第1章 環境描述:
[root@ops-tmp-app-2 ~]# cat /etc/redhat-release CentOS Linux release 7.4.1708 (Core) [root@ops-tmp-app-2 ~]# getenforce Disabled [root@ops-tmp-app-2 ~]# systemctl status firewalld.service ●firewalld.service - firewalld - dynamic firewall daemon Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled) Active: inactive (dead) Docs: man:firewalld(1)
第2章 安裝pdns
yum install -y pdns pdns-backend-mysql [root@ops-tmp-app-2 ~]# rpm -qa |grep pdns pdns-4.0.6-2.el7.x86_64 pdns-backend-mysql-4.0.6-2.el7.x86_64
啓動pdns就可以了,這裏粘貼一下配置文件
[root@ops-tmp-app-2 PowerDNS-Admin]# cat /etc/pdns/pdns.conf api=yes api-key=changeme api-logfile=/var/log/pdns.log cache-ttl=20 daemon=yes default-ttl=30 guardian=no launch=gmysql gmysql-host=10.3.2.15 gmysql-port=3306 gmysql-user=powerdns gmysql-dbname=powerdns gmysql-password=powerdns local-address=10.3.2.15 master=yes setgid=pdns setuid=pdns webserver=yes webserver-address=0.0.0.0 webserver-allow-from=0.0.0.0/0 webserver-port=8081 write-pid=yes allow-axfr-ips=10.3.2.15,10.3.2.5 also-notify=10.3.2.15,10.3.2.5 only-notify=10.3.2.15,10.3.2.5 slave=no slave-cycle-interval=60 log-dns-details=yes log-dns-queries=yes loglevel=6 pdns日誌默認輸出到message的系統日誌中了,調試中可以把日誌打印級別開大一點
第3章 後端數據庫配置
3.1數據庫安裝
yum install mariadb-server mariadb –y systemctl enable mariadb.service systemctl start mariadb.service
3.2設置密碼
mysql_secure_installation
首先是設置密碼,會提示先輸入密碼
Enter current password for root (enter for none):<–初次運行直接回車
Set root password? [Y/n] <– 是否設置root用戶密碼,輸入y並回車或直接回車
New password: <– 設置root用戶的密碼(比如123456)
Re-enter new password: <– 再輸入一次你設置的密碼
3.3其他配置
Remove anonymous users? [Y/n] <– 是否刪除匿名用戶,回車
Disallow root login remotely? [Y/n] <–是否禁止root遠程登錄,回車,
Remove test database and access to it? [Y/n] <– 是否刪除test數據庫,回車
Reload privilege tables now? [Y/n] <– 是否重新加載權限表,回車
3.4統一字符集
-> 首先是配置文件/etc/my.cnf,在[mysqld]標籤下添加
init_connect='SET collation_connection = utf8_unicode_ci'
init_connect='SET NAMES utf8'
character-set-server=utf8
collation-server=utf8_unicode_ci
skip-character-set-client-handshake
-> 接着配置文件/etc/my.cnf.d/client.cnf,在[client]中添加
default-character-set=utf8
-> 然後配置文件/etc/my.cnf.d/mysql-clients.cnf,在[mysql]中添加
default-character-set=utf8
systemctl restart mariadb.service
3.5創建數據
[root@ops-tmp-app-2 ~]# mysql -p123456 Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 2 Server version: 5.5.60-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type 'help;' or '\h' for help. Type '\c' to clear the current input statement. MariaDB [(none)]> source /root/pdns.sql
Sql文件的內容如下,複製一下自己創建sql文件即可
CREATE DATABASE powerdns; GRANT ALL ON powerdns.* TO 'powerdns'@'10.3.%' IDENTIFIED BY 'powerdns'; FLUSH PRIVILEGES; use powerdns; CREATE TABLE domains ( id INT AUTO_INCREMENT, name VARCHAR(255) NOT NULL, master VARCHAR(128) DEFAULT NULL, last_check INT DEFAULT NULL, type VARCHAR(6) NOT NULL, notified_serial INT DEFAULT NULL, account VARCHAR(40) DEFAULT NULL, PRIMARY KEY (id) ) Engine=InnoDB; CREATE UNIQUE INDEX name_index ON domains(name); CREATE TABLE records ( id BIGINT AUTO_INCREMENT, domain_id INT DEFAULT NULL, name VARCHAR(255) DEFAULT NULL, type VARCHAR(10) DEFAULT NULL, content VARCHAR(64000) DEFAULT NULL, ttl INT DEFAULT NULL, prio INT DEFAULT NULL, change_date INT DEFAULT NULL, disabled TINYINT(1) DEFAULT 0, ordername VARCHAR(255) BINARY DEFAULT NULL, auth TINYINT(1) DEFAULT 1, PRIMARY KEY (id) ) Engine=InnoDB; CREATE INDEX nametype_index ON records(name,type); CREATE INDEX domain_id ON records(domain_id); CREATE INDEX recordorder ON records (domain_id, ordername); CREATE TABLE supermasters ( ip VARCHAR(64) NOT NULL, nameserver VARCHAR(255) NOT NULL, account VARCHAR(40) NOT NULL, PRIMARY KEY (ip, nameserver) ) Engine=InnoDB; CREATE TABLE comments ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, name VARCHAR(255) NOT NULL, type VARCHAR(10) NOT NULL, modified_at INT NOT NULL, account VARCHAR(40) NOT NULL, comment VARCHAR(64000) NOT NULL, PRIMARY KEY (id) ) Engine=InnoDB; CREATE INDEX comments_domain_id_idx ON comments (domain_id); CREATE INDEX comments_name_type_idx ON comments (name, type); CREATE INDEX comments_order_idx ON comments (domain_id, modified_at); CREATE TABLE domainmetadata ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, kind VARCHAR(32), content TEXT, PRIMARY KEY (id) ) Engine=InnoDB; CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind); CREATE TABLE cryptokeys ( id INT AUTO_INCREMENT, domain_id INT NOT NULL, flags INT NOT NULL, active BOOL, content TEXT, PRIMARY KEY(id) ) Engine=InnoDB; CREATE INDEX domainidindex ON cryptokeys(domain_id); CREATE TABLE tsigkeys ( id INT AUTO_INCREMENT, name VARCHAR(255), algorithm VARCHAR(50), secret VARCHAR(255), PRIMARY KEY (id) ) Engine=InnoDB; CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm); flush privileges;
第4章 安裝powerDNS-admin的web管理界面
這裏沒有使用官方提供的poweradmin,是基於LAMP的,太重,部署很不方便
4.1爲powerDNS-admin準備數據庫和用戶
MariaDB [(none)]> CREATE DATABASE powerdnsadmin CHARACTER SET utf8 COLLATE utf8_general_ci; Query OK, 1 row affected (0.00 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON powerdnsadmin.* TO 'pdnsadminuser'@'%' IDENTIFIED BY 'p4ssw0rd'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> FLUSH PRIVILEGES; Query OK, 0 rows affected (0.00 sec)
4.2克隆powerDNS-admin代碼
git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git
4.3進入主目錄修改.env配置文件,配置數據庫連接信息
[root@ops-tmp-app-2 PowerDNS-Admin]# cat .env ENVIRONMENT=development PDA_DB_HOST=10.3.2.15 PDA_DB_NAME=powerdnsadmin PDA_DB_USER=pdnsadminuser PDA_DB_PASSWORD=p4ssw0rd PDA_DB_PORT=3306 PDNS_DB_HOST=10.3.2.15 PDNS_DB_NAME=powerdns PDNS_DB_USER=powerdns PDNS_DB_PASSWORD=powerdns PDNS_HOST=10.3.2.15 PDNS_API_KEY=changeme PDNS_WEBSERVER_ALLOW_FROM=0.0.0.0
4.4使用docker-compose構建
docker-compose build
4.5啓動容器
docker-compose up
PS:只要powerdns-admin這個容器起來就可以了,其他都可以忽略或者直接幹掉,因爲數據庫是使用自己的,沒用compose文件中構建的
[root@ops-tmp-app-2 PowerDNS-Admin]# docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
56b74d880448 powerdns-admin "/entrypoint.sh" 6 days ago Up 1 second 0.0.0.0:9191->9191/tcp powerdns-admin
打開瀏覽器訪問9191端口就可以了