I've read the cPanel documentation about DNS clustering. It is still a mystery for me. Our DNS cluster is working. I find the documentation is poorly written, not a beginner friendly and confusing. As the most of the cPanel documentation.
I've got a setup:
DNS ONLY servers:
- maybe in the future there is hosting10.domain.tld, who knows.
These are all existing servers. Currently all the hosting-servers has DNS clustering enabled, using API tokens and using "write-only" role. All the hosting-servers have two DNS Only servers set up this way in the cluster.
I guess this setup is called "direct links" by the documentation. All the hosting-servers have DNS services (pdns or bind) disabled. The hosting-servers use only the cluster DNS.
Is the "write-only" role correct choice at this setup?
The role has been problem for us couple of times when admin created an account and the domain was already used in the cluster. Not a huge problem.
Can I change the role on fly? If "synchronize changes" or "standalone" option is better one? I don't really understand the meaning of these roles. The descriptions are so confusing and really doesn't say anything.
I'm wondering how the "synchronize changes" role would work because there is no DNS service on the hosting-servers at all? What does it synchronize back when there is no DNS service? Have I done a mistake when I disabled the DNS services on the hosting-servers?
What would "standalone" role do in this setup? Would my hosting-servers break up?
There is no DNS cluster settings made on the DNS Only servers. I mean ns1.domain.tld and ns2.domain.tld has clustering disabled. Is this a correct setup?
This is the big one. Both of the DNS Only servers has CentOS 7 (soon EOL) and I have to upgrade them both. I have to replace CentOS 7 with Almalinux 9. Re-install both DNS servers from scratch. I have no clue how to do that and not mess up all the zones and whole cluster.
I expect downtime of course, but how to upgrade DNS Only servers without breaking whole cluster? Can I or should I copy all the zones manually from the old DNS servers to newer ones? Please advice.
The setting "setup reverse trust relationship" is a complete mystery for me. Please explain what it does and why it's recommended? The setting is grayed out (disabled or read-only, I can't enable it) in my DNS cluster settings. Should I enable this setting on the hosting-server's cluster settings? And how to enable it?
Please sign in to leave a comment.