Tech:DNS: Difference between revisions
(basic dns entry record) |
imported>Addshore (fix links) |
||
| (20 intermediate revisions by 3 users not shown) | |||
| Line 1: | Line 1: | ||
Orain uses '''GDNSD''' as the administrative-only software for its DNS servers. |
|||
Currently this is a copy of Orain's DNS entries for recording keeping..? |
|||
Currently, Orain operates two DNS servers. The master is ns1 ([[tech:prod6]]) with a cache, ns2 ([[tech:prod7]]). DNS is managed via [//github.com/orain/dns GitHub] and is kept up to date by ansible on the servers. |
|||
{| class="wikitable" |
|||
|- |
|||
As Orain depends on the DNS servers for user-facing resolution and internal resolution for Private IP PTRs, commit access is restricted. Non-controversial updates to DNS can be left to be updated solely by ansible un monitored however structural changes, behavioral changes or server-side updates which involve DNS - must be updated and watched by the deploying user. If the new changes fail and GDNSD fails - eventually once a users local cache clears, Orain will be inaccessible which does unfortunately include SSH into the servers although the IPs can be found in the config. |
|||
! Entry !! Reason |
|||
|- |
|||
| orain.org || root domain |
|||
|- |
|||
| *.orain.org || subdomains |
|||
|- |
|||
| prod1.orain.org || [[prod1]] direct access |
|||
|- |
|||
| prod3.orain.org || [[prod3]] direct access |
|||
|- |
|||
| prod4.orain.org || [[prod4]] direct access |
|||
|- |
|||
| prod5.orain.org || [[prod5]] direct access |
|||
|- |
|||
| mail.orain.org || email services on prod1 |
|||
|- |
|||
| nagios.orain.org || nagios interface |
|||
|- |
|||
| static.orain.org || force static to prod4 |
|||
|- |
|||
|} |
|||
Latest revision as of 20:11, 3 April 2015
Orain uses GDNSD as the administrative-only software for its DNS servers.
Currently, Orain operates two DNS servers. The master is ns1 (tech:prod6) with a cache, ns2 (tech:prod7). DNS is managed via GitHub and is kept up to date by ansible on the servers.
As Orain depends on the DNS servers for user-facing resolution and internal resolution for Private IP PTRs, commit access is restricted. Non-controversial updates to DNS can be left to be updated solely by ansible un monitored however structural changes, behavioral changes or server-side updates which involve DNS - must be updated and watched by the deploying user. If the new changes fail and GDNSD fails - eventually once a users local cache clears, Orain will be inaccessible which does unfortunately include SSH into the servers although the IPs can be found in the config.