Saturday, 7 July 2018

0004 - DNSMASQ

Overview:















"master" node Installation and configuration:

[root@master ~]# yum install dnsmasq bind-utils -y

edit "/etc/dnsmasq.conf" configuration file": 
[root@master ~]# cp -av /etc/dnsmasq.conf /root/orig_files/
‘/etc/dnsmasq.conf’ -> ‘/root/orig_files/dnsmasq.conf’

[root@master ~]# hostname
master.ab.lab

[root@master ~]# grep -v ^# /etc/dnsmasq.conf  | awk NF
conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig

[root@master ~]# vim /etc/dnsmasq.conf 

[root@master ~]# grep -B3 "^resolv-file" /etc/dnsmasq.conf 
# Change this line if you want dns to get its upstream servers from
# somewhere other that /etc/resolv.conf
#resolv-file=
resolv-file=/etc/resolv.dnsmasq

[root@master ~]# grep -B4 "^address" /etc/dnsmasq.conf 
# Add domains which you want to force to an IP address here.
# The example below send any host in double-click.net to a local
# web-server.
#address=/double-click.net/127.0.0.1
address=/ocp.master.ab.lab/192.168.11.162

[root@master ~]# grep -v ^# /etc/dnsmasq.conf  | awk NF
resolv-file=/etc/resolv.dnsmasq
address=/ocp.master.ab.lab/192.168.11.162
conf-dir=/etc/dnsmasq.d,.rpmnew,.rpmsave,.rpmorig

Create "/etc/resolv.dnsmasq" file: 
[root@master ~]# vim /etc/resolv.dnsmasq

[root@master ~]# cat /etc/resolv.dnsmasq 
# Add the gateway as a name server
nameserver 192.168.11.1

Edit "/etc/sysconfig/network-scripts/ifcfg-eth0" and "/etc/NetworkManager/NetworkManager.conf" filesto avoid updating the "/etc/resolv.conf" file: 
[root@master ~]# cp -av /etc/sysconfig/network-scripts/ifcfg-eth0 /root/orig_files/
‘/etc/sysconfig/network-scripts/ifcfg-eth0’ -> ‘/root/orig_files/ifcfg-eth0’

[root@master ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth0 
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=eth0
UUID=2bd9f367-9099-4bb6-acb6-2ab3e635173a

[root@master ~]# vim   /etc/sysconfig/network-scripts/ifcfg-eth0 

[root@master ~]# cat   /etc/sysconfig/network-scripts/ifcfg-eth0 
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=no
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=eth0
UUID=2bd9f367-9099-4bb6-acb6-2ab3e635173a
DEVICE=eth0
ONBOOT=yes
IPADDR=192.168.11.162
PREFIX=24
GATEWAY=192.168.11.1
##DNS1=192.168.11.1              <-----
PEERDNS=no                       <-----

[root@master ~]# cp -av /etc/NetworkManager/NetworkManager.conf /root/orig_files/
‘/etc/NetworkManager/NetworkManager.conf’ -> ‘/root/orig_files/NetworkManager.conf’


[root@master ~]# grep -v ^# /etc/NetworkManager/NetworkManager.conf | awk NF
[main]
plugins=ifcfg-rh
[logging]


[root@master ~]# vim /etc/NetworkManager/NetworkManager.conf 

[root@master ~]# grep -v ^# /etc/NetworkManager/NetworkManager.conf | awk NF
[main]
plugins=ifcfg-rh
dns=none                       <-----
[logging]

Edit "/etc/resolv.conf" file to set the "DNS" to be "127.0.0.1"file: 
[root@master ~]# cp -av  /etc/resolv.conf /root/orig_files

[root@master ~]# cat /etc/resolv.conf 
# Generated by NetworkManager
search openshift ab.lab
nameserver 192.168.11.1

[root@master ~]# vim /etc/resolv.conf 
[root@master ~]# cat /etc/resolv.conf 
search  ab.lab
nameserver 127.0.0.1

Disable and stop "firewalld" service: 
[root@master ~]# systemctl disable firewalld
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

[root@master ~]# systemctl stop firewalld

Start and enable the "dnsmasq" service: 
[root@master ~]# ip a
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eth0:  mtu 1500 qdisc pfifo_fast state UP qlen 1000
    link/ether 52:54:00:3f:27:ac brd ff:ff:ff:ff:ff:ff
    inet 192.168.11.203/24 brd 192.168.11.255 scope global dynamic eth0
       valid_lft 2980sec preferred_lft 2980sec
    inet 192.168.11.162/24 brd 192.168.11.255 scope global secondary eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::5054:ff:fe3f:27ac/64 scope link 
       valid_lft forever preferred_lft forever

[root@master ~]# dnsmasq --test
dnsmasq: syntax check OK.

[root@master ~]# systemctl enable dnsmasq --now
Created symlink from /etc/systemd/system/multi-user.target.wants/dnsmasq.service to /usr/lib/systemd/system/dnsmasq.service.

[root@master ~]# systemctl status dnsmasq 
● dnsmasq.service - DNS caching server.
   Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; vendor preset: disabled)
   Active: active (running) since Sun 2018-07-08 11:56:54 CEST; 8s ago
 Main PID: 10900 (dnsmasq)
   CGroup: /system.slice/dnsmasq.service
           └─10900 /usr/sbin/dnsmasq -k

Jul 08 11:56:54 master.ab.lab systemd[1]: Started DNS caching server..
Jul 08 11:56:54 master.ab.lab systemd[1]: Starting DNS caching server....
Jul 08 11:56:54 master.ab.lab dnsmasq[10900]: started, version 2.76 cachesize 150
Jul 08 11:56:54 master.ab.lab dnsmasq[10900]: compile time options: IPv6 GNU-getopt DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC loop-detect inotify
Jul 08 11:56:54 master.ab.lab dnsmasq[10900]: reading /etc/resolv.dnsmasq
Jul 08 11:56:54 master.ab.lab dnsmasq[10900]: using nameserver 192.168.11.1#53
Jul 08 11:56:54 master.ab.lab dnsmasq[10900]: read /etc/hosts - 2 addresses

Edit "/etc/hosts" file: 
[root@master ~]# cp -av /etc/hosts /root/orig_files/
‘/etc/hosts’ -> ‘/root/orig_files/hosts’

[root@master ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

[root@master ~]# vim /etc/hosts

[root@master ~]# cat /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6

# --
# Openshift hosts
# --
192.168.11.162 master master.ab.lab
192.168.11.163 node1  node1.ab.lab

Test Your "dnsmasq" configurations: 
[root@master ~]# reboot 

[root@master ~]# host $(hostname)
master.ab.lab has address 192.168.11.162


[root@master ~]# ping -c1 test.ocp.master.ab.lab
PING test.ocp.master.ab.lab (192.168.11.162) 56(84) bytes of data.
64 bytes from master (192.168.11.162): icmp_seq=1 ttl=64 time=0.026 ms

--- test.ocp.master.ab.lab ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 0.026/0.026/0.026/0.000 ms


[root@master ~]# ping -c1 google.com
PING google.com (216.58.217.174) 56(84) bytes of data.
64 bytes from iad23s44-in-f14.1e100.net (216.58.217.174): icmp_seq=1 ttl=54 time=14.9 ms

--- google.com ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 14.936/14.936/14.936/0.000 ms


Do the same exact steps with "node1":



Take cold snapshots:

virsh # snapshot-create-as openshift-master 02_dnsmasq --description "After installaing and creating dnsmasq DNS server"
Domain snapshot 02_dnsmasq created

virsh # snapshot-create-as openshift-node1 02_dnsmasq --description "After installaing and creating dnsmasq DNS server"
Domain snapshot 02_dnsmasq created

virsh # snapshot-list openshift-master
 Name                 Creation Time             State
------------------------------------------------------------
 00_fresh_os          2018-07-07 11:47:50 +0200 shutoff
 01_ready_to_install  2018-07-07 12:25:48 +0200 shutoff
 02_dnsmasq           2018-07-08 12:25:15 +0200 shutoff


virsh # snapshot-list openshift-node1
 Name                 Creation Time             State
------------------------------------------------------------
 00_fresh_os          2018-07-07 12:49:20 +0200 shutoff
 01_ready_to_install  2018-07-07 12:55:12 +0200 shutoff
 02_dnsmasq           2018-07-08 12:25:26 +0200 shutoff

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)