet. > > On the Cluster Name Resolution wiki page > (http://sourceforge.net/apps/mediawiki/xcat/index.php?title=Cluster_Name_Resolution) > under 'Option #2: Use a DNS That is Outside of the Cluster' it says: "If you > already have a DNS on your site network and you want to use that for your > cluster node names too, you can point all of the nodes to it. You must > ensure that your nodes have IP connectivity to the DNS, and you must > manually configure your DNS with the node hostnames and IP addresses." > > Does 'makedns -e' not populate the zone files for you, just like it would if > DNS were running locally on the MN itself by just parsing /etc/hosts on the > client and adding/pushing it to the (remote) DNS zone files for you? > > If not does this mean I need to hand configure the remote DNS server's > /etc/named.conf to stub out definitions for (as of yet) empty zones, or will > makedns -e do that for me? > > Thanks, > Josh ------------------------------------------------------------------------------ Meet PCI DSS 3.0 Compliance Requirements with EventLog Analyzer Achieve PCI DSS 3.0 Compliant Status with Out-of-the-box PCI DSS Reports Are you Audit-Ready for PCI DSS 3.0 Compliance? Download White paper Comply to PCI DSS 3.0 Requirement 10 and 11.5 with EventLog Analyzer http://pubads.g.doubleclick.net/gampad/clk?id=154622311&iu=/4140/ostg.clktrk _______________________________________________ xCAT-user mailing list xCAT-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/xcat-user
