Enhance the ddns.pm to support the site.dnsinterfaces for DNS server to listen on specific interfaces instead of all

This commit is contained in:
daniceexi 2014-10-24 09:43:31 -04:00
parent a3028511fa
commit 6244920305
2 changed files with 98 additions and 2 deletions

View File

@ -995,6 +995,16 @@ site => {
" dnsupdaters: The value are \',\' separated string which will be added to the zone config\n".
" section. This is an interface for user to add configuration entries to\n".
" the zone sections in named.conf.\n\n".
" dnsinterfaces: The network interfaces DNS server should listen on. If it is the same\n".
" for all nodes, use a simple comma-separated list of NICs. To\n".
" specify different NICs for different nodes:\n".
" xcatmn|eth1,eth2;service|bond0.\n".
" In this example xcatmn is the name of the xCAT MN, and DNS there\n".
" should listen on eth1 and eth2. On all of the nodes in group\n".
" 'service' DNS should listen on the bond0 nic.\n".
" NOTE: if using this attribute to block certain interfaces, make sure\n".
" the ip maps to your hostname of xCAT MN is not blocked since xCAT needs to\n".
" use this ip to communicate with the local NDS server on MN.\n\n".
" -------------------------\n".
"HARDWARE CONTROL ATTRIBUTES\n".
" -------------------------\n".

View File

@ -515,6 +515,61 @@ sub process_request {
$ctx->{zonestotouch}->{$_->{domain}}=1;
}
}
# get the listen on port for the DNS server from site.dnsinterfaces
my @dnsifinsite = xCAT::TableUtils->get_site_attribute("dnsinterfaces");
if (@dnsifinsite)
#syntax should be like host|ifname1,ifname2;host2|ifname3,ifname2 etc or simply ifname,ifname2
{
my $dnsinterfaces = $dnsifinsite[0];
my $listenonifs;
foreach my $dnsif (split /;/,$dnsinterfaces) {
if ($dnsif =~ /\|/) { # there's host in the string
my ($hosts,$dnsif) = split /\|/,$dnsif;
if (! xCAT::NetworkUtils->thishostisnot($hosts)) {
$listenonifs=$dnsif;
} else {
# this host string might be a xcat group, try to test each node in the group
foreach my $host (noderange($hosts)) {
unless (xCAT::NetworkUtils->thishostisnot($host)) {
$listenonifs=$dnsif;
last;
}
}
}
} else {
$listenonifs = $dnsif;
}
# get the ip for each interface and set it to $ctx->{dnslistenonifs}
if ($listenonifs) {
$listenonifs = "lo,".$listenonifs;
# get the ip address for each interface
my (@listenipv4, @listenipv6);
for my $if (split /,/, $listenonifs) {
my @ifaddrs = `ip addr show $if`;
foreach (@ifaddrs) {
if (/^\s*inet\s+([^ ]*)/) {
my $ip = $1;
$ip =~ s/\/.*//;
push @listenipv4, $ip;
} elsif (/^\s*inet6\s+([^ ]*)/) {
my $ip = $1;
$ip =~ s/\/.*//;
push @listenipv6, $ip;
}
}
}
if (@listenipv4) {
$ctx->{dnslistenonifs}->{ipv4} = \@listenipv4;
}
if (@listenipv6) {
$ctx->{dnslistenonifs}->{ipv6} = \@listenipv6;
}
last;
}
}
}
xCAT::SvrUtils::sendmsg("Getting reverse zones, this may take several minutes for a large cluster.", $callback);
@ -930,6 +985,20 @@ sub update_namedconf {
push @newnamed,"\t\t".$_.";\n";
}
push @newnamed,"\t};\n";
} elsif (defined($ctx->{dnslistenonifs}) and defined($ctx->{dnslistenonifs}->{ipv4}) and $line =~ /listen-on {/) {
push @newnamed,"\tlisten-on \{\n";
$skip=1;
foreach (@{$ctx->{dnslistenonifs}->{ipv4}}) {
push @newnamed,"\t\t".$_.";\n";
}
push @newnamed,"\t};\n";
} elsif (defined($ctx->{dnslistenonifs}) and defined($ctx->{dnslistenonifs}->{ipv6}) and $line =~ /listen-on-v6 {/) {
push @newnamed,"\tlisten-on-v6 \{\n";
$skip=1;
foreach (@{$ctx->{dnslistenonifs}->{ipv6}}) {
push @newnamed,"\t\t".$_.";\n";
}
push @newnamed,"\t};\n";
} elsif ($skip) {
if ($line =~ /};/) {
$skip = 0;
@ -1029,7 +1098,7 @@ sub update_namedconf {
push @newnamed,"\tdirectory \"".$ctx->{zonesdir}."\";\n";
push @newnamed, "\tallow-recursion { any; };\n";
}
push @newnamed,"\t\t//listen-on-v6 { any; };\n";
#push @newnamed,"\t\t//listen-on-v6 { any; };\n";
if ($ctx->{forwarders}) {
push @newnamed,"\tforwarders {\n";
foreach (@{$ctx->{forwarders}}) {
@ -1055,6 +1124,23 @@ sub update_namedconf {
push @newnamed,"\t};\n";
}
}
# add the listen-on option
if (defined($ctx->{dnslistenonifs}) and defined($ctx->{dnslistenonifs}->{ipv4})) {
push @newnamed, "\tlisten-on \{\n";
foreach (@{$ctx->{dnslistenonifs}->{ipv4}}) {
push @newnamed,"\t\t".$_.";\n";
}
push @newnamed,"\t};\n"
}
if (defined($ctx->{dnslistenonifs}) and defined($ctx->{dnslistenonifs}->{ipv6})) {
push @newnamed,"\tlisten-on-v6 \{\n";
foreach (@{$ctx->{dnslistenonifs}->{ipv6}}) {
push @newnamed,"\t\t".$_.";\n";
}
push @newnamed,"\t};\n";
}
push @newnamed,"};\n\n";
}
@ -1068,7 +1154,7 @@ sub update_namedconf {
$ctx->{restartneeded}=1;
}
}
my $cmd = "grep '^nameserver' /etc/resolv.conf | awk '{print \$2}'";
my @output = xCAT::Utils->runcmd($cmd, 0);
my $zone;