Skip to main content

ClusterDNS external with PDNS

Comments

6 comments

  • vanessa
    You may want to look into a dnsadmin plugin integration: Guide to Custom dnsadmin Plugins
    0
  • andersondeda
    Thanks for your answer. I researched a lot before asking something here. Carrying out these searches I could see some suggestions for working with dnsadmin plugins. Have you worked with this or is it just a guess? Would you know if I would have real-time notification time or incredibly lower than the cpanel default? Every help is welcome.
    0
  • vanessa
    The parent company I work for, InMotion Hosting, uses a dnsadmin plugin to allow per-user keys to communicate with the DNS cluster instead of each server having one shared API key stored, which we consider to be a security issue. So yes, I have worked with it but was not the person that wrote the system. With that said, I believe dnsadmin is the solution you want because it can sync zones directly to your DNS server without having to run hooks/etc and wait for zones to reload. I came across this which might be useful to you:
    0
  • andersondeda
    Vanessa, thank you for your kindness. I remember using stackpath many years ago, I don't remember why, but I know I had problems with them. I'll check this out further, I strongly believe this will help resolve the issue. Thank you very much!
    0
  • andersondeda
    I remembered why I didn't use this plugin in the past. Always when making any changes to a DNS zone, the plugin immediately sent the changes to the members, it took a few seconds, the management interface was stuck waiting for the end of the synchronization. Our customers started complaining about the time it took to perform simple DNS tweaks. This encouraged us to stop using the above plugin. I believe that creating this module will be a lot of work, I don't know if it will be really useful in our case. Back to the topic at hand! I was able to significantly improve powerdns notification time with remote members. PowerDNS has specific configuration for this purpose. We adjusted the slave-cycle-interval=10 xfr-cycle-interval=10 This has already significantly improved turnaround time! At this moment we are concerned with 2 points. When adding a new zone, that zone is not automatically propagated to remote servers. What to do when we delete a zone? I will continue the research and any news I will come here to update my findings.
    0
  • bellwood
    We rolled a custom but simple system: 1) Query each cPanel host for the zones it has using the API. 2) Verify all the zones we are auth for by validating NS, stash zone name in redis and tickle keys to re-validate and decrement as needed via cron (this way zones migrating in get picked up/added and zones that move away are removed). 3) Load valid zones into the cluster. 4) cPanel boxes AXFR all zones changes to the cluster members. We are using the standard BIND setup on the cPanel boxes with the 'also-notify' and 'allow-transfer' config options set and run NSD on the auth cluster. It's a no-nonsense solution for us that KISS.
    0

Please sign in to leave a comment.