Deploying Distributed DDNS Service Nodes on a BDDS - Adaptive Applications - BlueCat Gateway - 23.2.3

BlueCat Distributed DDNS Administration Guide

Locale
English
Product name
BlueCat Gateway
Version
23.2.3

The following provides steps to installing the Distributed DDNS Service Node on BDDS.

Prerequisites

  • On the BDDS that will be running the Distributed DDNS Service Node, make sure that the available free disk space is at least 1.5 times the amount of RAM on the BDDS. For example, if the amount of RAM on the BDDS is 4GB, you must have at least 6GB of free disk space.

  • Make note of the following configuration information from the Distributed DDNS Data Node setup:
    • The IP address of one of the Distributed DDNS Data Nodes in the cluster.

    • The Distributed DDNS Data Node username and password.

    • The port of the Distributed DDNS Data Node. By default, this value is 3306.

  • The following ports must be free and open on each Distributed DDNS Service Node on BDDS:
    Attention: By default, these ports are opened on the firewall of the DNS/DHCP Server upon deployment of the Distributed DDNS Service Node. If you are deploying on different networks, ensure that the ports are open on your routers between the nodes for communication between nodes.
    • 53: Used by the Distributed DDNS service.

    • 4900: Used by the API service on the Distributed DDNS Service Node.

    • 2600-2612: Used by the Anycast service on the Distributed DDNS Service Node.

  • You must configure firewall rules on the Service Node to allow for proper node communications.

    To make sure that Service Node communications remain uninterrupted, you must add firewall rules for port 4920 on the BDDS. You can do so with the following commands:

    • For TCP:

      iptables -A INPUT -p tcp --dport 4920 -j ACCEPT
      iptables -A INPUT -p tcp --sport 4920 -j ACCEPT
      iptables -A OUTPUT -p tcp --sport 4920 -j ACCEPT
      iptables -A OUTPUT -p tcp --dport 4920 -j ACCEPT
    • For UDP:

      iptables -A INPUT -p udp --dport 4920 -j ACCEPT
      iptables -A INPUT -p udp --sport 4920 -j ACCEPT
      iptables -A OUTPUT -p udp --sport 4920 -j ACCEPT
      iptables -A OUTPUT -p udp --dport 4920 -j ACCEPT
    If you install the Distributed DDNS Service Node on the same BDDS as the Distributed DDNS Application Node, you must also manually add firewall rules on the BDDS, using the following commands:
    iptables -A INPUT -p tcp --dport 22 -j ACCEPT
    iptables -A INPUT -p tcp --sport 22 -j ACCEPT
    iptables -A OUTPUT -p tcp --sport 22 -j ACCEPT
    iptables -A OUTPUT -p tcp --dport 22 -j ACCEPT
  • The BDDS that are to operate as a Distributed DDNS Data Node must be under Address Manager control.

  • BlueCat Gateway must have access to the configuration name and view name in Address Manager that contains the BDDS that are to operate as a Distributed DDNS Data Node. To allow access to the configuration name and view name:
    1. Log in to the Distributed DDNS Application Node user interface.

    2. Navigate to BlueCat Gateway Administration > Configurations > General Configuration.

    3. Select the BAM Settings tab.

    4. Set the Default Configuration and Default View to the configuration and view that contains the BDDS.

  • Make sure that the name server is configured for the BDDS. Configuring a name server close to the Distributed DDNS Service Node reduces the processing time of DDNS Service when processing DNS update messages. For more details, see Administration Console in the Address Manager Administration Guide.

  • Make sure that an IP address is assigned to the BDDS and that a network is configured to ensure that the BDDS can download the Docker image from Quay. For more details, see Administration Console in the Address Manager Administration Guide.

Deploying the DDNS Service Node



To deploy the Distributed DDNS Service Node on BDDS:

  1. Log in to the UI for the Distributed DDNS Application Node.

  2. Under Available Actions, click Distributed DDNS, then click the DDNS Deployment tab.

  3. Click the name of a server. If there are no BDDS names in the list, make sure that you correctly configured the settings listed in Prerequisites above.

  4. In the Service Type section, select DDNS Node, then click Continue.

  5. In the General section, enter the following information:

    • Authentication Type: Select the method of authentication. You can select Password or SSH Key.

      If you select Password, enter the following information:

      • SSH Username: Enter the username that will be used to SSH to the BDDS.

      • SSH Password: Enter the password that will be used to SSH to the BDDS.

      If you select SSH Key, enter the following information:

      • SSH Username: Enter the username of the root or non-root user. If entering a non-root username, it must also be added to the /etc/sudoers file. You can use the following commands to add non-root username to the file:

        sudo visudo
        <non-root_username> ALL=(ALL) NOPASSWD: ALL
      • SSH Private Key—enter the SSH private key produced using the ssh-keygen command. Ensure that the corresponding public key is available on the destination server using the following commands:

        ssh-keygen
        ssh-copy-id -i <public_key_file> <remote_user>@<remote_server>
      • Key Passphrase: Enter the key passphrase if one was used when generating the SSH key pair.

    • DB Address: Select one of the IP addresses of the available Data Nodes.

    • DB Password: Enter the password for the default user of the database cluster. By default, the password is ddns_admin.

  6. In the Repository section, enter the following information:

    • Image: Enter quay.io/bluecat/distributed_ddns_service:23.2.3

    • Username: Enter your Quay username.

    • Password: Enter your Quay password.

  7. Click Deploy.
Attention: If the nodes do not appear in the Distributed DDNS Application Node UI after you add them, you must disable caching in Gateway. For more information on disabling caching, see Configuring caching policies in the BlueCat Gateway Administration Guide.

Understanding Service Node container information

The following section contains information about the Service Node container deployment.

Service Node container name

The Service Node container name includes the IP address of the node in the following format: ddns_node_<db-ip-address>. For example, ddns_node_192.168.1.1

Service Node container network

The Service Node container uses the Docker host network.

Service Node container volumes

When you deploy the Service Node container, the installation creates the following volumes for persistent data on the host DNS/DHCP Server:
  • quagga_config: contains all Quagga configuration files.

  • quagga_log: contains all Quagga log files.

  • ddns_config: contains all configuration files of the DDNS services.

  • ddns_log: contains all log files of the DDNS services.

  • control_config: contains the configuration file of the API service.

  • control_log: contains the log file of the API service.

  • rabbit_data: contains the data files of the RabbitMQ service.

  • rabbit_config: contains the configuration files of the RabbitMQ service.

  • rabbit_log: contains the log files of the RabbitMQ service.

  • ssl_config: contains all necessary certificates for the secure operation of the Distributed DDNS Service Node.