pdns部署

一、基础配置

1.1 环境说明

操作系统： Centos 7.6

PDNS： 4.1.11-1.el7

MariaDB： 5.5.65

1.2 关闭防火墙和selinux

setenforce 0

sed -i 's/SELINUX=enforcing/SELINUX=disabled/g'  /etc/selinux/config

systemctl stop firewalld.service && systemctl disable firewalld.service

firewall-cmd  --state

 

二）安装mysql5.6

2.1 安装 MariaDB

1）更改存储目录

mkdir -p /data/mysql/{data,log}

vim /etc/my.cnf

[mysqld]

datadir=/data/mysql/data

socket=/data/mysql/mysql.sock

[mysqld_safe]

log-error=/data/mysql/log/mariadb.log

pid-file=/data/mysql/mariadb.pid

2）默认安装的版本为5.5

#安装

yum install -y epel-release yum-plugin-priorities

yum install -y mariadb-server mariadb

#设置目录权限

cd /data/

chown -R mysql.mysql mysql/

#启动
systemctl enable mariadb.service
systemctl start mariadb.service

2.2) 初始化

1）设置软连接

ln -s /data/mysql/mysql.sock /var/lib/mysql/mysql.sock

2）设置root密码

mysql_secure_installation回车,

y,          #设置root密码

root密码,

重复root密码,

y,          #删除匿名登入

y,          #禁用root远程登入

y,          #删除test库

y          #刷新权限

2.3）设置字符集

#vim /etc/my.cnf

[mysqld]

datadir=/data/mysql/data

socket=/data/mysql/mysql.sock

init_connect='SET collation_connection = utf8_unicode_ci'

init_connect='SET NAMES utf8'

character-set-server=utf8

collation-server=utf8_unicode_ci

skip-character-set-client-handshake

[mysqld_safe]

log-error=/data/mysql/log/mariadb.log

pid-file=/data/mysql/mariadb.pid

[client]

default-character-set=utf8

#

# include all files from the config directory

#

!includedir /etc/my.cnf.d

#vim /etc/my.cnf.d/client.cnf

[client]default-character-set=utf8

#vim /etc/my.cnf.d/mysql-clients.cnf

[mysql]default-character-set=utf8

2.4)重启mariadb

systemctl restart mariadb

三）安装PowerDNS

3.1）安装powerdns

yum -y install pdns pdns-backend-mysql

PowerDNS的配置文件位于：/etc/pdns/pdns.conf

3.2）新建数据库

create database powerdns CHARACTER SET utf8 COLLATE utf8_general_ci;

grant all on powerdns.* to 'powerdns'@'192.168.31.%' identified by 'Power@356';

flush privileges;

 

 

3.3）创建数据表

use powerdns;

CREATE TABLE domains (

  id                    INT AUTO_INCREMENT,

  name                  VARCHAR(255) NOT NULL,

  master                VARCHAR(128) DEFAULT NULL,

  last_check            INT DEFAULT NULL,

  type                  VARCHAR(6) NOT NULL,

  notified_serial      INT DEFAULT NULL,

  account              VARCHAR(40) DEFAULT NULL,

  PRIMARY KEY (id)

) Engine=InnoDB;

CREATE UNIQUE INDEX name_index ON domains(name);

CREATE TABLE records (

  id                    BIGINT AUTO_INCREMENT,

  domain_id            INT DEFAULT NULL,

  name                  VARCHAR(255) DEFAULT NULL,

  type                  VARCHAR(10) DEFAULT NULL,

  content              VARCHAR(64000) DEFAULT NULL,

  ttl                  INT DEFAULT NULL,

  prio                  INT DEFAULT NULL,

  change_date          INT DEFAULT NULL,

  disabled              TINYINT(1) DEFAULT0,

  ordername            VARCHAR(255) BINARY DEFAULT NULL,

  auth                  TINYINT(1) DEFAULT1,

  PRIMARY KEY (id)

) Engine=InnoDB;

CREATE INDEX nametype_index ON records(name,type);

CREATE INDEX domain_id ON records(domain_id);

CREATE INDEX recordorder ON records (domain_id, ordername);

CREATE TABLE supermasters (

  ip                    VARCHAR(64) NOT NULL,

  nameserver            VARCHAR(255) NOT NULL,

  account              VARCHAR(40) NOT NULL,

  PRIMARY KEY (ip, nameserver)

) Engine=InnoDB;

CREATE TABLE comments (

  id                    INT AUTO_INCREMENT,

  domain_id            INT NOT NULL,

  name                  VARCHAR(255) NOT NULL,

  type                  VARCHAR(10) NOT NULL,

  modified_at          INT NOT NULL,

  account              VARCHAR(40) NOT NULL,

  comment              VARCHAR(64000) NOT NULL,

  PRIMARY KEY (id)

) Engine=InnoDB;

CREATE INDEX comments_domain_id_idx ON comments (domain_id);

CREATE INDEX comments_name_type_idx ON comments (name, type);

CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);

CREATE TABLE domainmetadata (

  id                    INT AUTO_INCREMENT,

  domain_id            INT NOT NULL,

  kind                  VARCHAR(32),

  content              TEXT,

  PRIMARY KEY (id)

) Engine=InnoDB;

CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);

CREATE TABLE cryptokeys (

  id                    INT AUTO_INCREMENT,

  domain_id            INT NOT NULL,

  flags                INT NOT NULL,

  active                BOOL,

  content              TEXT,

  PRIMARY KEY(id)

) Engine=InnoDB;

CREATE INDEX domainidindex ON cryptokeys(domain_id);

CREATE TABLE tsigkeys (

  id                    INT AUTO_INCREMENT,

  name                  VARCHAR(255),

  algorithm            VARCHAR(50),

  secret                VARCHAR(255),

  PRIMARY KEY (id)

) Engine=InnoDB;

CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);

flush privileges;

show databases;

show tables;

3.4）配置powerdns

cp /etc/pdns/pdns.conf /etc/pdns/pdns.conf.bak

#vim /etc/pdns/pdns.conf

daemon=yes

guardian=no

cache-ttl=20

default-ttl=600

launch=gmysql

gmysql-host=192.168.31.62

gmysql-port=3306

gmysql-dbname=powerdns

gmysql-user=powerdns

gmysql-password=Power@356

master=yes

setgid=pdns

setuid=pdns

#pdns API

webserver=yes

webserver-address=0.0.0.0

webserver-allow-from=0.0.0.0/0

webserver-port=8081

write-pid=yes

api=yes

api-key=ziiofficedns

api-logfile=/var/log/pdns-api.log

#

allow-axfr-ips=192.168.31.62,192.168.31.63

also-notify=192.168.31.62,192.168.31.63

only-notify=192.168.31.62,192.168.31.63

slave=no

slave-cycle-interval=60

log-dns-details=yes

log-dns-queries=yes

loglevel=6

3.5）开机启动

systemctl enable pdns.service

systemctl start pdns.service

systemctl status pdns.service

#查看端口8081和53端口

[root@powerdns ~]# ss -tunlp | grep pdns_server
udp UNCONN 0 0 *:53 *:* users:(("pdns_server",pid=3991,fd=5))
udp UNCONN 0 0 :::53 :::* users:(("pdns_server",pid=3991,fd=6))
tcp LISTEN 0 10 *:8081 *:* users:(("pdns_server",pid=3991,fd=9))
tcp LISTEN 0 128 *:53 *:* users:(("pdns_server",pid=3991,fd=7))
tcp LISTEN 0 128 :::53 :::* users:(("pdns_server",pid=3991,fd=8)) 

四）安装PowerDNS-Admin工具

参考文档： https://github.com/ngoduykhanh/PowerDNS-Admin/wiki/Running-PowerDNS-Admin-on-Centos-7

4.1）Install required packages

# 找到~/.pip/pip.conf,如果不存在就创建,加入内容如下

 

[global]

timeout = 10

index-url = https://pypi.tuna.tsinghua.edu.cn/simple

[install]

trusted-host=pypi.tuna.tsinghua.edu.cn

yum install -y epel-release

yum install -y https://centos7.iuscommunity.org/ius-release.rpm
yum install -y python36u python36u-devel python36u-pip

pip3.6 install -U pip

pip install -U virtualenv

rm -f /usr/bin/python3 && ln -s /usr/bin/python3.6/usr/bin/python3

4.2）Install required packages for building python libraries from requirements.txt file

--> If you use MariaDB ( from MariaDB "upstream" repositorys (10.x) )

$ yum install gcc MariaDB-devel MariaDB-shared openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel

--> Otherwise ( If you use default Centos mariadb (5.5) )

$ yum install gcc mariadb-devel openldap-devel xmlsec1-devel xmlsec1-openssl libtool-ltdl-devel

--> NOTE: I am using MySQL Comunity server as the database backend.

          So `mysql-community-devel` is required. For MariaDB,

          and PostgreSQL the required package will be different.

4.3）install yarn to build asset files + Nodejs 12

cd /usr/local

wget  http://download.51yuki.cn/node-v12.2.0-linux-x64.tar.xz

tar xf node-v12.2.0-linux-x64.tar.xz

ln -s node-v12.2.0-linux-x64 nodejs

echo "export NODEJS_HOME=/usr/local/nodejs"  >> /etc/profile
echo " export PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin:/usr/local/nodejs/bin " >> /etc/profile
echo "export NODEJS_PATH=/usr/local/nodejs/lib/node_modules"  >> /etc/profile

source /etc/profile

[root@powerdns local]# node -v
 v12.2.0
 [root@powerdns local]# npm -v
 6.9.0

 npm config set registry https://registry.npm.taobao.org

npm install -g yarn

4.4) Checkout source code and create virtualenv

git clone https://github.com/ngoduykhanh/PowerDNS-Admin.git /data/web/powerdns-admin

cd /data/web/powerdns-admin

virtualenv -p python3 flask

[root@powerdns powerdns-admin]# source ./flask/bin/activate
(flask) [root@powerdns powerdns-admin]# pip install python-dotenv

(flask) [root@powerdns powerdns-admin]#  pip install -r requirements.txt

 

4.5）安装配置powerdnsadmin

MariaDB [(none)]> CREATE DATABASE powerdnsadmin CHARACTER SET utf8 COLLATE utf8_general_ci;

Query OK, 1 row affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON powerdnsadmin.* TO 'powerdnsadmin'@'%' identified by 'PowerAdmin@356';

Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> flush privileges;

Query OK, 0 rows affected (0.00 sec)

[root@powerdns powerdns-admin]# export FLASK_CONF=../configs/development.py

[root@powerdns powerdns-admin]# export FLASK_APP=powerdnsadmin/__init__.py

[root@powerdns powerdns-admin]# flask/bin/flask db upgrade

INFO  [alembic.runtime.migration] Context impl MySQLImpl.

INFO  [alembic.runtime.migration] Will assume non-transactional DDL.

INFO  [alembic.runtime.migration] Running upgrade  -> 787bdba9e147, Init DB

INFO  [alembic.runtime.migration] Running upgrade 787bdba9e147 -> 59729e468045, Add view column to setting table

INFO  [alembic.runtime.migration] Running upgrade 59729e468045 -> 1274ed462010, Change setting.value data type

INFO  [alembic.runtime.migration] Running upgrade 1274ed462010 -> 4a666113c7bb, Adding Operator Role

INFO  [alembic.runtime.migration] Running upgrade 4a666113c7bb -> 31a4ed468b18, Remove all setting in the DB

INFO  [alembic.runtime.migration] Running upgrade 31a4ed468b18 -> 654298797277, Upgrade DB Schema

INFO  [alembic.runtime.migration] Running upgrade 654298797277 -> 0fb6d23a4863, Remove user avatar

INFO  [alembic.runtime.migration] Running upgrade 0fb6d23a4863 -> 856bb94b7040, Add comment column in domain template record table

INFO  [alembic.runtime.migration] Running upgrade 856bb94b7040 -> b0fea72a3f20, Update domain serial columns type

INFO  [alembic.runtime.migration] Running upgrade b0fea72a3f20 -> 3f76448bb6de, Add user.confirmed column

#创建资产文件

yarn config set registry https://registry.npm.taobao.org

yarn config delete proxy
npm config rm proxy
npm config rm https-proxy

yarn install --pure-lockfile

[root@powerdns powerdns-admin]# flask/bin/flask assets build

Building bundle: generated/login.js

[2020-05-07 15:20:18,703] [script.py:167] INFO - Building bundle: generated/login.js

Building bundle: generated/validation.js

[2020-05-07 15:20:18,935] [script.py:167] INFO - Building bundle: generated/validation.js

Building bundle: generated/login.css

[2020-05-07 15:20:18,938] [script.py:167] INFO - Building bundle: generated/login.css

Building bundle: generated/main.js

[2020-05-07 15:20:55,512] [script.py:167] INFO - Building bundle: generated/main.js

Building bundle: generated/main.css

[2020-05-07 15:20:56,583] [script.py:167] INFO - Building bundle: generated/main.css

#启动

(flask) [root@powerdns powerdns-admin]# nohup ./run.py &

[1] 6223

(flask) [root@powerdns powerdns-admin]# nohup: ignoring input and appending output to ‘nohup.out’

(flask) [root@powerdns powerdns-admin]# ss -tunlp|grep 9191

tcp    LISTEN    0      128      *:9191                  *:*                  users:(("python3",pid=6225,fd=4),("python3",pid=6225,fd=3),("python3",pid=6223,fd=3))