SystemAdministration/TheHitchhikersGuideToTheli694-22Domain: Difference between revisions
NCommander (talk | contribs) No edit summary |
No edit summary |
||
Line 35: | Line 35: | ||
== Naming Scheme == | == Naming Scheme == | ||
Nodes are named after the periodic table of elements, which should keep us good for a long while. Keep going up in order until we finally run out. | Nodes are named after the periodic table of elements, which should keep us good for a long while. Keep going up in order until we finally run out. | ||
== DNS Setup == | |||
'''important: The DNS zones are nicely formatted, please try to keep it that way, also do NOT forget to update the zone file's serial if you've updated a zone.''' | |||
As described earlier, we're using the li694-22 TLD internally which is represented by the following name servers 'helium.li694-22' (master) and 'boron.li694-22' (slave), we're currently serving two zones, firstly the 'li694-22.' zone and secondly the reverse zone '168.192.in-addr.arpa.'. | |||
Both servers have configuration files in the same location: <code>/etc/bind/</code>. Note: The master also keeps it's zone files in this directory. | |||
The slave however, keeps zone files in <code>/var/cache/bind/</code>. | |||
The zone files are called: '<code>db.li694-22</code>' and '<code>db.192-rev</code>'. | |||
The li694-22 zone has an A-record for every node name (e.g. Carbon), it also lists public IPs (A and AAAA) for nodes (if any), for instance, carbon: | |||
<pre> | |||
; Carbon (IRC) | |||
carbon IN A [redacted] | |||
pub.carbon IN A 50.116.18.95 | |||
pub.carbon IN AAAA 2600:3c00::f03c:91ff:fe6e:c4b8 | |||
</pre> | |||
As an addition, most nodes have aliases which are CNAMEs for the node's name, and each alias also has a 'pub.<alias>' which in turn is a CNAME for pub.node_name, for example: | |||
<pre> | |||
irc IN CNAME carbon | |||
pub.irc IN CNAME pub.carbon | |||
</pre> | |||
The reverse zone, has entries that look like: | |||
<pre> | |||
[redacted] IN PTR carbon.li694-22. | |||
</pre> | |||
If you like to add a reverse DNS entry, do the following from the command line (example IP = 192.168.136.231): | |||
<pre> | |||
[22:21] xlefay@carbon $ host 192.168.136.233 | |||
Host 233.136.168.192.in-addr.arpa. not found: 3(NXDOMAIN) | |||
</pre> | |||
You'll now see the <code>'''233.136'''.168.192.in-addr.arpa.</code> part, grab the first two segments and add those in the zone file at the bottom like so: | |||
<pre> | |||
233.136 IN PTR nodename.li694-22. | |||
</pre> |
Revision as of 00:45, 24 March 2014
In many of the more relaxed civilizations of Linode, the Hitchhiker's Guide has already supplanted the great Encyclopaedia Galactica as the standard repository of all knowledge and wisdom, for though it has many omissions and contains much that is apocryphal, or at least wildly inaccurate, it scores over the older, more pedestrian work in two important respects.
Common Information
All nodes are present on the Dallas, TX Linode Datacenter, and have static IPs. From within the nodes themselves, we have a local DNS allowing them to refer to each other under the li694-22 TLD (a reference to our original pre-launch URL).
- All nodes support kerberos authetication to allow node-for-node access
- shell access is only allowed from desiginated nodes.
- LDAP and Kerberos is available on all nodes unless noted
- sysops can access all nodes, they are not explicately listed below
Node Name | Public Addresses | Who Can Acces (POSIX groups) | Is Running What |
---|---|---|---|
hydrogen | soylentnews.org | prod_access | slashd, varnish, apache 1.3, nginx |
helium | None | db | mysql (prod master)
ldap (master) Kerberos KDC (master) BIND (master, li694-22 zone) |
beryllium | wiki.soylentnews.org | svcadmin | A lot of stuff, mechanicjay, fill me in?
|
lithium | dev.soylentnews.org | dev_team | slashd, varnish, apache 1.3, nginx, mysql (dev DB) |
boron | {staff,status}.soylentnews.org | firefighters | apache 2.2 (userdir)
KDC slave DNS slave for li694-22 LDAP slave (not fully setup) |
carbon | irc.soylentnews.org | ircops | IRC server, services & httpd |
Naming Scheme
Nodes are named after the periodic table of elements, which should keep us good for a long while. Keep going up in order until we finally run out.
DNS Setup
important: The DNS zones are nicely formatted, please try to keep it that way, also do NOT forget to update the zone file's serial if you've updated a zone.
As described earlier, we're using the li694-22 TLD internally which is represented by the following name servers 'helium.li694-22' (master) and 'boron.li694-22' (slave), we're currently serving two zones, firstly the 'li694-22.' zone and secondly the reverse zone '168.192.in-addr.arpa.'.
Both servers have configuration files in the same location: /etc/bind/
. Note: The master also keeps it's zone files in this directory.
The slave however, keeps zone files in /var/cache/bind/
.
The zone files are called: 'db.li694-22
' and 'db.192-rev
'.
The li694-22 zone has an A-record for every node name (e.g. Carbon), it also lists public IPs (A and AAAA) for nodes (if any), for instance, carbon:
; Carbon (IRC) carbon IN A [redacted] pub.carbon IN A 50.116.18.95 pub.carbon IN AAAA 2600:3c00::f03c:91ff:fe6e:c4b8
As an addition, most nodes have aliases which are CNAMEs for the node's name, and each alias also has a 'pub.<alias>' which in turn is a CNAME for pub.node_name, for example:
irc IN CNAME carbon pub.irc IN CNAME pub.carbon
The reverse zone, has entries that look like:
[redacted] IN PTR carbon.li694-22.
If you like to add a reverse DNS entry, do the following from the command line (example IP = 192.168.136.231):
[22:21] xlefay@carbon $ host 192.168.136.233 Host 233.136.168.192.in-addr.arpa. not found: 3(NXDOMAIN)
You'll now see the 233.136.168.192.in-addr.arpa.
part, grab the first two segments and add those in the zone file at the bottom like so:
233.136 IN PTR nodename.li694-22.