But, despite the advantage of virtualization, you also have to think of how the new virtualized RAC will talk to the external world and how you're going to support the new SCAN feature available in Oracle 11g. Yeap, you guessed right! I'm talking about the integration with your DNS server. I will not cover here the GNS feature but just the SCAN address, which must be defined in your DNS to three different IPs, in a round-robin fashion.
Hmmm, damn it! My virtualized RAC is on my home desktop, I have a stupid wireless rooter without any possibility to define DNS entries there, and installing a new machine just for a DNS server seems to be a awfully heavyweight solution. In addition, using BIND, the well know DNS server, is not very appealing for me because I'm not a network administrator and I simply don't get it. But, if you plan to stick with BIND you may find an example here. Of course, being a playground, you may rely to the /etc/hosts file but you'll receive warnings on install and it doesn't feel right, does it?
Ok, introducing MaraDNS. They claim that: "People like MaraDNS because it's small, lightweight, easy to set up, and remarkably secure. It's also cross platform -- the program runs both in Windows and in UNIX clones". Hey, this is what I'm looking for. Great! So, comming back to our environment.
In my case, VirtualBox is installed on a Windows 7 box and the RAC nodes are virtualized with OL6. The idea is that I will have MaraDNS installed on my Windows 7 and it will service my virtualized RAC nodes. The following picture should shed some light.
Now let's configure MaraDNS to act like we want. The Windows version doesn't have any installer. You'll simply extract the archive and you'll have everything you want. Then, we need to edit "mararc" config file. I ended up with:
ipv4_bind_addresses = "127.0.0.1"
timestamp_type = 2
hide_disclaimer = "YES"
random_seed_file = "secret.txt"
csv2 = {}
csv2["altik.ro."] = "db.lan.txt"
I basically say:
- listen on localhost for requests (strange, isn't it? Be patient!)
- set the timestamp_type, but don't bother
- hide the disclaimer when launching the server. I like it quiet
- in secret.txt file I have some random text to secure my server, but don't bother too much
- everything with a trailing "altik.ro" (the domain) is mapped in the "db.lan.txt" file. Of course, you have to pick your domain. It doesn't need to be a real one, but if it exists it becomes unreachable.
ping.altik.ro. FQDN4 192.168.1.100
pong.altik.ro. FQDN4 192.168.1.101
ping-vip.altik.ro. FQDN4 192.168.1.200
pong-vip.altik.ro. FQDN4 192.168.1.201
poc-scan.altik.ro. FQDN4 192.168.1.150
poc-scan.altik.ro. FQDN4 192.168.1.151
poc-scan.altik.ro. FQDN4 192.168.1.152
Mmm, that's all? Pretty much! Go ahead, start the server using the provided "bat" file and execute some nslookup commands. For example, "nslookup ping.altik.ro 127.0.0.1". Does it work? Test the SCAN as well. Every nslookup should return another IP (round robin algorithm).
Now, we have two problems:
- our DNS server is listening on localhost and there's no way to make requests from a remote node
- I'd also like to have internet on my RAC nodes in order to use YUM and other tasks which need Internet
root_servers = {}
# My MaraDNS
root_servers["192.in-addr.arpa."] = "127.0.0.1"
root_servers["altik.ro."] = "127.0.0.1"
root_servers["altik.ro."] = "127.0.0.1"
# DNS server from my ISP
root_servers["."] = "213.154.124.1,"
root_servers["."] += "193.231.252.1"
root_servers["."] = "213.154.124.1,"
root_servers["."] += "193.231.252.1"
# The IP this program has
bind_address="192.168.1.10"
# The IPs allowed to connect and use the cache
recursive_acl = "192.168.1.0/24"
# The file containing a hard-to-guess secret
random_seed_file = "secret.txt"
# This is the file Deadwood uses to read the cache to and from disk
cache_file = "dw_cache_bin"
# By default, for security reasons, Deadwood does not allow IPs in thebind_address="192.168.1.10"
# The IPs allowed to connect and use the cache
recursive_acl = "192.168.1.0/24"
# The file containing a hard-to-guess secret
random_seed_file = "secret.txt"
# This is the file Deadwood uses to read the cache to and from disk
cache_file = "dw_cache_bin"
# 192.168.x.x, 172.[16-31].x.x, 10.x.x.x, 127.x.x.x, 169.254.x.x,
# 224.x.x.x, or 0.0.x.x range. If using Deadwood to resolve names
# on an internal network, uncomment the following line:
filter_rfc1918 = 0
The above configuration is quite self explanatory. Everyting which refers to my local domain will be served from MaraDNS and everything else will be fetched from a real DNS server provided by my ISP. The "in-adr.arpa" entry is needed in order to support reverse DNS. Pay attention that this DNS server will listen on a real address, the one of my Windows 7 host.
Okay, great! Install Deadwood (as a service), and then test it with nslookup but instead of 127.0.0.1 use 192.168.1.10. If everything is working then it's just a matter of configuring your virtualized nodes to use 192.168.1.10 as a DNS server.
1 comment:
I have spent hours to setup this maradns
it is not working
the simple windows command line
nslookup servername 27.0.01 worked. but I was unable to set it as a network dns
how '/etc/resolv.conf on the virtual Linux should look ?
should the virtual Linux machine be conected to bridge adapter as well as to the host-only ?
etc ....
Thanks
tzvika.lemel@gmail.com
Post a Comment