Right now I’m using powerdns, but I’m not liking it for reasons. I looked into options to get 2 binds running. But I do want them to replicate fast, as I don’t like me or my customers to wait.
I’ve setup the following, I would like to know what people think of the idea.
Note that I used debian so user bind would be named on centos.
I first updated the bind user on the slave (a small clean vps), to be a user with a /home/bind directory, and /bin/bash capabilities. I want to use the bind user, so root access doesn’t has to be given through ssh.
I created ssh keys from root’s DA_host to the DNS_VPS’s bind user.
Then I created /root/bind_host.sh
/usr/bin/rsync -a -e ssh -z --delete --exclude '/etc/bind/named.conf.options' --exclude '/etc/bind/rndc.key' --exclude 'named.conf.local' --exclude 'zones.rfc1918' /etc/bind/ bind@DNS_VPS:/etc/bind/
ssh bind@DNS_VPS exec 'touch /home/bind/reload'
So like this all zones files simply get to be the same on the vps, with some excluded config files that might be specific for the host.
The script as you can see also touches a reload file, so the slave knows it should reload. If you would ssh through root a reload could be issued immediately.
This script is being executed, the moment the DA_host is reloaded, since I simply put it in the startup script (/etc/init.d/named) rigth after the kill HUP command:
kill -HUP `cat $PF`
Since I did choose to use bind, I have a script on the slave that checks for this reload file, and reloads named if exists: /root/bind.sh
if [ -f /home/bind/reload ];
I’ve put this script to be executed every minute in a cron. Since its a very small script that only checks if a file exists; I wouldn’t worry about resources.
So far it just works. All zones are transfered fast, and like this there’s only max. 1 minute delay on master/slave. Or none if used root. It’s also quite simple by design.
What do you guys think?