Contents

1   Introduction

This document describes how to use the Configuration Management (CM) function to build a centralized DNS cluster.

Target Groups

This document is intended for personnel configuring and fine-tuning IPWorks DNS.

1.1   Prerequisites

This section states the prerequisites that must be fulfilled.

• Intermediate Linux and UNIX skills
• Concepts, terminologies, and telecommunication abbreviations, such as TCP/IP, packet data networks, and protocol servers
• An Ericsson Command-Line Interface (ECLI) session in Exec mode is in progress.

1.1.1   Documents

Before starting this procedure, ensure that the following web site and documents are available:

• For more information about the basics and concepts regarding the configuration management of IPWorks, refer to IPWorks Configuration Management.
• For more information about the objects configured through IPWorks CLI (ipwcli), refer to IPWorks DNS, ASDNS, ENUM Parameter Description.
• For more information about the objects configured through ECLI, refer to Managed Object Model (MOM).
• For more information about how to use the IPWorks CLI, refer to Command Line Interface User Guide for IPWorks SS.

1.1.2   Tools

Not applicable.

1.1.3   Conditions

Before starting this procedure, the following conditions must apply:

• At least two IPWorks systems installation are completed.
• The value package "Advanced Network Protection" should be ordered to enable this feature.
• Storage Server is started.
• DNS server must be initially configured.
• Centralized SS only supports pure DNS with ASDNS.

1.2   Relation Information

Trademark information, typographic conventions, and definition and explanation of abbreviations and terminology can be found in the following documents:

• Trademark Information
• Typographic Conventions
• Glossary of Terms and Acronyms

2   Overview

3   New deployment

3.1   Preparation

At least two IPWorks are required for centralized SS. One is defined as the primary IPWorks, and the others are for secondary IPWorks. All the zone files are generated from the primary IPWorks, then transferred to the secondary IPWorks.

For IPWorks deployment, refer to IPWorks Auto Deployment Guideline for KVM - DL380 Gen10Reference [13] (for KVM deployment) or IPWorks Deployment GuideReference [14] (for CEE deployment). Make sure IPWorks version is greater than IPWorks 2.2 (include 2.2).

3.2   Initializing All IPWorks Systems

Make sure the following configurations are ready to initialize IPWorks system:

1. Storage server initial configuration, refer to section Storage server initial configuration in document IPWorks Initial ConfigurationReference [12].
2. MySQL NDB cluster initial configuration, refer to section MySQL NDB cluster initial configuration in document IPWorks Initial ConfigurationReference [12].

3.3   Data Migration for Centralized SS

This section is only available if the installed systems are upgraded from 15B.

First, choose one IPWorks as the primary system. Then migrate the data configuration to the primary system.

3.3.1   DNS Service Migration

For how to get DNS configuration, refer to section DNS Service Migration in document Data Migration from IPWorks HP 15B FD1 CP3 to IPWorks 2Reference [10].

The configuration of migrated data is on the primary IPWorks.

3.3.2   Modifying Configuration

To modify the data configuration migrated from IPWorks 15B:

1. Make sure SS is started, and check IPWCLI username and password.

   Check whether the ipwcli can be used, and make sure that the username and password are the same on primary and secondary IPWorks systems.

2. Check DNS status on primary and secondary IPWorks systems.

   #ssh <Username>@<MIP_OAM_IP>

   SC-X:~ # ipw-ctr status all

3. Make sure the serviceType is DNS shown in Step 2. Otherwise, configure the serviceType to DNS.

   SC-X:~ # /opt/com/bin/cliss >configure (config)>ManagedElement=1,IpworksFunction=1,IpworksCommonRoot=1 (config-IpworksCommonRoot=1)>serviceType="DNS" (config-IpworksCommonRoot=1)>commit (IpworksCommonRoot=1)>exit

4. Make sure the status of DNS is running in Step 2. Otherwise, start dnsserver.

   SC-X:~ # ipw-ctr start dns PL-3 SC-X:~ # ipw-ctr start dns PL-4

3.3.3   Centralized SS for Migrated DNS

Refer to Section 3.4.

3.4   Creating Centralized DNS Server on Primary System

Firstly, choose one IPWorks as the primary system, and others as the secondary system(s). Then operate the following sections on primary system to create centralized DNS server.

The Location field can be configured with the following two formats:

• <MIP_PROV_IP>/<PL-X>

  Using this format, it can transfer the dnsserver configuration to the MIP_PROV_IP, then reload rndc to the PL- X if the dnsserver is up on the PL at the same time.

• <MIP_PROV_IP2>/<PL-X>@<MIP_PROV_IP1>/<PL-Y>

  Using this format, it can define a pointer to an existed configuration. The format consists of two parts, which are split by @. The first part is a kind of pointer, and the second part must be an existed location defined with the first format. Update operation will create a link pointing to the configuration of <MIP_PROV_IP2>/<PL-X>, then transfer the zip file of configuration to MIP_PROV_IP2 and reload the corresponding PL-X with the new configuration.

  For DnsServer, X and Y can be different.

  For ASDNS Monitor, X and Y must be the same.

Figure 1 shows the overview of centralized SS for DNS, and Figure 2 shows the overview of centralized SS for ASDNS.

The configuration of Centralized SS contains the following topics:

• Configure DNS, see Section 3.4.1.
• Configure ASDNS Monitor, see Section 3.4.2.
• Update DNS Server, see Section 3.4.3.
• Update ASDNS Monitor, see Section 3.4.4.

3.4.1   Configuring DNS

This configuration is only used for centralized SS. DNS Location defines where the DNS server runs.

The configuration of location contains the following topics:

• Section 3.4.1.1 Creating DNS Server with Location
• Section 3.4.1.2 Creating DNS Server with Location Pointer

3.4.1.1   Creating DNS Server with Location

1. Check whether the secondary SS and DNS service are accessible.

   SC-1:~ # ipwcli -server=<PROV_MIP_IP of secondary IPWorks> -user=admin -password=******

   For example:

   SC-1:~ # ipwcli -server=10.170.15.190 -user=admin -password=******

   IPWorks> exit

   Note:  

   Make sure the user name and password of IPWCLI on primary and secondary IPWorks are the same.

   
   
2. Log in to IPWCLI on the primary IPWorks.

   SC-1:~ # ipwcli -server=<PROV_MIP_IP of primary IPWorks> -user=admin -password=******

3. Create DNS servers and associate them with related areas by using IPWorks CLI.

   IPWorks> create dnsserver dns1 -set dnsname=dns1.example.net;location=10.170.15.190/PL-4

   1 object(s) created.

   Note:  

   • If the dnsserver existed, the location can be set by using modify command.

     IPWorks> modify dnsserver dns1 -set location=10.170.15.190/PL-4

   • The location can be removed, then the dnsserver is transferred to non-centralized DNS server.

   
   
4. Verify the information of the DNS servers.

   IPWorks> list dnsserver
   [DnsServer dns1]
   Partition: active
   Name: dns1
   Location: 10.170.15.190/PL-4
   DnsName: dns1.example.net
   PrimaryDnsName: dns1.example.net
   Filename: named.conf
   AlgServerType: false
   ExportNeeded: true
   

5. Show status.

   Because centralized SS does not support DNSSM, IPWorks needs to use command to get real-time status.

   For example:

   IPWorks>select dnsserver dns1 Selected 1 object(s). IPWorks>show status Running IPWorks>list dnsserver dns1 [DnsServer dns1] Partition: active Name: dns1 Location: 10.170.15.190/PL-4 DnsName: dns1.iptelco.com PrimaryDnsName: dns1.iptelco.com Filename: named.conf AlgServerType: false Status: [CentralizedServer 10.170.15.190/PL-4] On 08/23/18 at 15:31:27 server is 'running' ExportNeeded: true

6. For other DNS configurations, refer to section Configuring DNS in document Configure DNS and ENUM.

3.4.1.2   Creating DNS Server with Location Pointer

Make sure the pointed dnsserver is defined. Otherwise, refer to section Section 3.4.1.1 Creating DNS Server with Location to create the pointed dnsserver.

IPWorks> create dnsserver dns2 -set location=10.170.37.206/PL-3@10.170.15.190/PL-4

1 object(s) created.

IPWorks> list dnsserver dns2
[DnsServer dns2]
  Partition: active
  Name: dns2
  Location: 10.170.37.206/PL-3@10.170.15.190/PL-4
  Filename: named.conf
  AlgServerType: false
  ExportNeeded: true
  ...

IPWorks> show status dnsserver dns2
Running

IPWorks>list dnsserver dns2
[DnsServer dns2]
  Partition: active
  Name: dns2
  Location: 10.170.37.206/PL-3@10.170.15.190/PL-4
  Filename: named.conf
  AlgServerType: false
Status: [CentralizedServer 10.170.37.206/PL-3] On 09/07/18 at 10:55:06 server is 'running'
  ExportNeeded: true 

Note:  

• The symbol @ splits the location into two parts, the second part must be an existed configuration, and cannot be the pointer.
• Only the location field is required to be configured in this scenario. All the configuration will reuse the pointed dnsserver configuration. For location definition, refer to section DnsServer in document IPWorks DNS, ASDNS, ENUM Parameter Description.
• The ExportNeeded always sets to true because the pointer can not get the real-time status of the pointed DNS server.

3.4.2   Configuring ASDNS Monitor

If the monitor is configured for the secondary SS. The configuration of Location field in the following examples is only required for centralized SS.

The configuration of location contains the following topics:

• Section 3.4.2.1 Configuring ASDNS Monitor with Location
• Section 3.4.2.2 Configuring ASDNS Monitor with Location Pointer

3.4.2.1   Configuring ASDNS Monitor with Location

For example to create ASDNS monitor:

IPWorks> create monitor mon1 -set dnsname=dns1.example.com;location=10.170.15.190/PL-3
1 object(s) created.
IPWorks>list
[Monitor mon1]
  Partition: active
  Name: mon1
  Location: 10.170.15.190/PL-3
  DnsName: dns1.example.com
  Filename: asdnsmon.conf
  Type: Monitor
  ExportNeeded: true

For example to show status of ASDNS monitor:

IPWorks>show status
Running
IPWorks>list
[Monitor mon1]
  Partition: active
  Name: mon1
  Location: 10.170.15.190/PL-3
  DnsName: dns1.example.com
  Filename: asdnsmon.conf
  Type: Monitor
 Status: [CentralizedServer 10.170.15.190/PL-3] On 09/06/18 at 17:26:24 server is 'running'
 ExportNeeded: true

For example to configure dnscontact:

When creating monitor, if the Address field is not configured, dnscontact must be added manually. Otherwise, the creation of monitorresource will fail. When configuring dnscontact, make sure that the Address value is the internal IP of PL- X defined in Location.

IPWorks> create dnscontact -set name=dns1;server=dns1;address=169.254.100.3

For other ASDNS configurations, refer to section Configure DNS in document Configure DNS and ENUM.

3.4.2.2   Configuring ASDNS Monitor with Location Pointer

Make sure the pointed ASDNS monior is defined. Otherwise, refer to Section 3.4.2.1 to create the pointed ASDNS monior.

IPWorks> create monitor dns1mon -set dnsname=indns1.example.net -set location=<PROV_MIP_IP2>/PL-X@<PROV_MIP_IP1>/PL-Y

Make sure that X and Y must be the same.

For example:

IPWorks> create monitor mon2 -set dnsname=dns2.example.com;location=10.170.37.206/PL-3@10.170.15.190/PL-3

1 object(s) created.

IPWorks> list monitor mon2

[Monitor mon2]
  Partition: active
  Name: mon2
  Location: 10.170.37.206/PL-3@10.170.15.190/PL-3
  DnsName: dns2.example.com
  Filename: asdnsmon.conf
  Type: Monitor
  ExportNeeded: true

IPWorks>show status
Running
IPWorks>list
[Monitor mon1]
  Partition: active
  Name: mon1
  Location: 10.170.15.190/PL-3
  DnsName: dns1.example.com
  Filename: asdnsmon.conf
  Type: Monitor
  Status: [CentralizedServer 10.170.15.190/PL-3] On 09/06/18 at 17:26:24 server is 'running'
  ExportNeeded: true

Note:  

• Only Location field is required to be configured. For location definition, refer to section Monitor in document IPWorks DNS, ASDNS, ENUM Parameter Description.
• The ExportNeeded always sets to true because the pointer cannot get the real-time status of the pointed DNS server.

3.4.3   Updating DNS Server

When updating a DNS server, which is under centralized SS, the change will run on the MIP and the corresponding PL- X defined in Location.

For example:

IPWorks> list dnsserver
[DnsServer dns2]
  Partition: active
  Name: dns2
  Location: 10.170.37.206/PL-3@10.170.15.190/PL-4
  Filename: named.conf
  AlgServerType: false
  ExportNeeded: true
[DnsServer dns1]
  Partition: active
  Name: dns1
  Location: 10.170.15.190/PL-4
  DnsName: dns1.test.com
  PrimaryDnsName: dns1.test.com
  Filename: named.conf
  AlgServerType: false
  ExportNeeded: true

Updating DNS Server with Location

IPWorks> update dnsserver dns1
Exported configuration for [DnsServer dns1]
tar file successfully:  /home/ipworks/etc/CentralSS/10.170.15.190/PL-4/dns.tar.gz
transfer file successfully:     /home/ipworks/etc/CentralSS/10.170.15.190/PL-4/dns.tar.gz
unzipfile file successfully:    /home/ipworks/etc/ShadowSS/PL-4/dns.tar.gz
reload server successfully.
update successfully.

Updating DNS Server with Location Pointer

In this example, a single DNS Server is defined.

IPWorks> update dnsserver dns2
Exported configuration for [DnsServer dns1]
tar file successfully:  /home/ipworks/etc/CentralSS/10.170.37.206/PL-3/dns.tar.gz
transfer file successfully:     /home/ipworks/etc/CentralSS/10.170.37.206/PL-3/dns.tar.gz
unzipfile file successfully:    /home/ipworks/etc/ShadowSS/PL-3/dns.tar.gz
reload server successfully.
update successfully.

In the example, dns2 uses dns1 configuration, when updating dns2, primary ss will generate the configuration of dns1, and the configuration will be transferred to dns2 (10.170.37.206/PL-3).

Note:  

The DNS on PL-X must be started, otherwise, the update operation will fail.

3.4.4   Updating ASDNS Monitor

If a monitor is configured with Location field, the change will run on the MIP and the corresponding PL- X defined in Location when updating the monitor.

For example:

IPWorks> list monitor
[Monitor mon1]
  Partition: active
  Name: mon1
  Location: 10.170.15.190/PL-3
  DnsName: dns1.example.com
  Filename: asdnsmon.conf
  Type: Monitor
  Status: [CentralizedServer 10.170.15.190/PL-3] On 09/06/18 at 17:26:24 server is 'running'
  ExportNeeded: true
[Monitor mon2]
  Partition: active
  Name: mon2
  Location: 10.170.37.206/PL-3@10.170.15.190/PL-3
  DnsName: dns2.example.com
  Filename: asdnsmon.conf
  Type: Monitor
  Status: [CentralizedServer 10.170.37.206/PL-3] On 09/06/18 at 17:38:03 server is 'running'
  ExportNeeded: true

Updating ASDNS Monitor with Location

IPWorks> update monitor mon1
Exported [MonitorScript pingmonitor]
Exported configuration for [Monitor mon1]
The configuration files are packed successfully to /home/ipworks/etc/CentralSS/10.170.15.190/PL-3/asdnsmon.tar.gz
The configuration files are transferred successfully to 10.170.15.190:/home/ipworks/etc/ShadowSS/PL-3/asdnsmon.tar.gz
The configuration files are unpacked successfully to 10.170.15.190:/home/ipworks/etc/PL-3/asdnsmon
Service is reloaded successfully
Update successfully

Updating ASDNS Monitor with Location Pointer

IPWorks> update monitor mon2
Exported [MonitorScript pingmonitor]
Exported configuration for [Monitor mon2] using configuration of [Monitor mon1]
The configuration files are packed successfully to /home/ipworks/etc/CentralSS/10.170.37.206/PL-3/asdnsmon.tar.gz
The configuration files are transferred successfully to 10.170.37.206:/home/ipworks/etc/ShadowSS/PL-3/asdnsmon.tar.gz
The configuration files are unpacked successfully to 10.170.37.206:/home/ipworks/etc/PL-3/asdnsmon
Service is reloaded successfully
Update successfully

4   Primary SS Role Transferring

This section introduces how to transfer the primary SS role.

1. Perform User Data backup on the primary SS, refer to Create Backup for details.

   Note:  

   For User Data backup, make sure that the backup includes MySQL data.

   
   
2. Extract the backup file on the primary SS and get the ipworks database dump file.
   1. Navigate to the backup directory.

      SC-1:~ # cd /cluster/ipwbrf/backup/ndb_backup

   2. Unzip the backup file.

      SC-1:~ # tar -xvf ndb_backup.tar.gz

      SC-1:~ # gzip -d ipworks_dump.gz

      SC-1:~ # ls -lrt

      ndb_backup.metadata
      ndb_backup.md5sum
      conf
      mysql
      local
      imm
      pmjob
      license
      mysql_user_dump.sql
      ipworks_dump
      ipw_prov_aaa_dump.gz
      ipw_enum_dump.gz
      ipw_dhcp_dump.gz
      ndb_backup.tar.gz
      

   Note:  

   The directory and the ndb_backup.tar.gz file are generated when creating User Data backup.

   
   
3. Export the ipworks database dump file to the target host (the secondary SS), for example:

   SC-1:~ # scp ipworks_dump root@10.170.15.130:/cluster/

4. Source data into NDB on the secondary SS.

   Make sure the NDB and SS are already initialized before executing the source command.

   1. Log on to the target host.
   2. Import data to database, for example:

      SC-1:~ # mysql -P 3307 -h ipw_sql

      mysql> use ipworks

      Reading table information for completion of table and column names
      You can turn off this feature to get a quicker startup with -A
      Database changed
      

      mysql> source /cluster/ipworks_dump

5. Check active SS and restart it, for example:

   SC-1:~ # ipw-ctr status all

   on SC-1 :
           ss                   is running as standby role.
           sqlnodemgr           is running as standby role.
   on SC-2 :
           ss                   is running as active role.
           sqlnodemgr           is running as active role.
   on PL-3 :
           dns                  is running.
           dnssm                is down.
           asdns                is down.
           asdnssm              is down.
   on PL-4 :
           dns                  is running.
           dnssm                is down.
           asdns                is down.
           asdnssm              is down.
   

   SC-1:~ # ipw-ctr restart SS SC-2

   Stop ss ==> success.
   Start ss ==> success.
   

6. Clear the data in database of the previous primary SS.

   For consistency, it is recommended to delete the data on the previous primary SS after the role transferring is verified with no problem.

   Make sure keep the working backup in a separated storage of IPWorks clusters.

   1. Delete all DNS servers by IPWCLI command below and select “yes” for all the output asking.

      IPWorks> delete dnsserver

   2. Delete all ASDNS servers by IPWCLI command below and select “yes” for all the output asking.

      IPWorks> delete monitor

5   Transforming from Existing IPWorks Systems

For example, we have 6 separated IPWorks systems, and want to transform them to be a centralized cluster, then we define the process “transforming”.

To transform from the existing IPWorks systems:

1. Choose one IPWorks as the primary system, and others as the secondary system(s).
2. Modify dnsserver with Location field.
   1. Log in to the primary SS, and add location for the dnsserver which is deployed on the primary system.

      For example:

      IPWorks> list dnsserver [DnsServer dns1] Partition: active Name: dns1 Address: 169.254.100.3 PrimaryAddress: 169.254.100.3 DnsName: dns1.iptelco.com PrimaryDnsName: dns1.iptelco.com Filename: named.conf AlgServerType: false Status: On 09/11/18 at 17:47:35 server is 'running' ExportNeeded: false [DnsServer dns2] Partition: active Name: dns2 Address: 169.254.100.4 PrimaryAddress: 169.254.100.4 DnsName: dns2.iptelco.com PrimaryDnsName: dns2.iptelco.com Filename: named.conf AlgServerType: false Status: On 09/11/18 at 17:47:14 server is 'running' ExportNeeded: false IPWorks> modify dnsserver dns1 -set location=10.170.15.190/PL-3 Working on 1 object(s). 1 object(s) were updated. IPWorks> update dnsserver dns1 IPWorks> modify dnsserver dns2 -set location=10.170.15.190/PL-4 Working on 1 object(s). 1 object(s) were updated. IPWorks> update dnsserver dns2

   2. Create dnsserver with Location Pointer (on the primary system) for all other IPWorks system(s) that are chosen as secondary SS.

      For example:

      IPWorks> create dnsserver dns3 -set location=10.170.37.206/PL-3@10.170.15.190/PL-3 IPWorks> update dnsserver dns3 IPWorks> create dnsserver dns4 -set location=10.170.37.206/PL-4@10.170.15.190/PL-4 IPWorks> update dnsserver dns4

3. Backup user data with MYSQL data.

Reference List