-
Notifications
You must be signed in to change notification settings - Fork 127
Installation Integration Bind
This page details how to configure NamedManager and integrate it with the Bind nameserver running on your DNS servers.
- You must have completed the installation steps as detailed in the Installation guides.
- Configure all your name servers via the NamedManager web interface including setting an API key for them.
- Ensure the web interface is reachable from the name servers, as they need to connect to the API at http://example.com/namedmanager to fetch DNS zone and record information, as well as to send logs back.
This guide assumes the following paths, which are as the RPM installation configures them. If you have installed via SVN or source, these may vary.
| Path | Details |
|---|---|
| /etc/namedmanager/ | Configuration directory for NamedManager |
| /etc/cron.d/namedmanager-bind | NamedManager cronjobs |
| /etc/init.d/namedmanager_logpush | Bootscript for starting/stopping the log collector |
| /etc/named.conf | Default name for your Bind name server configuration file. |
| /var/named/chroot/etc/named.conf | As above, if using bind-chroot. |
All configuration for the bind integration will be in: /etc/namedmanager/config-bind.php
It is important to review and adjust all paths and variables to match your particular environment, however the following are particularly key:
Set the path of the API for the NamedManager web interface to query for zonefile information, along with the nameserver name and key.
$config["api_url"] = "http://example.com/namedmanager";
$config["api_server_name"] = "ns1.example.com";
$config["api_auth_key"] = "AAAAABBBBBCCCCDDDD111222333";
Configure bind locations - typically the only option that needs changing is bind/config and bind/zonefiledir if your Bind process is using a different filesystem path (such as a chroot location).
Note that "named.namedmanager.conf" is intentional, this if the file that NamedManager generates, and is then included by your existing config, rather than being a full configuration replacement.
Example when using non-chrooted bind:
$config["bind"]["config"] = "/etc/named.namedmanager.conf";
$config["bind"]["zonefiledir"] = "/var/named/";
Example when using bind-chroot:
$config["bind"]["config"] = "/var/named/chroot/etc/named.namedmanager.conf";
$config["bind"]["zonefiledir"] = "/var/named/chroot/var/named/";
The bind config writer generates a configuration file for bind, that should be included from within the main configuration for bind (either /var/named/chroot/etc/named.conf or /etc/named.conf).
This file only defines the configured DNS zones, not any other Bind configuration. It can even be included in an existing configuration of zones, as long as none of the zones in NamedManager clash with the manually configured ones.
Note: this file path is the same both for bind-chroot and non-chroot, as it is relative to within the chroot jail:
The following line is required to be included inside the NamedManager zones - note you can include this inside multiple views if you have your name server configured in such a way.
include "/etc/named.namedmanager.conf";
By default the Bind configuration is checked for new versions every minute. If you're running a large deployment with many domains, you may wish to reduce the frequency of this check, by editing /etc/cron.d/namedmanager-bind
Verify the configuration for each name server is correct, by executing the configuration writer process:
php -q /usr/share/namedmanager/bind/namedmanager_bind_configwriter.php
This will check for configuration and if found apply it - if there are any API connection issues, it will provide details.
If you have any configured DNS zones, they will be written to the named.namedmanager.conf file and an associated zonefile will be generated.
Any errors will normally be recorded in /var/log/namedmanager_bind_configwriter
If you wish to aggregate all the Bind logs from all the name servers into the web interface, you need to configure and start the Bind logpush process.
As long as the API has been correctly configured as per step 1, the only adjustment needed to /etc/namedmanager/config-bind.php is to set the path to the NamedManager log:
$config["log_file"] = "/var/log/messages";
On RHEL Namedmanager logs to /var/log/messages, other platforms may have NamedManager logging to /var/log/syslog or elsewhere.
Execute the following to (re)start the logpush daeon:
/etc/init.d/namedmanager_logpush restart
You may need to enable the bootscript for startup on your platform - on RHEL, this is:
chkconfig --level 345 namedmanager_logpush on
Logs should start appearing in the web interface within a few seconds (5-10) after they are generated on the nameserver.
Any errors will be recorded in /var/log/namedmanager_logpush
The configuration of the name server is now complete - you will need to repeat the above process for any name server you deploy to.