PowerDNS是一个运行在许多Linux/Unix衍生版上的DNS服务器,它可以使用不同的后端进行配置,包括BIND类型的区域文件、关系型数据库,或者负载均衡/失效转移算法。它也可以被配置成一台DNS递归器,作为服务器上的一个独立进程运行。
PowerDNS授权服务器的最新版本是3.4.4,但是当前EPEL仓库中可以获得的版本是3.4.3。我推荐安装EPEL仓库中提供的那一个,因为该版本已经在CentOS和Fedora中测试过。那样,你也可以在今后很容易地更新PowerDNS。
本文用于向你演示如何安装并配置以MariaDB作为后端的PowerDNS,以及它的界面友好的 Web 管理工具 PowerAdmin。
出于本文的写作目的,我将使用以下服务器:
-
主机名: centos7.localhost
-
IP地址: 192.168.0.102
第一部分: 安装带有MariaDB后端的PowerDNS
1、 首先,你需要为你的系统启用EPEL仓库,只需使用:
-
# yum install epel-release.noarch
启用Epel仓库
2、 下一步是安装MariaDB服务器。运行以下命令即可达成:
-
# yum -y install mariadb-server mariadb
安装MariaDB服务器
3、 接下来,我们将配置并启用MariaDB,并设置开机启动:
-
# systemctl enable mariadb.service
-
# systemctl start mariadb.service
启用MariaDB开机启动
4、 现在MariaDB服务运行起来了,我们将为MariaDB设置密码进行安全加固,运行以下命令:
-
# mysql_secure_installation
按照指示做
-
/bin/mysql_secure_installation: line 379: find_mysql_client: command not found
-
-
NOTE: RUNNING ALL PARTS OF THIS SCRIPT IS RECOMMENDED FOR ALL MariaDB
-
SERVERS IN PRODUCTION USE! PLEASE READ EACH STEP CAREFULLY!
-
-
In order to log into MariaDB to secure it, we'll need the current
-
password for the root user. If you've just installed MariaDB, and
-
you haven't set the root password yet, the password will be blank,
-
so you should just press enter here.
-
-
Enter current password for root (enter for none): Press ENTER
-
OK, successfully used password, moving on...
-
-
Setting the root password ensures that nobody can log into the MariaDB
-
root user without the proper authorisation.
-
-
Set root password? [Y/n] y
-
New password: ← Set New Password
-
Re-enter new password: ← Repeat Above Password
-
Password updated successfully!
-
Reloading privilege tables..
-
... Success!
-
-
-
By default, a MariaDB installation has an anonymous user, allowing anyone
-
to log into MariaDB without having to have a user account created for
-
them. This is intended only for testing, and to make the installation
-
go a bit smoother. You should remove them before moving into a
-
production environment.
-
-
Remove anonymous users? [Y/n] y ← Choose “y” to disable that user
-
... Success!
-
-
Normally, root should only be allowed to connect from 'localhost'. This
-
ensures that someone cannot guess at the root password from the network.
-
-
Disallow root login remotely? [Y/n] n ← Choose “n” for no
-
... skipping.
-
-
By default, MariaDB comes with a database named 'test' that anyone can
-
access. This is also intended only for testing, and should be removed
-
before moving into a production environment.
-
-
Remove test database and access to it? [Y/n] y ← Choose “y” for yes
-
- Dropping test database...
-
... Success!
-
- Removing privileges on test database...
-
... Success!
-
-
Reloading the privilege tables will ensure that all changes made so far
-
will take effect immediately.
-
-
Reload privilege tables now? [Y/n] y ← Choose “y” for yes
-
... Success!
-
-
Cleaning up...
-
-
All done! If you've completed all of the above steps, your MariaDB
-
installation should now be secure.
-
-
Thanks for using MariaDB!
5、 MariaDB配置成功后,我们可以继续去安装PowerDNS。运行以下命令即可轻易完成:
-
# yum -y install pdns pdns-backend-mysql
安装带有MariaDB后端的PowerDNS
6、 PowerDNS的配置文件位于/etc/pdns/pdns ,在编辑之前,我们将为PowerDNS服务配置一个MariaDB数据库。首先,我们将连接到MariaDB服务器并创建一个名为powerdns的数据库:
-
# mysql -u root -p
-
MariaDB [(none)]> CREATE DATABASE powerdns;
创建PowerDNS数据库
7、 接下来,我们将创建一个名为powerdns的数据库用户:
-
MariaDB [(none)]> GRANT ALL ON powerdns.* TO 'powerdns'@'localhost' IDENTIFIED BY ‘tecmint123’;
-
MariaDB [(none)]> GRANT ALL ON powerdns.* TO 'powerdns'@'centos7.localdomain' IDENTIFIED BY 'tecmint123';
-
MariaDB [(none)]> FLUSH PRIVILEGES;
创建PowerDNS用户
注意: 请将“tecmint123”替换为你想要设置的实际密码。
8、 我们继续创建PowerDNS要使用的数据库表。像堆积木一样执行以下这些:
-
MariaDB [(none)]> USE powerdns;
-
MariaDB [(none)]> CREATE TABLE domains (
-
id INT auto_increment,
-
name VARCHAR(255) NOT NULL,
-
master VARCHAR(128) DEFAULT NULL,
-
last_check INT DEFAULT NULL,
-
type VARCHAR(6) NOT NULL,
-
notified_serial INT DEFAULT NULL,
-
account VARCHAR(40) DEFAULT NULL,
-
primary key (id)
-
);
创建用于PowerDNS的表domains
-
MariaDB [(none)]> CREATE UNIQUE INDEX name_index ON domains(name);
-
MariaDB [(none)]> CREATE TABLE records (
-
id INT auto_increment,
-
domain_id INT DEFAULT NULL,
-
name VARCHAR(255) DEFAULT NULL,
-
type VARCHAR(6) DEFAULT NULL,
-
content VARCHAR(255) DEFAULT NULL,
-
ttl INT DEFAULT NULL,
-
prio INT DEFAULT NULL,
-
change_date INT DEFAULT NULL,
-
primary key(id)
-
);
创建用于PowerDNS的表 records
-
MariaDB [(none)]> CREATE INDEX rec_name_index ON records(name);
-
MariaDB [(none)]> CREATE INDEX nametype_index ON records(name,type);
-
MariaDB [(none)]> CREATE INDEX domain_id ON records(domain_id);
创建表索引
-
MariaDB [(none)]> CREATE TABLE supermasters (
-
ip VARCHAR(25) NOT NULL,
-
nameserver VARCHAR(255) NOT NULL,
-
account VARCHAR(40) DEFAULT NULL
-
);
创建表supermasters
你现在可以输入以下命令退出MariaDB控制台:
-
MariaDB [(none)]> quit;
9、 最后,我们可以继续配置PowerDNS了,以MariaDB作为后台。请打开PowerDNS的配置文件:
-
# vim /etc/pdns/pdns.conf
在该文件中查找像下面这样的行:
-
#################################
-
# launch Which backends to launch and order to query them in
-
#
-
# launch=
在这后面放置以下代码:
-
launch=gmysql
-
gmysql-host=localhost
-
gmysql-user=powerdns
-
gmysql-password=user-pass
-
gmysql-dbname=powerdns
修改“user-pass”为你先前设置的实际密码,配置如下:
配置PowerDNS
保存修改并退出。
10、 现在,我们将启动并添加PowerDNS到系统开机启动列表:
-
# systemctl enable pdns.service
-
# systemctl start pdns.service
启用并启动PowerDNS
到这一步,你的PowerDNS服务器已经起来并运行了。要获取更多关于PowerDNS的信息,你可以参考手册http://downloads.powerdns.com/documentation/html/index.html。
(责任编辑:IT) |