1 概述
本文介绍如何使用powerdns搭建内网DNS。环境需要使用docker和docker-compose。镜像版本如下:
序号 | 镜像名称 | 镜像版本 |
---|---|---|
01 | mysql | 5.7.35 |
02 | powerdns/pdns-auth-47 | 4.7.4 |
03 | powerdnsadmin/pda-legacy | latest |
2 安装步骤
2.1 目录规划
./docker-compose.yml
./pdns/config/pdns.conf
./pdnsdb/init-scripts/init.sql
2.2 文件示例
cat ./pdnsdb/init-scripts/init.sql
use pdns;
CREATE TABLE domains (
id INT AUTO_INCREMENT,
name VARCHAR(255) NOT NULL,
master VARCHAR(128) DEFAULT NULL,
last_check INT DEFAULT NULL,
type VARCHAR(8) NOT NULL,
notified_serial INT UNSIGNED DEFAULT NULL,
account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
options VARCHAR(64000) DEFAULT NULL,
catalog VARCHAR(255) DEFAULT NULL,
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE UNIQUE INDEX name_index ON domains(name);
CREATE INDEX catalog_idx ON domains(catalog);
CREATE TABLE records (
id BIGINT AUTO_INCREMENT,
domain_id INT DEFAULT NULL,
name VARCHAR(255) DEFAULT NULL,
type VARCHAR(10) DEFAULT NULL,
content VARCHAR(64000) DEFAULT NULL,
ttl INT DEFAULT NULL,
prio INT DEFAULT NULL,
disabled TINYINT(1) DEFAULT 0,
ordername VARCHAR(255) BINARY DEFAULT NULL,
auth TINYINT(1) DEFAULT 1,
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE INDEX nametype_index ON records(name,type);
CREATE INDEX domain_id ON records(domain_id);
CREATE INDEX ordername ON records (ordername);
CREATE TABLE supermasters (
ip VARCHAR(64) NOT NULL,
nameserver VARCHAR(255) NOT NULL,
account VARCHAR(40) CHARACTER SET 'utf8' NOT NULL,
PRIMARY KEY (ip, nameserver)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE TABLE comments (
id INT AUTO_INCREMENT,
domain_id INT NOT NULL,
name VARCHAR(255) NOT NULL,
type VARCHAR(10) NOT NULL,
modified_at INT NOT NULL,
account VARCHAR(40) CHARACTER SET 'utf8' DEFAULT NULL,
comment TEXT CHARACTER SET 'utf8' NOT NULL,
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE INDEX comments_name_type_idx ON comments (name, type);
CREATE INDEX comments_order_idx ON comments (domain_id, modified_at);
CREATE TABLE domainmetadata (
id INT AUTO_INCREMENT,
domain_id INT NOT NULL,
kind VARCHAR(32),
content TEXT,
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE INDEX domainmetadata_idx ON domainmetadata (domain_id, kind);
CREATE TABLE cryptokeys (
id INT AUTO_INCREMENT,
domain_id INT NOT NULL,
flags INT NOT NULL,
active BOOL,
published BOOL DEFAULT 1,
content TEXT,
PRIMARY KEY(id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE INDEX domainidindex ON cryptokeys(domain_id);
CREATE TABLE tsigkeys (
id INT AUTO_INCREMENT,
name VARCHAR(255),
algorithm VARCHAR(50),
secret VARCHAR(255),
PRIMARY KEY (id)
) Engine=InnoDB CHARACTER SET 'latin1';
CREATE UNIQUE INDEX namealgoindex ON tsigkeys(name, algorithm);
cat ./pdns/config/pdns.conf
api=yes
api-key=qwerasdf
launch=gmysql
gmysql-host=pdnsdb
gmysql-port=3306
gmysql-dbname=pdns
gmysql-user=pdns
gmysql-password=pdns123
local-address=0.0.0.0
local-port=53
webserver=yes
webserver-address=0.0.0.0
webserver-allow-from=0.0.0.0/0
webserver-port=8081
enable-lua-records=yes
cat ./docker-compose.yml
version: '3'
services:
pdnsdb:
image: mysql:5.7.35
restart: always
environment:
MYSQL_ROOT_PASSWORD: 123456
MYSQL_DATABASE: pdns
MYSQL_USER: pdns
MYSQL_PASSWORD: pdns123
volumes:
- ./pdnsdb/data:/var/lib/mysql
- ./pdnsdb/init-scripts:/docker-entrypoint-initdb.d
networks:
- pdns_net
pdns:
image: powerdns/pdns-auth-47:4.7.4
restart: always
user: root
privileged: true
environment:
SECRET_KEY: qwerasdf
ports:
- "53:53/tcp"
- "53:53/udp"
volumes:
- ./pdns/config:/etc/powerdns
depends_on:
- pdnsdb
networks:
- pdns_net
pdnsadmindb:
image: mysql:5.7.35
restart: always
environment:
MYSQL_ROOT_PASSWORD: 123456
MYSQL_DATABASE: pdnsadmin
MYSQL_USER: pdnsadmin
MYSQL_PASSWORD: pdnsadmin123
volumes:
- ./pdnsadmindb/data:/var/lib/mysql
networks:
- pdns_net
pdnsadmin:
image: powerdnsadmin/pda-legacy:latest
restart: always
ports:
- "9191:80"
environment:
- SQLALCHEMY_DATABASE_URI=mysql://pdnsadmin:pdnsadmin123@pdnsadmindb/pdnsadmin
- GUNICORN_TIMEOUT=60
- GUNICORN_WORKERS=2
- GUNICORN_LOGLEVEL=DEBUG
depends_on:
- pdns
- pdnsadmindb
networks:
- pdns_net
networks:
pdns_net:
driver: bridge
2.3 运行
docker-compose up -d
3 powerdnsadmin使用
3.1 首页
3.2 注册用户
3.3 登陆
3.4 登陆成功,配置server
apikey:见配置文件,qwerasdf
3.5 create zone
3.6 add record
4 测试
将客户端的dns设置为pdns的服务器IP,然后使用使用ping abc.example.top。如下:
至此,内网DNS搭建完毕。
5 递归功能
此处为2024年6月25日添加。
实际应用中我们的内网DNS服务器还要拥有递归到互联网域名的作用,因此需要用到powerdns的另外一个组件PowerDNS Recursor
注:PowerDNS Recursor:作为递归DNS服务器,它解析非权威域名的查询,并将查询转发到权威服务器。
本来我将PowerDNS Recursor放到上述docker-compose.yml,但是测试过程中发现,若将二者在一台机器部署则无法提供pdns里内网域名的解析,换到另外一台机器上即可成功。因此考虑到节约服务器资源,因此PowerDNS Recursor使用yum进行部署(centos7需要安装epel源)。
5.1 安装
yum install pdns-recursor -y
5.2 修改配置文件
/etc/pdns-recursor/recursor.conf
注:由于recurse和pdns都默认使用53端口,请将将上述docker-compose.yml中的pdns端口改为5300
local-address=0.0.0.0,::
allow-from=0.0.0.0/0, ::/0
forward-zones-recurse=example.top=(这里需要改为pdns的IP)pdnsIP:5300,.=114.114.114.114
5.3 启动和开机自启动
systemctl start pdns-recursor
systemctl enablepdns-recursor
暂无评论内容