-
Notifications
You must be signed in to change notification settings - Fork 1.8k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
OCPBUGS-34715 - troubleshooting DNS in disconnected environment
- Loading branch information
Showing
3 changed files
with
126 additions
and
0 deletions.
There are no files selected for viewing
55 changes: 55 additions & 0 deletions
55
modules/k8s-nmstate-troubleshooting-dns-disconnected-env-dnsmasq.adoc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,55 @@ | ||
| // Module included in the following assemblies: | ||
| // | ||
| // * networking/k8s_nmstate/k8s-nmstate-troubleshooting-node-network.adoc | ||
|
|
||
| :_mod-docs-content-type: PROCEDURE | ||
| [id="troubleshooting-dns-disconnected-env-dnsmasq_{context}"] | ||
| = Configuring the dnsmasq DNS server | ||
|
|
||
| If you are using `dnsmasq` as the DNS server, you can delegate resolution of the `root-servers.net` domain to another DNS server, for example, by creating a new configuration file that resolves `root-servers.net` using a DNS server that you specify. | ||
|
|
||
| . Create a configuration file that delegates the domain `root-servers.net` to another DNS server by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ echo 'server=/root-servers.net/<DNS_server_IP>'> /etc/dnsmasq.d/delegate-root-servers.net.conf | ||
| ---- | ||
|
|
||
| . Restart the `dnsmasq` service by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ systemctl restart dnsmasq | ||
| ---- | ||
|
|
||
| . Confirm that the `root-servers.net` domain is delegated to another DNS server by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ journalctl -u dnsmasq|grep root-servers.net | ||
| ---- | ||
| + | ||
| .Example output | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| Jul 03 15:31:25 rhel-8-10 dnsmasq[1342]: using nameserver 192.168.1.1#53 for domain root-servers.net | ||
| ---- | ||
|
|
||
| . Verify that the DNS server can resolve the NS record for the `root-servers.net` domain by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ host -t NS root-servers.net. 127.0.0.1 | ||
| ---- | ||
| + | ||
| .Example output | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| Using domain server: | ||
| Name: 127.0.0.1 | ||
| Address: 127.0.0.1#53 | ||
| Aliases: | ||
| root-servers.net name server root-servers.net. | ||
| ---- |
67 changes: 67 additions & 0 deletions
67
modules/k8s-nmstate-troubleshooting-dns-disconnected-env.adoc
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,67 @@ | ||
| // Module included in the following assemblies: | ||
| // | ||
| // * networking/k8s_nmstate/k8s-nmstate-troubleshooting-node-network.adoc | ||
|
|
||
| :_mod-docs-content-type: PROCEDURE | ||
| [id="troubleshooting-dns-disconnected-env_{context}"] | ||
| = Troubleshooting DNS connectivity issues in a disconnected environment | ||
|
|
||
| If you experience DNS connectivity issues when configuring `nmstate` in a disconnected environment, you can configure the DNS server to resolve the list of name servers for the domain `root-servers.net`. | ||
|
|
||
| == Configuring the bind9 DNS named server | ||
|
|
||
| For a cluster configured to query a `bind9` DNS server, you can add the `root-servers.net` zone to a configuration file that contains at least one NS record. | ||
| For example you can use the `/var/named/named.localhost` as a zone file that already matches this criteria. | ||
|
|
||
| .Procedure | ||
|
|
||
| . Add the `root-servers.net` zone at the end of the `/etc/named.conf` configuration file by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ cat >> /etc/named.conf <<EOF | ||
| zone "root-servers.net" IN { | ||
| type master; | ||
| file "named.localhost"; | ||
| }; | ||
| EOF | ||
| ---- | ||
|
|
||
| . Restart the `named` service by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ systemctl restart named | ||
| ---- | ||
|
|
||
| . Confirm that the `root-servers.net` zone is present by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ journalctl -u named|grep root-servers.net | ||
| ---- | ||
| + | ||
| .Example output | ||
| [source,terminal] | ||
| ---- | ||
| Jul 03 15:16:26 rhel-8-10 bash[xxxx]: zone root-servers.net/IN: loaded serial 0 | ||
| Jul 03 15:16:26 rhel-8-10 named[xxxx]: zone root-servers.net/IN: loaded serial 0 | ||
| ---- | ||
|
|
||
| . Verify that the DNS server can resolve the NS record for the `root-servers.net` domain by running the following command: | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| $ host -t NS root-servers.net. 127.0.0.1 | ||
| ---- | ||
| + | ||
| .Example output | ||
| + | ||
| [source,terminal] | ||
| ---- | ||
| Using domain server: | ||
| Name: 127.0.0.1 | ||
| Address: 127.0.0.53 | ||
| Aliases: | ||
| root-servers.net name server root-servers.net. | ||
| ---- |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters