Installing Distributed DDNS components in a single container - Adaptive Applications - BlueCat Gateway - 21.1

BlueCat Distributed DDNS Administration Guide

prodname
BlueCat Gateway
version_custom
21.1

In addition to installing the Distributed DDNS Data Nodes, Distributed DDNS Application Node, and Distributed DDNS Service Nodes in separate containers, you can also configure all Distributed DDNS components in a single container. Installing the components into a single container provides an easier installation and configuration method than installing individual components.

Note: Installing on a single container limits scalability and redundancy, and is only recommended as a demo environment due of its ease of installation.

Prerequisites:

Before proceeding to install the Adaptive Application, ensure that the following prerequisites are met:
  • On the host machine that will be running the Distributed DDNS components, you must ensure that the disk size is at least 1.5 times the amount of RAM on the host machine. For example, if the amount of RAM on the host machine is 4GB, you must have at least 6GB of free disk space.
  • Ensure that the following ports are not in use on the host machine:
    • 53: Used by the Distributed DDNS service.
      Note: Verify that the line dns=dnsmasq is commented out in the /etc/NetworkManager/NetworkManager.conf file and reboot the host machine to ensures that the port is available. You must also verify that the DNS server is listed in the /etc/resolv.conf file.
    • 3306, 4567, 4568, and 4444: Used by the Distributed DDNS Data Node service.
    • 4900: Used by the Control service.
    • 2600-2612: Used by the Quagga service.
    • 80 and 443: Used by the Distributed DDNS workflow.
  • Distributed DDNS uses Kerberos within the container. To persist the Kerberos configuration file, the /etc/krb5.conf file within the container must also be stored on the host machine. A limitation exists where Docker cannot bind a file in a container to a volume on the host machine.
    The file on the host machine must exist before you can run the container. You can either create the /etc/krb5.conf file on the host machine or install the krb5-user package on the host machine. BlueCat recommends installing the krb5-user package to ensure that the correct configuration file format exists on the host machine. You can install Kerberos using the following command on an Ubuntu server:
    apt-get install krb5-user
  • Ensure you have purchased the Distributed DDNS Adaptive Application from BlueCat.
  • A Quay account that has been granted read access to the Distributed DDNS private repository.

    For more information on setting up your Quay account, refer to the information that was provided when you purchased the Distributed DDNS Adaptive Application.

  • A Docker CLI password.

    You can create one by clicking Generate Encrypted Password under Docker CLI Password on the Account Settings page in Quay.

To install the Distributed DDNS components in a single container:
  1. From the host machine, run the following command:
    docker login quay.io
  2. At the prompt, enter your Quay user name and password obtained when generating the encrypted password.
  3. Download the Distributed DDNS container from Quay using the following command:
    docker pull quay.io/bluecat/distributed_ddns_demo:21.1
  4. Verify that the docker image has been loaded to the machine using the following command:
    docker image ls
  5. Edit the mc_runner.sh script.
  6. Provide values for the missing variables of the script and save the changes. The following values are empty and must be entered in the script:
    • MARIADB_NODE_ADDRESS: The IP address of a Distributed DDNS Data Node node.
    • MARIADB_PASSWORD: The password that is created for the specified user. By default, the password is ddns_admin.
    • BAM_IP: The IP address of the BlueCat Address Manager server.
    • MARIADB_IP: The IP address of the Distributed DDNS Data Node node to connect to.
  7. Execute the mc_runner.sh script using the following command:
    sudo bash ./mc_runner.sh
    When you execute the mc_runner.sh script, the script creates a new Docker container that runs all Distributed DDNS compnents. The script runs the following docker command:
    docker run -d \
    --privileged \
    --tty \
    --restart unless-stopped \
    --net=host \
    --ulimit nofile=150000 \
    --name distributed_ddns \
    -v mariadb-config:/etc/mysql \
    -v mariadb-data:/var/lib/mysql \
    -v mariadb-backup:/opt/backup \
    -v daemon-config:/daemon_run \
    -v gateway_data:/builtin/ \
    -v gateway_logs:/logs/ \
    -v /etc/krb5.conf:/etc/krb5.conf \
    -v /etc/resolv.conf:/etc/resolv.conf \
    -v quagga_config:/etc/quagga/ \
    -v quagga_log:/var/log/quagga/ \
    -v ddns_config:/ddns/ddns_service/etc/ \
    -v ddns_log:/var/log/distributed_ddns/ \
    -v control_config:/ddns/services_control/config/ \
    -v control_log:/var/log/services_control/ \
    -v rabbit_data:/var/lib/rabbitmq/ \
    -v rabbit_config:/etc/rabbitmq/ \
    -v rabbit_log:/var/log/rabbitmq/ \
    -v ssl_config:/ddns/ssl_config \
    -e MYSQL_ALLOW_EMPTY_PASSWORD=yes \
    -e GALERA_NEW_CLUSTER=yes \
    -e MARIADB_NODE_ADDRESS=<ip-of-this-mariadb-node> \
    -e MARIADB_PASSWORD=<password-of-ddns_admin-user> \
    -e BAM_IP=<ip-of-bam> \
    -e MARIADB_IP=<ip-of-mariadb-node-to-connect> \
    quay.io/bluecat/distributed_ddns_demo:21.1
    Where the docker run parameters are as follows:
    Parameter Description
    --name The name of the Docker instance node.
    -v mariadb-config The volume that contains the configuration files of the Distributed DDNS Data Node server. Configuring this parameter ensures that the MariaDB configuration files persist from the Docker container to the host machine.
    -v mariadb-data The volume that contains the database files. Configuring this parameter ensures that the Distributed DDNS Data Node application data persists from the Docker container to the host machine.
    -v mariadb-backup The volume that contains the backup files. Configuring this parameter ensures that the Distributed DDNS Data Node backup data persists from the Docker container to the host machine.
    -v daemon-config The volume that contains the configuration files for the configuration daemons that run on the node.
    -v gateway_data:/builtin/ The volume that contains the Distributed DDNS workflow. Configuring this parameter ensures that the workflow data persists from the Docker container to the host machine.
    -v gateway_logs:/logs/ The volume that contains all log files for BlueCat Gateway. Configuring this parameter ensures that the BlueCat Gateway log files persist from the Docker container to the host machine.
    -v /etc/krb5.conf:/etc/krb5.conf Binds the /etc/krb5.conf file from the host machine to the /etc/krb5.conf file of the Docker container.
    -v /etc/resolv.conf:/etc/resolv.conf Binds the /etc/resolv.conf file from the host machine to the /etc/resolv.conf file of the Docker container.
    -v quagga_config:/etc/quagga/ Persists the configuration files of Quagga in the Docker volume quagga_config to the host system.
    -v quagga_log:/var/log/quagga/ Persists the log files of Quagga in the Docker volume quagga_log to the host system.
    -v ddns_config:/ddns/ddns_services/etc/ Persists the configuration files of Distributed DDNS in the Docker volume ddns_config. The configuration files are as follows:
    • ddns.keytab: contains information to process GSS-TSIG updates. This file must not be modified.
    • ddns.yaml: contains the Distributed DDNS settings.
    • logging_receiver.yaml: logging settings for the DDNS Receiver.
    • logging_processor.yaml: logging settings for the DDNS Processor.
    • mariadb.yaml: settings for the Distributed DDNS Data Node connection.
    • queue.yaml: settings for the RabbitMQ connection.
    -v ddns_log:/var/log/ddns_proxy/ Persists the log files of DDNS Receiver and DDNS Processor in the Docker volume ddns_log to the host system.
    -v control_config:/ddns/services_control/config/ Persists the Control Service's configuration files in the Docker volume control_config to the host system.
    -v control_log:/var/log/services_control/ Persists the Control Service's log files in the Docker volume control_log to the host system.
    -v rabbit_data:/var/lib/rabbitmq/ Persists the data files of RabbitMQ in the Docker volume rabbit_data to the host system.
    -v rabbit_config:/etc/rabbitmq/ Persists the configuration files of RabbitMQ in the Docker volume rabbit_config to the host system.
    -v rabbit_log:/etc/rabbitmq/ Persists the log files of RabbitMQ in the Docker volume rabbit_log to the host system.
    -ssl_config:/ddns/ssl_config Persists the certificates for the secure operation of a Distributed DDNS Node in the Docker volume ssl_config to the host system.
    -e MYSQL_ALLOW_EMPTY This allows the container to start with a blank password for the root user. The root password is configured once the cluster has been installed.
    -e GALERA_NEW_CLUSTER This specifies that this is the first bootstrap node in the cluster.
    -e MARIADB_CLUSTER_ADDRESS The IP address of all nodes within the cluster, starting with gcomm://
    Note: If you are specifying IPv6 addresses, each node address must be enclosed in square brackets ([ ]).
    -e MARIADB_NODE_ADDRESS The IP address of the current node.
    Note: If you are specifying IPv6 addresses, each node address must be enclosed in square brackets ([ ]).
    -e MARIADB_PASSWORD The password that is created for the specified user. By default, the password is ddns_admin.
    -e BAM_IP The IP address of BlueCat Address Manager.
    -e MARIADB_IP The IP address of the Distributed DDNS Data Node to connect to.
    Note: The default Distributed DDNS Data Node username is ddns_admin and the default Distributed DDNS Data Node database name is distributed_ddns.

Once you've installed the Distributed DDNS components, you must change the root password of the Distributed DDNS Data Node cluster.